104.243.45.202200 OK 5.9 kB URL User Request GET HTTP/1.1 IP 104.243.45.202:443
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (795), with CRLF line terminators
Hash d3ed05a5ddee2460bba66f38bd1c4243
a6a5fd29d58044995fded7752acdc6fc7ef57c45
a12e9c336e8b0a4031d31835d76c22cae2be62c0cf0cd3b5a6e2dd75c849ed66
GET /e91e5a HTTP/1.1
Host: l5.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Jun 2023 16:17:30 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"49c1-pqX9KdWARJlf3td1Ks3G/H71fEU"
Set-Cookie: connect.sid=s%3Ambd8lowB1IShjmd26onb38a-B6GP5G-v.6CmqCJKO5wfvJMQy3a5gHAhWgiAukHngXuE3kEYzl%2FA; Path=/; Expires=Thu, 01 Jun 2023 16:32:30 GMT; HttpOnly
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 2e49fbb441f0fbebc6ce31ee4abd5600
f586dcfb316f20902e5b479d482f91138efafa28
8fda5c8ae8be7dd24164ca2cf2ea3f0b7271c4735a653e972f69dea503bc24ba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 16:17:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.popcash.net/pop.js
151.139.128.10200 OK 39 kB IP 151.139.128.10:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectcdn.popcash.net
FingerprintBA:A5:15:90:1F:4D:11:F9:C4:30:0E:C7:DB:2E:5D:D5:95:25:92:C9
ValiditySun, 14 May 2023 18:35:47 GMT - Sat, 12 Aug 2023 18:35:46 GMT
File type ASCII text, with very long lines (65390)
Hash 6df59434f0096d6e7e62c980d33510c3
32d32c96a281874e26bfdc96bd397e157e488b92
1ae67c6aba6b2f2f0514e5e79e243eb9aee49d4f90f92442e1cc09c50532c974
GET /pop.js HTTP/1.1
Host: cdn.popcash.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:30 GMT
content-encoding: br
content-length: 39179
content-type: application/javascript
last-modified: Thu, 02 Mar 2023 10:45:34 GMT
accept-ranges: bytes
etag: W/"64007e4e-1f3e1"
cache-control: max-age=2592000, public
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEXLjpRs1YJmT0PZJjStu3aBq6tHeLuMWOVXdcqYdSDNcr1ILi4GYkqK%2BwS2ALwIovHBsvt%2F%2FskzlZV%2FQ4e%2FHlelTC19twSC9bLNbk8AfsBhyq4PeHQfbrG%2FhyQe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c1802ccfcd4b50b-OSL
vary: Accept-Encoding
x-hw: 1685636250.cds202.sk1.hn,1685636250.cds239.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js
142.250.74.164200 OK 556 B URL GET HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint48:E3:15:66:FC:EA:15:BF:D2:34:C1:DD:60:D4:23:A3:63:57:89:8D
ValidityMon, 08 May 2023 08:25:18 GMT - Mon, 31 Jul 2023 08:25:17 GMT
File type ASCII text, with very long lines (850), with no line terminators
Hash df783ce1aff114831a54f9f75f41f66c
33148dcdac51d1a72787969900203bc0316ff82f
f75b96abf98a7f4874b54f268b85ba2b2fa261741afa891097537bcfa1e73fd3
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Thu, 01 Jun 2023 16:17:30 GMT
date: Thu, 01 Jun 2023 16:17:30 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 582908ff8bc13bc9b5422491129d8b0e
8deb8d1987e09761ca90108160cc262f1ee8dffa
daa1cabdc684ac8d98c86cd6aa983b52bb982052a8a7b6632f565a606c85a8b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 16:17:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/UrAfP9jR1p4
142.250.74.131 471 B URL ocsp.pki.goog/s/gts1d4/UrAfP9jR1p4
IP 142.250.74.131:0
Hash ee586dccb2d4cd2c3d773056cb6702e7
87504271b8994060e792a0fb6d31403050035d63
0e67c785a09ac95faf467b80ad40cc61015e776359dfe4b05cbba97b39e337b2
POST /s/gts1d4/UrAfP9jR1p4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 16:17:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 9c320af7047f9368e0536de66d6d2658
2cdb5bfd4bb4ddf85559ff29d06ed964e04119ab
64bb80bd8947d7d658ce8f20fc2bebab85d391bf2baa953c67201ebd194cd1b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 16:17:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
l5.suaurl.com/vendor/fontawesome-free/css/all.min.css
104.243.45.202200 OK 59 kB URL GET HTTP/1.1 l5.suaurl.com/vendor/fontawesome-free/css/all.min.css
IP 104.243.45.202:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type ASCII text, with very long lines (58749)
Hash 870dbf9e3d22ee9d7cd21acc620e107b
61e37af38389d10e3ec44b0f5f05b10978c23768
d9716994f96b14296dd1b21d3e0a73f07ee88e7935d07ebdc51a9df7eb934a10
GET /vendor/fontawesome-free/css/all.min.css HTTP/1.1
Host: l5.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/e91e5a
Cookie: connect.sid=s%3Ambd8lowB1IShjmd26onb38a-B6GP5G-v.6CmqCJKO5wfvJMQy3a5gHAhWgiAukHngXuE3kEYzl%2FA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Jun 2023 16:17:30 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 58935
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:10 GMT
ETag: W/"e637-187ba444c51"
l5.suaurl.com/css/simple-sidebar.css
104.243.45.202200 OK 964 B URL GET HTTP/1.1 l5.suaurl.com/css/simple-sidebar.css
IP 104.243.45.202:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
Hash c7ac0e8149580cdd6b0815f4c213335f
4a51b8f512d3da05f12e2fee19c14b495dbb468d
bbadf10b8cc33816c6a775307b34a90240588e0709d2e2fa2f76ba772e5b0550
GET /css/simple-sidebar.css HTTP/1.1
Host: l5.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/e91e5a
Cookie: connect.sid=s%3Ambd8lowB1IShjmd26onb38a-B6GP5G-v.6CmqCJKO5wfvJMQy3a5gHAhWgiAukHngXuE3kEYzl%2FA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Jun 2023 16:17:30 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 964
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:10 GMT
ETag: W/"3c4-187ba444c49"
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash aaa62c1792576f29afd83c721c769ae2
a91969d4ec40a18844781b9364d60e9ae0cb1b52
3ef969ba686248b09252da03a2effad7d8e09e7192ae1daa6e3b8d0240405c43
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 16:17:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
l5.suaurl.com/css/custom.css
104.243.45.202200 OK 6.7 kB URL GET HTTP/1.1 l5.suaurl.com/css/custom.css
IP 104.243.45.202:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Hash 60fc0009e2b1f35b70af8f0dc4b6d25b
021675a93d81d08ff41198debbfa926c7ab73465
7c28935555587f3cb234c1ce50fa5400ebf9641e56b26657b38ed041635092cf
GET /css/custom.css HTTP/1.1
Host: l5.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/e91e5a
Cookie: connect.sid=s%3Ambd8lowB1IShjmd26onb38a-B6GP5G-v.6CmqCJKO5wfvJMQy3a5gHAhWgiAukHngXuE3kEYzl%2FA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Jun 2023 16:17:30 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 6684
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:10 GMT
ETag: W/"1a1c-187ba444c49"
www.googletagmanager.com/gtag/js?id=UA-162979965-1
142.250.74.72200 OK 64 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-162979965-1
IP 142.250.74.72:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (4372)
Hash 87efe206faeea94daf3105b00746fdae
c88873bc878dfd0fac0bf0b5c0926ce42955e96e
716857d061ae17551d7016810d6fb20afae1cd46aee63ed0aedf08dd3cefc0eb
GET /gtag/js?id=UA-162979965-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Jun 2023 16:17:30 GMT
expires: Thu, 01 Jun 2023 16:17:30 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Jun 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64303
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
l5.suaurl.com/js/capcha.js
104.243.45.202200 OK 3.5 kB URL GET HTTP/1.1 l5.suaurl.com/js/capcha.js
IP 104.243.45.202:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type Unicode text, UTF-8 text, with very long lines (3040), with CRLF line terminators
Hash 505a0953b66a5288b5e9e8a241a74868
af07e310f33ad6f94bb15cb0f0ebec0cee0baa2e
5b0dc65f0f57740aaf6d8fb206fede0506a5ad47dd1698c049cc3f3945eaac6a
GET /js/capcha.js HTTP/1.1
Host: l5.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/e91e5a
Cookie: connect.sid=s%3Ambd8lowB1IShjmd26onb38a-B6GP5G-v.6CmqCJKO5wfvJMQy3a5gHAhWgiAukHngXuE3kEYzl%2FA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Jun 2023 16:17:30 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 3456
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:10 GMT
ETag: W/"d80-187ba444c49"
l5.suaurl.com/vendor/jquery-easing/jquery.easing.min.js
104.243.45.202200 OK 2.5 kB URL GET HTTP/1.1 l5.suaurl.com/vendor/jquery-easing/jquery.easing.min.js
IP 104.243.45.202:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type ASCII text, with very long lines (2532), with no line terminators
Hash e2d41e5c8fed838d9014fea53d45ce75
bde98133f735398b27339c423a817e755329f7d1
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
GET /vendor/jquery-easing/jquery.easing.min.js HTTP/1.1
Host: l5.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/e91e5a
Cookie: connect.sid=s%3Ambd8lowB1IShjmd26onb38a-B6GP5G-v.6CmqCJKO5wfvJMQy3a5gHAhWgiAukHngXuE3kEYzl%2FA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Jun 2023 16:17:30 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2532
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:10 GMT
ETag: W/"9e4-187ba444c69"
l5.suaurl.com/js/sb-admin-2.min.js
104.243.45.202200 OK 1.2 kB URL GET HTTP/1.1 l5.suaurl.com/js/sb-admin-2.min.js
IP 104.243.45.202:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type ASCII text, with very long lines (969)
Hash c6e5141bdef9fc24ce5578c2fe880380
96bfe47e21f710ccac32422add05d7780ba91e46
56e52d69caae577f69c8612dd121147c5ade8c05e23bb490f27d13e010727c50
GET /js/sb-admin-2.min.js HTTP/1.1
Host: l5.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/e91e5a
Cookie: connect.sid=s%3Ambd8lowB1IShjmd26onb38a-B6GP5G-v.6CmqCJKO5wfvJMQy3a5gHAhWgiAukHngXuE3kEYzl%2FA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Jun 2023 16:17:30 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1207
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:10 GMT
ETag: W/"4b7-187ba444c49"
l5.suaurl.com/js/custom.js
104.243.45.202200 OK 968 B URL GET HTTP/1.1 l5.suaurl.com/js/custom.js
IP 104.243.45.202:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type ASCII text, with very long lines (371), with CRLF line terminators
Hash fac06bfe1a8405c65a01001f746ff0e1
514f4780b2296b46f342ba1e111c8b795c149d3a
4239d03ea5fb4426c2cba9a8ea90b23d75aadd8fc51cd1b4d8068923757cc875
GET /js/custom.js HTTP/1.1
Host: l5.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/e91e5a
Cookie: connect.sid=s%3Ambd8lowB1IShjmd26onb38a-B6GP5G-v.6CmqCJKO5wfvJMQy3a5gHAhWgiAukHngXuE3kEYzl%2FA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Jun 2023 16:17:30 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 968
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:10 GMT
ETag: W/"3c8-187ba444c49"
l5.suaurl.com/vendor/bootstrap/js/bootstrap.bundle.min.js
104.243.45.202200 OK 81 kB URL GET HTTP/1.1 l5.suaurl.com/vendor/bootstrap/js/bootstrap.bundle.min.js
IP 104.243.45.202:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type ASCII text, with very long lines (65297)
Hash 7fd2f04e75bd7ab1a79d80cdd4c33085
e02a14457b25e6df2568b772feab4387c00a4934
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
GET /vendor/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: l5.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/e91e5a
Cookie: connect.sid=s%3Ambd8lowB1IShjmd26onb38a-B6GP5G-v.6CmqCJKO5wfvJMQy3a5gHAhWgiAukHngXuE3kEYzl%2FA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Jun 2023 16:17:30 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 81084
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:10 GMT
ETag: W/"13cbc-187ba444c4d"
api.nobeta.com.br/nobetaads&id=suaurl.inter
35.244.156.216200 OK 42 B URL GET HTTP/2 api.nobeta.com.br/nobetaads&id=suaurl.inter
IP 35.244.156.216:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerGoogle Trust Services LLC
Subjectapi.nobeta.com.br
Fingerprint9F:22:0D:38:E2:E5:E1:8B:26:BA:3A:82:F6:69:A2:0D:DA:B9:76:7E
ValidityMon, 22 May 2023 13:14:21 GMT - Sun, 20 Aug 2023 14:07:15 GMT
File type ASCII text, with no line terminators
Hash 11831a201b470ec37b74e8a5f2fe09dc
052cc185172df1744d5069513bf7e8f5cb92dfc1
10efdae0f55e6bd7e73d0a43d1eb4764c67e1e3a14dc1f5e512887ebd0eb4ae1
GET /nobetaads&id=suaurl.inter HTTP/1.1
Host: api.nobeta.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:30 GMT
server: Apache/2.4.29 (Ubuntu)
cache-control: public, max-age=604800
last-modified: Wed, 12 Apr 2023 19:12:15 GMT
content-length: 42
content-type: application/javascript
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 582908ff8bc13bc9b5422491129d8b0e
8deb8d1987e09761ca90108160cc262f1ee8dffa
daa1cabdc684ac8d98c86cd6aa983b52bb982052a8a7b6632f565a606c85a8b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 16:17:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 5b53f2fcda25e30bbbf202b507fac96c
1d1cfb1765f42aba83c3b3e89417b228ed9f0b22
6971f9675ef64b91754cc952302f0a4e9d93b0435625536165dde4c7fe71b235
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 16:17:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
l5.suaurl.com/vendor/jquery/jquery.min.js
104.243.45.202200 OK 90 kB URL GET HTTP/1.1 l5.suaurl.com/vendor/jquery/jquery.min.js
IP 104.243.45.202:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /vendor/jquery/jquery.min.js HTTP/1.1
Host: l5.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/e91e5a
Cookie: connect.sid=s%3Ambd8lowB1IShjmd26onb38a-B6GP5G-v.6CmqCJKO5wfvJMQy3a5gHAhWgiAukHngXuE3kEYzl%2FA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Jun 2023 16:17:30 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 89476
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:10 GMT
ETag: W/"15d84-187ba444c69"
l5.suaurl.com/css/sb-admin-2.min.css
104.243.45.202200 OK 169 kB URL GET HTTP/1.1 l5.suaurl.com/css/sb-admin-2.min.css
IP 104.243.45.202:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type ASCII text, with very long lines (65088)
Size 169 kB (169306 bytes)
Hash 8e4e6a8bdaa4468bed2cfb9aaf1cc5bd
4ff8cd5fa9ecb0bc904f3119680af9459bf12951
00541c2eb2c72c1c58dae8ae4a9d576ee1aa53edb548da98d573a88cf57cea31
GET /css/sb-admin-2.min.css HTTP/1.1
Host: l5.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/e91e5a
Cookie: connect.sid=s%3Ambd8lowB1IShjmd26onb38a-B6GP5G-v.6CmqCJKO5wfvJMQy3a5gHAhWgiAukHngXuE3kEYzl%2FA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Jun 2023 16:17:30 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 169306
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:10 GMT
ETag: W/"2955a-187ba444c49"
ocsp.pki.goog/s/gts1d4/UrAfP9jR1p4
142.250.74.131 471 B URL ocsp.pki.goog/s/gts1d4/UrAfP9jR1p4
IP 142.250.74.131:0
Hash ee586dccb2d4cd2c3d773056cb6702e7
87504271b8994060e792a0fb6d31403050035d63
0e67c785a09ac95faf467b80ad40cc61015e776359dfe4b05cbba97b39e337b2
POST /s/gts1d4/UrAfP9jR1p4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 16:17:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PC2RG39
142.250.74.72200 OK 47 kB URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-PC2RG39
IP 142.250.74.72:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (9671)
Hash cbbbcd86243636586a430e6ce4dcba68
35dcfc4256cdd324ad7258de024f1f67447d5f1f
c4721e0af9b2f979e884db8daab32791366f979ec5511665e4cffec8880695f5
GET /gtm.js?id=GTM-PC2RG39 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Jun 2023 16:17:31 GMT
expires: Thu, 01 Jun 2023 16:17:31 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Jun 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46588
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash fd0c5fcd552e140b1496b4697b18a3a4
264e38a9d130f40f54539a52cba317d16aea03ef
a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 16:17:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.themoneytizer.com/moneybile.js
185.76.9.24200 OK 17 kB URL GET HTTP/2 ads.themoneytizer.com/moneybile.js
IP 185.76.9.24:443
ASN #60068 Datacamp Limited
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint63:1E:82:09:E3:B2:0E:7E:6F:CC:42:29:E6:C2:9C:F2:A6:12:0E:CA
ValidityWed, 10 May 2023 08:47:47 GMT - Tue, 08 Aug 2023 08:47:46 GMT
File type gzip compressed data, from Unix\012- data
Hash c6ba931c459a561dea612152fa379663
a0a6cdd81e7890fd3d9baab4fdfb20589bb642f6
14428df293559133cfc29df91490ba4c346c3326229b64f10322c9dfa79c3bd8
GET /moneybile.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
expires: Fri, 02 Jun 2023 04:04:13 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
server: CDN77-Turbo
x-77-nzt: AblMCRTBmdX/3qsAAA
x-77-nzt-ray: af585630f9879c519bc478640bbf230d
x-accel-expires: @1685678653
x-accel-date: 1685592253
x-cache: HIT
x-age: 43998
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 36 kB URL GET HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://l5.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 16:35:19 GMT
expires: Thu, 30 May 2024 16:35:19 GMT
cache-control: public, max-age=31536000
age: 85332
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 36 kB URL GET HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://l5.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 16:35:19 GMT
expires: Thu, 30 May 2024 16:35:19 GMT
cache-control: public, max-age=31536000
age: 85332
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 36 kB URL GET HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://l5.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 16:35:19 GMT
expires: Thu, 30 May 2024 16:35:19 GMT
cache-control: public, max-age=31536000
age: 85332
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=3
185.76.9.24 3.1 kB URL GET ads.themoneytizer.com/s/gen.js?type=3
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint63:1E:82:09:E3:B2:0E:7E:6F:CC:42:29:E6:C2:9C:F2:A6:12:0E:CA
ValidityWed, 10 May 2023 08:47:47 GMT - Tue, 08 Aug 2023 08:47:46 GMT
File type gzip compressed data, from Unix\012- data
Hash d58f02fefe04efd367b900b6648aae3c
8d00ec5687a401998ddcfcec4f45c52484e092cb
b05fe13d5f900cf8419db055214f0337ad6c034171797a86fcce9c207ee13b48
GET /s/gen.js?type=3 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRT1sJT/3asAAA
x-77-nzt-ray: af585630f9879c519ac47864f3837521
x-accel-expires: @1686197053
x-accel-date: 1685592253
x-cache: HIT
x-age: 43997
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
l5.suaurl.com/img/ads.png
104.243.45.202200 OK 4.0 kB URL GET HTTP/1.1 l5.suaurl.com/img/ads.png
IP 104.243.45.202:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type PNG image data, 303 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash 10d62b67880d34297406e261c48cb930
605880a5522df57d1d712bd54dd3737a4ed8fe11
5e988860df08c118fa9df4f704536caf1bd0bd497ff318e1fd403dfebf84be61
GET /img/ads.png HTTP/1.1
Host: l5.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/e91e5a
Cookie: connect.sid=s%3Ambd8lowB1IShjmd26onb38a-B6GP5G-v.6CmqCJKO5wfvJMQy3a5gHAhWgiAukHngXuE3kEYzl%2FA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Jun 2023 16:17:31 GMT
Content-Type: image/png
Content-Length: 4006
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:10 GMT
ETag: W/"fa6-187ba444c49"
spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
104.22.24.87200 OK 21 kB URL GET HTTP/2 spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
IP 104.22.24.87:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint3B:56:4D:4F:0A:90:47:5B:07:F8:ED:CD:91:23:F7:D5:B3:86:F0:26
ValidityThu, 04 May 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (50946), with NEL line terminators
Hash f5c0fe44bf0b4b64558ae041c2f1f7c4
d51a642bf4440bf3bea2e9f7b3b92de595d8d7ab
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad
GET /mapper.js?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:31 GMT
content-type: application/javascript
cache-control: public, max-age=21600
cf-bgj: minify
cf-polished: origSize=62056
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://www.lovecolumnist.com
expires: Thu, 01 Jun 2023 21:47:40 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 1791
server: cloudflare
cf-ray: 7d08c46ae9fdb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
l5.suaurl.com/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
104.243.45.202200 OK 80 kB URL GET HTTP/1.1 l5.suaurl.com/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
IP 104.243.45.202:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type Web Open Font Format (Version 2), TrueType, length 80328, version 331.589\012- data
Hash 412a43d6840addd683665ec12c30f810
f3be6605dbff23cf22ec3abddd1141a81a99e3aa
0bf1b8d8ac1b4ef0caea0db8cbe1b6a35f8a84a2f5fffa2421936cc11a1a91fc
GET /vendor/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: l5.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/vendor/fontawesome-free/css/all.min.css
Cookie: connect.sid=s%3Ambd8lowB1IShjmd26onb38a-B6GP5G-v.6CmqCJKO5wfvJMQy3a5gHAhWgiAukHngXuE3kEYzl%2FA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Jun 2023 16:17:31 GMT
Content-Type: font/woff2
Content-Length: 80328
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:10 GMT
ETag: W/"139c8-187ba444c69"
www.googletagmanager.com/gtag/js?id=G-C528SSEPW2&l=dataLayer&cx=c
142.250.74.72200 OK 77 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-C528SSEPW2&l=dataLayer&cx=c
IP 142.250.74.72:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (5858)
Hash b11c758fa4e1c67aee11f4a50c7e9a7f
3e91ae1e54dfc1937e457ccfc260d575349a7572
502c051ca7632e3184f8a1853304e59d43d65c3b00514cd4ad39e88a7798ac95
GET /gtag/js?id=G-C528SSEPW2&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Jun 2023 16:17:31 GMT
expires: Thu, 01 Jun 2023 16:17:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76978
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
get.optad360.io/sf/ce3a1978-3c4d-450b-a92e-3f71a52ec219/plugin.min.js
54.230.111.40200 OK 58 kB URL GET HTTP/2 get.optad360.io/sf/ce3a1978-3c4d-450b-a92e-3f71a52ec219/plugin.min.js
IP 54.230.111.40:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerAmazon
Subject*.optad360.io
Fingerprint3F:63:46:F2:3D:9C:21:94:0F:CF:0E:DE:4A:9F:ED:7B:21:E5:77:21
ValidityWed, 01 Mar 2023 00:00:00 GMT - Wed, 15 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash a412a800809635de9f2b38e92e41cd07
e65ba62374c5efd0c490b2d050f8be10373a85d4
a8414613d0ba3153576a2b192b537d047219fcdea9cdf55b14ce58c2b35f39e9
GET /sf/ce3a1978-3c4d-450b-a92e-3f71a52ec219/plugin.min.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 22 Mar 2023 08:02:33 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 01 Jun 2023 16:17:31 GMT
cache-control: public, max-age=86400
etag: W/"a412a800809635de9f2b38e92e41cd07"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZtI9YnmkjClxgVNxGpzGaD_je8cmZ2dc2prlSdUrbdvB1T4DW7D42g==
X-Firefox-Spdy: h2
c.tmyzer.com/c/?s=48659&f=31&fi=99
54.38.64.100200 OK 0 B URL GET HTTP/1.1 c.tmyzer.com/c/?s=48659&f=31&fi=99
IP 54.38.64.100:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectc.tmyzer.com
Fingerprint34:B1:54:5C:5B:09:87:82:2E:95:C0:AF:8A:F9:4B:39:8F:DF:95:E8
ValidityThu, 25 May 2023 04:03:32 GMT - Wed, 23 Aug 2023 04:03:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=48659&f=31&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l5.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 01 Jun 2023 16:17:31 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
access-control-allow-origin: *
x-iplb-request-id: 5B5A2A9A:BF26_36264064:01BB_6478C49B_990A53:13ADC
x-iplb-instance: 38442
onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1685636250776
51.38.120.206204 No Content 0 B URL GET HTTP/2 onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1685636250776
IP 51.38.120.206:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint1B:3E:A7:6D:D6:26:C6:9E:AB:38:DE:9E:22:71:64:8C:9F:91:0B:7B
ValidityWed, 28 Dec 2022 00:00:00 GMT - Sun, 28 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2a897e3f18e6769&cb=1685636250776 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
c.tmyzer.com/c/?s=48659&f=28&fi=99
54.38.64.100200 OK 0 B URL GET HTTP/1.1 c.tmyzer.com/c/?s=48659&f=28&fi=99
IP 54.38.64.100:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectc.tmyzer.com
Fingerprint34:B1:54:5C:5B:09:87:82:2E:95:C0:AF:8A:F9:4B:39:8F:DF:95:E8
ValidityThu, 25 May 2023 04:03:32 GMT - Wed, 23 Aug 2023 04:03:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=48659&f=28&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l5.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 01 Jun 2023 16:17:31 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
access-control-allow-origin: *
x-iplb-request-id: 5B5A2A9A:FA45_36264064:01BB_6478C49B_9AF472:621A
x-iplb-instance: 38438
c.tmyzer.com/c/?s=48659&f=1&fi=99
54.38.64.100200 OK 0 B URL GET HTTP/1.1 c.tmyzer.com/c/?s=48659&f=1&fi=99
IP 54.38.64.100:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectc.tmyzer.com
Fingerprint34:B1:54:5C:5B:09:87:82:2E:95:C0:AF:8A:F9:4B:39:8F:DF:95:E8
ValidityThu, 25 May 2023 04:03:32 GMT - Wed, 23 Aug 2023 04:03:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=48659&f=1&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l5.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 01 Jun 2023 16:17:31 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
access-control-allow-origin: *
x-iplb-request-id: 5B5A2A9A:83DD_36264064:01BB_6478C49B_9B10ED:2C962
x-iplb-instance: 38437
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226 1.4 kB URL ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash a81aadde6e7eb4089a63f29e9f344972
357130dd2889fceabe61c8f214afb2d4f3316528
e340a4a7cde1242de671138425f6519dbd63370f6e1551f2010bf3b1645d49bb
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 16:17:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 05 Jun 2023 14:57:01 GMT
ETag: "357130dd2889fceabe61c8f214afb2d4f3316528"
Last-Modified: Thu, 01 Jun 2023 14:57:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2025
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d08c46ccf2cb51e-OSL
ads.themoneytizer.com/s/gen.js?type=28
185.76.9.24 3.2 kB URL GET ads.themoneytizer.com/s/gen.js?type=28
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint63:1E:82:09:E3:B2:0E:7E:6F:CC:42:29:E6:C2:9C:F2:A6:12:0E:CA
ValidityWed, 10 May 2023 08:47:47 GMT - Tue, 08 Aug 2023 08:47:46 GMT
File type gzip compressed data, from Unix\012- data
Hash 7c83a6e01912ad7bfbec2107c5abc262
5199c40474c11e841635757e3fe4a87cbc719503
a8833c2581e22fe065501dd50c20dfaa82acba993a4d346ebe64eedeb5610db4
GET /s/gen.js?type=28 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRS+xhb/2qsAAA
x-77-nzt-ray: af585630f9879c519ac478643842cb21
x-accel-expires: @1686197056
x-accel-date: 1685592256
x-cache: HIT
x-age: 43994
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
dcba.popcash.net/znWaa3gu
3.222.190.160204 No Content 0 B URL GET HTTP/2 dcba.popcash.net/znWaa3gu
IP 3.222.190.160:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerGlobalSign nv-sa
Subject*.popcash.net
FingerprintE5:4A:AF:FC:6E:09:38:1F:80:80:5B:A0:63:81:58:02:7A:D0:59:15
ValidityWed, 18 May 2022 14:47:09 GMT - Mon, 19 Jun 2023 12:48:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /znWaa3gu HTTP/1.1
Host: dcba.popcash.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l5.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 01 Jun 2023 16:17:31 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 2c62e176f181977a5af9afae79882c4d
cc7a155bbcfbddb36f0eb25d90af3a128413eefe
3b3cd37110d5b1e1435de4a40ccb94d974d1c6651836c02751e79240e834ca9a
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 01 Jun 2023 16:17:31 GMT
Last-Modified: Thu, 01 Jun 2023 15:02:24 GMT
Server: ECAcc (bsa/EB6C)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: llzO_yg6cY0oi32SJ5VTcZ-OAtasXiInRsTowEwK7FJV7hRLSwJsBQ==
Age: 4507
fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
142.250.74.106200 OK 48 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
IP 142.250.74.106:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type gzip compressed data, max compression\012- data
Hash 8395e8e372a2b5805962b758c9884002
561d05dd87dd7c4998f667af679e93bd5f5fc037
e90446242a14243da1be07818739352c38e432d6a4a6aed8d5d74ef9e603783f
GET /css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Jun 2023 16:17:30 GMT
date: Thu, 01 Jun 2023 16:17:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.pbstck.com/collector-afd8383.js
172.67.25.151200 OK 46 kB URL GET HTTP/2 cdn.pbstck.com/collector-afd8383.js
IP 172.67.25.151:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerCloudflare, Inc.
Subjectpbstck.com
FingerprintB9:A6:6E:96:BB:37:3B:41:B8:0F:A1:60:12:9D:DE:53:02:AE:CA:94
ValidityTue, 04 Apr 2023 00:00:00 GMT - Wed, 03 Apr 2024 23:59:59 GMT
Hash 18c5511093136d9f72ef1d2707c5518b
01f748f0e99abb31e1d74d04243227207a7fa6eb
0101587a165f27559652ccd059d87d03c188175bda3b21caa10b7d6853b1f1b5
GET /collector-afd8383.js HTTP/1.1
Host: cdn.pbstck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l5.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:31 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdu6qdv2M-sY_-wXcHpK0AE0sndM3CBHqOqS5OFGBBx8zhjq3N86Nvk_oSwlTWjFMxb7ZHECpoOdTMV2pyg80EqNfjv96pbE
x-goog-generation: 1683791269066244
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 44307
x-goog-hash: crc32c=8l+rzg==, md5=M95i73w0urTIwFmbx2UOCQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 08 Jun 2023 16:02:57 GMT
cache-control: public, max-age=604800, immutable
last-modified: Thu, 11 May 2023 07:47:49 GMT
etag: W/"33de62ef7c34bab4c8c0599bc7650e09"
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
server: cloudflare
cf-ray: 7d08c46cfab6b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=48659&formatId=28
185.76.9.24 73 kB URL GET ads.themoneytizer.com/s/requestform.js?siteId=48659&formatId=28
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint63:1E:82:09:E3:B2:0E:7E:6F:CC:42:29:E6:C2:9C:F2:A6:12:0E:CA
ValidityWed, 10 May 2023 08:47:47 GMT - Tue, 08 Aug 2023 08:47:46 GMT
File type gzip compressed data, from Unix\012- data
Hash 08b1ec7a0c72d2dc71e131f1e436dfbf
e36c7040b02ac18a81d5136d65fe53e418e3d19b
725b69114f6197835a11c2101f4473e960e9f1b2824780db4f01418bd7bef53a
GET /s/requestform.js?siteId=48659&formatId=28 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRSMeAr/PXkAAA
x-77-nzt-ray: af585630f9879c519ac4786455635421
x-accel-expires: @1686210013
x-accel-date: 1685605213
x-cache: HIT
x-age: 31037
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226 1.5 kB URL ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash 8f693bf0078e708f11672f173a6cee9a
d9147e9035b60bdaa8227b7021433ebc272699bb
b3715ccacf70d0ce8d36ca3a35a6d29117d87118b45f9113970deec30f313b71
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 16:17:32 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "42C9C3A3B8519407C29283BA1BB194EF7111FB7E"
Expires: Fri, 02 Jun 2023 03:00:00 GMT
Last-Modified: Thu, 01 Jun 2023 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 711
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d08c46f5b26b529-OSL
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
54.230.245.59200 OK 26 kB URL GET HTTP/1.1 d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
IP 54.230.245.59:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (16085)
Hash 8703fc9eead243fe2f47380e962d7fa2
3d9f707259112fa9ccdd1e676f00eadcff71906c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Date: Wed, 31 May 2023 21:29:11 GMT
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GKHbdUyFxViv0IW2_np7UkaVW91WRFPK8NCzk5S7ro4zE3KpNw4Pxw==
Age: 67701
ocsp.sectigo.com/
104.18.14.101 472 B IP 104.18.14.101:0
Hash e2cf12a5cf2b7f1f22342c9bc0e24414
6602340562475403dbc6dd94fb619696cdae1323
9101d35e35091b381669f51922efde195212db0140d8c05c1e0ea01a4180afb7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 16:17:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 29 May 2023 11:29:53 GMT
Expires: Mon, 05 Jun 2023 11:29:52 GMT
Etag: "6602340562475403dbc6dd94fb619696cdae1323"
Cache-Control: max-age=328355,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d08c46f584f0b59-OSL
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l5.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:49:29 GMT
expires: Tue, 28 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
age: 232083
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=2
104.26.2.70200 OK 43 B URL GET HTTP/2 ad-delivery.net/px.gif?ch=2
IP 104.26.2.70:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:7E:C3:56:0A:04:84:BD:24:32:3D:C3:8E:66:52:26:37:E8:90:D3
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:32 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycduMK75IJMJXhB4y2IDzyAp1ME52Jl3cWMF9oBGWS_oGnU8_4qwtTKVHSk2oQ9k9ARBJ-_dX2e0ZHRyoLVrXTL0mWO2iy0KW
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Thu, 25 May 2023 18:49:56 GMT
cache-control: public, max-age=86400
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 599256
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3a5Du0Zo%2F570Kjx%2B1wRU1NiLiLnMvswV2u4ZIKLvmGteErTWdwoIMD2VywjxEh0cIpkyeoc4KkbYioA9PkXKhLfxLKzf3uiuYWtGxDXsaX9jE9p%2FmwjTFcldku379W9Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d08c4702b69b52d-OSL
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=1&e=0.06575060053278747
104.26.2.70200 OK 43 B URL GET HTTP/2 ad-delivery.net/px.gif?ch=1&e=0.06575060053278747
IP 104.26.2.70:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:7E:C3:56:0A:04:84:BD:24:32:3D:C3:8E:66:52:26:37:E8:90:D3
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=1&e=0.06575060053278747 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:32 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycduMK75IJMJXhB4y2IDzyAp1ME52Jl3cWMF9oBGWS_oGnU8_4qwtTKVHSk2oQ9k9ARBJ-_dX2e0ZHRyoLVrXTL0mWO2iy0KW
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Thu, 25 May 2023 18:49:56 GMT
cache-control: public, max-age=86400
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 599256
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUhsYXedVEycFi0TARkr1LOEsy6BMsbgsZrWJf6N2ImTiwxncFQZA8EYuKYzIPgMNHcZgzkgUDy5FXkrY%2Fk0C52b5LCfHSVziDkrf4eJ%2Fvf1fJ3W0%2FKw4fyikTHnrg7VCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d08c4702b6cb52d-OSL
X-Firefox-Spdy: h2
l5.suaurl.com/img/faicon.png
104.243.45.202200 OK 14 kB URL GET HTTP/1.1 l5.suaurl.com/img/faicon.png
IP 104.243.45.202:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 00966e069b8d4fc3fa979a6b61a6ce28
03b27f044fbf1ccfbd38c06958766b3b4d5cc1aa
e657b17aaf6e31e684fa251710929bbf83fc0245d6c0a8dc69d2a13d2430f87e
GET /img/faicon.png HTTP/1.1
Host: l5.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/e91e5a
Cookie: connect.sid=s%3Ambd8lowB1IShjmd26onb38a-B6GP5G-v.6CmqCJKO5wfvJMQy3a5gHAhWgiAukHngXuE3kEYzl%2FA; _ga_C528SSEPW2=GS1.1.1685636251.1.0.1685636251.0.0.0; _ga=GA1.1.2045736873.1685636251; clever-last-tracker-57155=1; clever-counter-57155=0-1; _pbjs_userid_consent_data=6683316680106290; _sharedID=ad024a2c-6bfe-45a1-8110-b25a7a3ce41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Jun 2023 16:17:32 GMT
Content-Type: image/png
Content-Length: 13715
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:10 GMT
ETag: W/"3593-187ba444c49"
ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
142.250.74.42200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP 142.250.74.42:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type ASCII text, with very long lines (32034)
Hash d0212568ce69457081dacf84e327fa5c
d6702a1af0378b2342f6a0692e77c169f580aed7
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
GET /ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 18:02:09 GMT
expires: Thu, 30 May 2024 18:02:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 80123
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sender.clevernt.com/transporter/57155.php?id=577384&ref=aHR0cHM6Ly9sNS5zdWF1cmwuY29tL2U5MWU1YQ%3D%3D&ruri=&r=892139898&tok=33419711310201791433&t=1685636251&cmpId=&fb=0&wl=0&sf=0&bw=RmlyZWZveA%3D%3D&b=0&m=0&p=TGludXg%3D&iv=-1&ctr=NO&sz=1024&landing=1&hei=307.2&ts=0.202
148.69.64.76200 OK 553 B URL GET HTTP/2 sender.clevernt.com/transporter/57155.php?id=577384&ref=aHR0cHM6Ly9sNS5zdWF1cmwuY29tL2U5MWU1YQ%3D%3D&ruri=&r=892139898&tok=33419711310201791433&t=1685636251&cmpId=&fb=0&wl=0&sf=0&bw=RmlyZWZveA%3D%3D&b=0&m=0&p=TGludXg%3D&iv=-1&ctr=NO&sz=1024&landing=1&hei=307.2&ts=0.202
IP 148.69.64.76:443
ASN #12353 Vodafone Portugal - Communicacoes Pessoais S.A.
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerSectigo Limited
Subject*.clevernt.com
FingerprintC2:9C:D7:E7:1B:55:FC:15:B4:71:15:B2:9C:35:91:3E:D9:9E:C4:A8
ValidityTue, 17 Jan 2023 00:00:00 GMT - Wed, 17 Jan 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 5b8cd36326e7163c80ba850c4d401c8e
19bc7ae3b416ce1f1b3e5475fc7e8a959e7bc7d5
4c4fce6c0c9be1a1dee33bd47c5f77a284ef55c01847f7ac9a44124fca3e4511
GET /transporter/57155.php?id=577384&ref=aHR0cHM6Ly9sNS5zdWF1cmwuY29tL2U5MWU1YQ%3D%3D&ruri=&r=892139898&tok=33419711310201791433&t=1685636251&cmpId=&fb=0&wl=0&sf=0&bw=RmlyZWZveA%3D%3D&b=0&m=0&p=TGludXg%3D&iv=-1&ctr=NO&sz=1024&landing=1&hei=307.2&ts=0.202 HTTP/1.1
Host: sender.clevernt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 16:17:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
52.48.196.143200 OK 20 B URL GET HTTP/1.1 adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
IP 52.48.196.143:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerAmazon
Subject*.adleadevent.com
Fingerprint65:80:33:93:C0:64:B8:15:CE:E4:57:0F:89:95:9E:E2:41:29:DC:0F
ValidityMon, 13 Feb 2023 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 HTTP/1.1
Host: adtrack.adleadevent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l5.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://l5.suaurl.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Thu, 01 Jun 2023 16:17:32 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Thu, 01 Jun 2023 16:17:32 GMT
Pragma: no-cache
Server: Apache
Set-Cookie: AWSELB=9FC54D150466C174912E5199B1F8E822A79961F4596BFB1311DF4AD552FFCAECC412B5A4F8D63A2A90D1DB19587375008B81DF393E46C0AEB40A8EC769662133B964A72527;PATH=/
AWSELBCORS=9FC54D150466C174912E5199B1F8E822A79961F4596BFB1311DF4AD552FFCAECC412B5A4F8D63A2A90D1DB19587375008B81DF393E46C0AEB40A8EC769662133B964A72527;PATH=/;SECURE;SAMESITE=None
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive
boot.pbstck.com/v1/tag/6e61ab96-91d5-4e4f-b888-789033f2f782
104.22.0.93200 OK 1.2 kB URL GET HTTP/2 boot.pbstck.com/v1/tag/6e61ab96-91d5-4e4f-b888-789033f2f782
IP 104.22.0.93:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerCloudflare, Inc.
Subjectpbstck.com
FingerprintB9:A6:6E:96:BB:37:3B:41:B8:0F:A1:60:12:9D:DE:53:02:AE:CA:94
ValidityTue, 04 Apr 2023 00:00:00 GMT - Wed, 03 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (1313), with no line terminators
Hash 614e78ccb71b6710361a05cd5a2975fc
e2bc1cd8cd6805b3102b65a8fc77dded5c7d277c
d9115f8fe80f3f4d812b20e154a09171318ec51c0a806b3de202a6c6d2293bcb
GET /v1/tag/6e61ab96-91d5-4e4f-b888-789033f2f782 HTTP/1.1
Host: boot.pbstck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:31 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d08c46b0c02b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
c.tmyzer.com/c/?s=48659&f=3&fi=99
54.38.64.100200 OK 0 B URL GET HTTP/1.1 c.tmyzer.com/c/?s=48659&f=3&fi=99
IP 54.38.64.100:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subjectc.tmyzer.com
Fingerprint34:B1:54:5C:5B:09:87:82:2E:95:C0:AF:8A:F9:4B:39:8F:DF:95:E8
ValidityThu, 25 May 2023 04:03:32 GMT - Wed, 23 Aug 2023 04:03:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=48659&f=3&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l5.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Thu, 01 Jun 2023 16:17:31 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
access-control-allow-origin: *
x-iplb-request-id: 5B5A2A9A:4672_36264064:01BB_6478C49B_99339E:21E4E
x-iplb-instance: 24858
get.optad360.io/sf/prebid7.17.0.js
54.230.111.40200 OK 504 kB URL GET HTTP/2 get.optad360.io/sf/prebid7.17.0.js
IP 54.230.111.40:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerAmazon
Subject*.optad360.io
Fingerprint3F:63:46:F2:3D:9C:21:94:0F:CF:0E:DE:4A:9F:ED:7B:21:E5:77:21
ValidityWed, 01 Mar 2023 00:00:00 GMT - Wed, 15 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (64496)
Size 504 kB (504152 bytes)
Hash 840fa482840c0b1f014b3c14f6e0ab2e
c9746910146e09cd4d64d5183a61ba7bdf0161ae
529d5a06e1e90ceadfad7e6c2eaed6e9b868a35798345d5431c90f6024f15b55
GET /sf/prebid7.17.0.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 12 May 2023 20:07:03 GMT
last-modified: Mon, 03 Oct 2022 06:53:57 GMT
etag: W/"840fa482840c0b1f014b3c14f6e0ab2e"
cache-control: public, max-age=360000000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MbkDOVNfR-FIaRpOZGysUA_w9WKz9FV7HbUUj1rWzFv51gFtw-7ftQ==
age: 1714229
X-Firefox-Spdy: h2
ui.cleverwebserver.com/
104.18.25.246200 OK 161 B IP 104.18.25.246:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerCloudflare, Inc.
Subjectcleverwebserver.com
FingerprintEF:45:E2:48:2B:D0:01:F7:D5:BB:45:23:DB:C5:3E:C4:E1:20:13:EC
ValidityTue, 06 Sep 2022 00:00:00 GMT - Tue, 05 Sep 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 427d569cd4338e3e2aacee49fe8456aa
1dc27d2f83d20c8c2ba63455a6df70cc8aeb19be
b261815796aa562a5f059673d3dcb4bf9fba9c743a6a2c29e8bcbed9b6b0405c
GET / HTTP/1.1
Host: ui.cleverwebserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:31 GMT
content-type: application/javascript
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d08c46ccf490b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
cmp.optad360.io/items/300d3285-f4f8-41c1-8646-51e981aaafa7.min.js
54.230.111.106200 OK 261 kB URL GET HTTP/2 cmp.optad360.io/items/300d3285-f4f8-41c1-8646-51e981aaafa7.min.js
IP 54.230.111.106:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerAmazon
Subject*.optad360.io
Fingerprint3F:63:46:F2:3D:9C:21:94:0F:CF:0E:DE:4A:9F:ED:7B:21:E5:77:21
ValidityWed, 01 Mar 2023 00:00:00 GMT - Wed, 15 Nov 2023 23:59:59 GMT
Size 261 kB (261121 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /items/300d3285-f4f8-41c1-8646-51e981aaafa7.min.js HTTP/1.1
Host: cmp.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 25 May 2023 19:53:07 GMT
last-modified: Wed, 15 Mar 2023 12:14:26 GMT
etag: W/"03ea4bff6e3260d734478be250818b0a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eR5cPVsx8jj7oQt7oSbIhuSzv-RxIne1ispQn1UtC5jqAHPPTxe9pw==
age: 591864
X-Firefox-Spdy: h2
p.cpx.to/p/12763/px.js
54.154.228.198200 OK 4.0 kB IP 54.154.228.198:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerSectigo Limited
Subjectp.cpx.to
FingerprintB7:D4:04:01:07:C8:6E:F6:F4:A7:B7:F7:0A:5D:BE:2E:A4:E2:2D:D7
ValidityThu, 12 Jan 2023 00:00:00 GMT - Sat, 13 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (4166), with no line terminators
Hash d058465841d1e66d7af1584b7c2c9f55
308ab49273cd447253d848187199f792f70c1679
69deeb9b7614a21274fabbbdb23ab058cd908870e5a74c9f2787fc73feaa3b19
GET /p/12763/px.js HTTP/1.1
Host: p.cpx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:31 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=7200, public
X-Firefox-Spdy: h2
optad360.mgr.consensu.org/cmp/v2/translations/v4/en.json
54.230.111.74200 OK 4.2 kB URL GET HTTP/2 optad360.mgr.consensu.org/cmp/v2/translations/v4/en.json
IP 54.230.111.74:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerAmazon
Subjectoptad360.mgr.consensu.org
Fingerprint8B:C9:3E:15:55:54:9D:7D:D5:33:ED:A1:0C:42:F1:34:C2:8A:B0:0A
ValiditySun, 23 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (4427), with no line terminators
Hash b0c52320a9ee878139418b07ad1558c2
18b4a2bdf72bc1a27f92a3dc17e027810139da72
7e6265dd3f1820d715f808f94dd8b4b84d99b00ba02aa7d9d97456ea4265af04
GET /cmp/v2/translations/v4/en.json HTTP/1.1
Host: optad360.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l5.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Thu, 29 Oct 2020 12:24:15 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 01 Jun 2023 06:35:20 GMT
cache-control: public, max-age=360000000
etag: W/"e3fe984dfb883f99b54c331403be617b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: weBhDNm16AGRymHwxRyuNJG8wRI1unAjk5SljTIdaX5SjIvcgVi47w==
age: 34932
X-Firefox-Spdy: h2
scripts.cleverwebserver.com/8a6f7bff61eadc7c53c8a91cbc98b656.js
104.18.25.246200 OK 135 kB URL GET HTTP/2 scripts.cleverwebserver.com/8a6f7bff61eadc7c53c8a91cbc98b656.js
IP 104.18.25.246:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerCloudflare, Inc.
Subjectcleverwebserver.com
FingerprintEF:45:E2:48:2B:D0:01:F7:D5:BB:45:23:DB:C5:3E:C4:E1:20:13:EC
ValidityTue, 06 Sep 2022 00:00:00 GMT - Tue, 05 Sep 2023 23:59:59 GMT
Size 135 kB (135403 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /8a6f7bff61eadc7c53c8a91cbc98b656.js HTTP/1.1
Host: scripts.cleverwebserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:31 GMT
content-type: application/javascript
x-amz-id-2: xaD8xMamQycYx9LNsYqF2g3zjzQTNBw/HSst4c7TmZLgutJBmZX5zlh3DksgUdT02wvSm4hG7jg=
x-amz-request-id: KB2PPMWDMK0RKRBX
last-modified: Fri, 12 May 2023 15:01:37 GMT
x-amz-version-id: xIGR492TMZn16iT2IERavQY6d2j6hY7h
etag: W/"bdc73e7607e97dd9034405d3903ffb1a"
cf-cache-status: HIT
age: 903
expires: Thu, 01 Jun 2023 16:47:31 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d08c46b3da60b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230601
151.101.1.229200 OK 1.6 kB URL GET HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230601
IP 151.101.1.229:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1725), with no line terminators
Hash 2c7f761eff806bf040094d01d8c294ba
e4227d952225400cebfd82bc037d415eefa57d99
9ee6e6dcefb6ebeb8e7bd061e9ccd07474c480c53206fcfd357b81d0c7841ce5
GET /gh/prebid/currency-file@1/latest.json?date=20230601 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://l5.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1710
x-jsd-version-type: version
etag: W/"633-z/gT84D98EpLrQY477C71RmbHQs"
content-encoding: br
accept-ranges: bytes
date: Thu, 01 Jun 2023 16:17:31 GMT
age: 1000
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1639-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 923
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=48659&formatId=1
0.0.0.0 0 B URL GET ads.themoneytizer.com/s/requestform.js?siteId=48659&formatId=1
IP 0.0.0.0:0
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint63:1E:82:09:E3:B2:0E:7E:6F:CC:42:29:E6:C2:9C:F2:A6:12:0E:CA
ValidityWed, 10 May 2023 08:47:47 GMT - Tue, 08 Aug 2023 08:47:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/requestform.js?siteId=48659&formatId=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRRGoyH/PXkAAA
x-77-nzt-ray: af585630f9879c519ac47864157c9c21
x-accel-expires: @1686210013
x-accel-date: 1685605213
x-cache: HIT
x-age: 31037
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=48659&formatId=31
0.0.0.0 0 B URL GET ads.themoneytizer.com/s/requestform.js?siteId=48659&formatId=31
IP 0.0.0.0:0
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint63:1E:82:09:E3:B2:0E:7E:6F:CC:42:29:E6:C2:9C:F2:A6:12:0E:CA
ValidityWed, 10 May 2023 08:47:47 GMT - Tue, 08 Aug 2023 08:47:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/requestform.js?siteId=48659&formatId=31 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRQ6ZAL/PXkAAA
x-77-nzt-ray: af585630f9879c519ac478648cb43422
x-accel-expires: @1686210013
x-accel-date: 1685605213
x-cache: HIT
x-age: 31037
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
btloader.com/tag?o=5756097762689024&upapi=true
104.26.6.139200 OK 26 kB URL GET HTTP/2 btloader.com/tag?o=5756097762689024&upapi=true
IP 104.26.6.139:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:02:37:24:FE:31:73:D9:E5:C2:16:59:EE:BA:F8:45:83:AB:6A:30
ValidityFri, 05 Aug 2022 00:00:00 GMT - Sat, 05 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (25716)
Hash c19870f82a070fd30823fa74fb5376b0
c7afa05abc1f581c3f5e48520347ff46aa9b7feb
6b8a147bdc94b04acfa8e836f254d0ae113acc8ce45d263da2766380bae545a9
GET /tag?o=5756097762689024&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:32 GMT
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
etag: W/"25f7f9fa637ac37af096a6e54b304bb5"
last-modified: Thu, 01 Jun 2023 15:45:49 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 1899
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUVFyrIEjkYCjpNlq2tT0LsU8ILEQ0YL%2BzHYmCbl4t4BzcQJ3LMWAK43aMq1GDmImBVYJv5rnk4yHMaXs%2BOxZTlw9fqpZVZj0Ux%2BI%2BR7gR3%2FR9PTVXHsZ0zQiZX2hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d08c46f8d11b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=1
0.0.0.0 0 B URL GET ads.themoneytizer.com/s/gen.js?type=1
IP 0.0.0.0:0
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint63:1E:82:09:E3:B2:0E:7E:6F:CC:42:29:E6:C2:9C:F2:A6:12:0E:CA
ValidityWed, 10 May 2023 08:47:47 GMT - Tue, 08 Aug 2023 08:47:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/gen.js?type=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRTIQoX/3asAAA
x-77-nzt-ray: af585630f9879c519ac47864489fd921
x-accel-expires: @1686197053
x-accel-date: 1685592253
x-cache: HIT
x-age: 43997
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=31
0.0.0.0 0 B URL GET ads.themoneytizer.com/s/gen.js?type=31
IP 0.0.0.0:0
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint63:1E:82:09:E3:B2:0E:7E:6F:CC:42:29:E6:C2:9C:F2:A6:12:0E:CA
ValidityWed, 10 May 2023 08:47:47 GMT - Tue, 08 Aug 2023 08:47:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/gen.js?type=31 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRRKXZ3/3asAAA
x-77-nzt-ray: af585630f9879c519ac478645c092722
x-accel-expires: @1686197053
x-accel-date: 1685592253
x-cache: HIT
x-age: 43997
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-WS7SWNV
142.250.74.72200 OK 124 kB URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-WS7SWNV
IP 142.250.74.72:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (12166)
Size 124 kB (123936 bytes)
Hash 68cffabe82325def03b1705d2c9db655
25b802d0a1aa8798a6f0ef222894d55427f4fbdf
520808a677e3fb139f2d75e1a2c12317703cd5ccedc35138825ddc77066072cd
GET /gtm.js?id=GTM-WS7SWNV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Jun 2023 16:17:31 GMT
expires: Thu, 01 Jun 2023 16:17:31 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Jun 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46909
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ads.themoneytizer.com/s/requestform.js?siteId=48659&formatId=3
0.0.0.0 0 B URL GET ads.themoneytizer.com/s/requestform.js?siteId=48659&formatId=3
IP 0.0.0.0:0
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint63:1E:82:09:E3:B2:0E:7E:6F:CC:42:29:E6:C2:9C:F2:A6:12:0E:CA
ValidityWed, 10 May 2023 08:47:47 GMT - Tue, 08 Aug 2023 08:47:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/requestform.js?siteId=48659&formatId=3 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRSXsgb/86UAAA
x-77-nzt-ray: af585630f9879c519ac478643c407b21
x-accel-expires: @1686198567
x-accel-date: 1685593767
x-cache: HIT
x-age: 42483
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
scripts.cleverwebserver.com/e6de69552960e2a2af8c824b52374b0e.js
104.18.25.246200 OK 133 kB URL GET HTTP/2 scripts.cleverwebserver.com/e6de69552960e2a2af8c824b52374b0e.js
IP 104.18.25.246:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerCloudflare, Inc.
Subjectcleverwebserver.com
FingerprintEF:45:E2:48:2B:D0:01:F7:D5:BB:45:23:DB:C5:3E:C4:E1:20:13:EC
ValidityTue, 06 Sep 2022 00:00:00 GMT - Tue, 05 Sep 2023 23:59:59 GMT
Size 133 kB (133396 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e6de69552960e2a2af8c824b52374b0e.js HTTP/1.1
Host: scripts.cleverwebserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:31 GMT
content-type: application/javascript
x-amz-id-2: z3GS57NxLYgxHwPu/HzHhvUlsJD/oC+ey/bPpHk2YNJZZqf0KWH36bAByFCoVeJorLAOJUGXEng=
x-amz-request-id: RFWJ31SPS5FM4PPS
last-modified: Wed, 31 May 2023 10:42:26 GMT
x-amz-version-id: GShwZrAMQQMfCzJEAPrjpZ2Uch_M65RJ
etag: W/"7ff0977c7b66d4616188d53945681383"
cf-cache-status: HIT
age: 903
expires: Thu, 01 Jun 2023 16:47:31 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d08c46b3da80b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
optad360.mgr.consensu.org/icons/branding-ads.svg
54.230.111.74200 OK 7.4 kB URL GET HTTP/2 optad360.mgr.consensu.org/icons/branding-ads.svg
IP 54.230.111.74:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerAmazon
Subjectoptad360.mgr.consensu.org
Fingerprint8B:C9:3E:15:55:54:9D:7D:D5:33:ED:A1:0C:42:F1:34:C2:8A:B0:0A
ValiditySun, 23 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7833), with no line terminators
Hash b9ed77c084ebc5ccb94251ba703c65ec
18f3dfac801ba769376e88a8e613216594cc010c
7634fddf32b8b57a979c0f5730a9491feffd56e663615906020617730cbbd4dc
GET /icons/branding-ads.svg HTTP/1.1
Host: optad360.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 31 May 2023 19:37:33 GMT
cache-control: public, max-age=360000000
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f8B3-mlBNG67HszMmTOyRMFfe_6W0AQqd_Jog4-XYswrVdHzsjY18w==
age: 74398
X-Firefox-Spdy: h2
call.cleverwebserver.com/?id=57155&c=NO&r=03&l=165&b=Firefox&os=Linux&mob=0&v=1.41.7&ref=aHR0cHM6Ly9sNS5zdWF1cmwuY29tL2U5MWU1YQ%3D%3D&ruri=&iv=-1&ctr=NO&sz=1024
104.18.25.246200 OK 43 B URL GET HTTP/2 call.cleverwebserver.com/?id=57155&c=NO&r=03&l=165&b=Firefox&os=Linux&mob=0&v=1.41.7&ref=aHR0cHM6Ly9sNS5zdWF1cmwuY29tL2U5MWU1YQ%3D%3D&ruri=&iv=-1&ctr=NO&sz=1024
IP 104.18.25.246:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerCloudflare, Inc.
Subjectcleverwebserver.com
FingerprintEF:45:E2:48:2B:D0:01:F7:D5:BB:45:23:DB:C5:3E:C4:E1:20:13:EC
ValidityTue, 06 Sep 2022 00:00:00 GMT - Tue, 05 Sep 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /?id=57155&c=NO&r=03&l=165&b=Firefox&os=Linux&mob=0&v=1.41.7&ref=aHR0cHM6Ly9sNS5zdWF1cmwuY29tL2U5MWU1YQ%3D%3D&ruri=&iv=-1&ctr=NO&sz=1024 HTTP/1.1
Host: call.cleverwebserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:31 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d08c46e49430b41-OSL
X-Firefox-Spdy: h2
spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
104.22.24.87200 OK 239 B URL GET HTTP/2 spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
IP 104.22.24.87:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint3B:56:4D:4F:0A:90:47:5B:07:F8:ED:CD:91:23:F7:D5:B3:86:F0:26
ValidityThu, 04 May 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 4cbdf02143f16bb55139b921c8c077f2
443bee786097ea654ea1c68a11ff652d4cb50254
76e078e63de27f4d817bfa5d7d984826b6a2157a55bd564cd23f9878070a470f
GET /?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l5.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:31 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://l5.suaurl.com
set-cookie: zc=8241f394-7c42-4b5c-74ef-254e1619d9cd; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
zsc=%C2%21x%AA%87%0F%BBR%AEU%B9%B5%9FqKa%5D7%3D%A8%9C%BB%F2W%3AM%97%0A%19%F7%CC%3C%ED%D7%EA%B9m%08kC%FB%7D%E6%D0v%CF%B4%81%F7%9D%99%B8%F18%E9-6%0D%EE%9F%E6Uz%28%AEh%40%9E%8B%5E%0F0%FDj%F9%C6%F5%C8%88q%B7P%DD; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d08c46ccc84b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
optad360.mgr.consensu.org/cmp/v2/vendor-list.json
54.230.111.74200 OK 552 kB URL GET HTTP/2 optad360.mgr.consensu.org/cmp/v2/vendor-list.json
IP 54.230.111.74:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerAmazon
Subjectoptad360.mgr.consensu.org
Fingerprint8B:C9:3E:15:55:54:9D:7D:D5:33:ED:A1:0C:42:F1:34:C2:8A:B0:0A
ValiditySun, 23 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (1068)
Size 552 kB (551799 bytes)
Hash fc2ec65f9cf17067ac2746e0e0bade13
69afc8f20a993f956a487d73fb8ae5bf0eca8504
a21b20c52fbc7ca1897d496862d422e5ce453e50d57d0defda0af7e09c904d35
GET /cmp/v2/vendor-list.json HTTP/1.1
Host: optad360.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l5.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
date: Thu, 01 Jun 2023 12:25:12 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Fri, 19 May 2023 08:47:37 GMT
etag: W/"fc2ec65f9cf17067ac2746e0e0bade13"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604802
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KbXUjV-uU_oNz3kNJJHlaD3tkylxvSMkUQffxMWUYjAtEY-dJHneqw==
age: 13941
X-Firefox-Spdy: h2
ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
185.76.9.24200 OK 567 kB URL GET HTTP/2 ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
IP 185.76.9.24:443
ASN #60068 Datacamp Limited
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint63:1E:82:09:E3:B2:0E:7E:6F:CC:42:29:E6:C2:9C:F2:A6:12:0E:CA
ValidityWed, 10 May 2023 08:47:47 GMT - Tue, 08 Aug 2023 08:47:46 GMT
File type ASCII text, with very long lines (64219)
Size 567 kB (567176 bytes)
Hash d9f3b5754080949608464a92374aed3f
92e405f9c0e6eb9ea28028c440c24122104e81df
bf9d426bddf1549d939f6c2f6cade58dc46016eddb50a828a5cb918a6027223a
GET /moneybid7_44/build/dist/prebid.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l5.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 16:17:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 18 May 2023 19:09:28 GMT
expires: Fri, 02 Jun 2023 04:04:12 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
server: CDN77-Turbo
x-77-nzt: AblMCRQsIj3/36sAAA
x-77-nzt-ray: af585630f9879c519bc47864ef2e9f12
x-accel-expires: @1685678652
x-accel-date: 1685592252
x-cache: HIT
x-age: 43999
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
optad360.mgr.consensu.org/cmp/v2/cmp-3.7.0.min.js
54.230.111.74200 OK 709 kB URL GET HTTP/2 optad360.mgr.consensu.org/cmp/v2/cmp-3.7.0.min.js
IP 54.230.111.74:443
Requested by https://l5.suaurl.com/e91e5a
Certificate IssuerAmazon
Subjectoptad360.mgr.consensu.org
Fingerprint8B:C9:3E:15:55:54:9D:7D:D5:33:ED:A1:0C:42:F1:34:C2:8A:B0:0A
ValiditySun, 23 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
Size 709 kB (709448 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cmp/v2/cmp-3.7.0.min.js HTTP/1.1
Host: optad360.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 20 Feb 2023 09:42:50 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 01 Jun 2023 09:47:24 GMT
cache-control: public, max-age=360000000
etag: W/"48a5b65b05ae0f4e57e237d6c10b993c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BGdnXxz9WH1kJj86OUjbdzVgJvsyazhsdI-SNGhmC41TZtM-XJ4fWg==
age: 23411
X-Firefox-Spdy: h2