104.243.45.202302 Found 100 B URL User Request GET HTTP/1.1 IP 104.243.45.202:443
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type HTML document, ASCII text, with no line terminators
Hash 7fd4cabe43654d827670600f24a556e9
212d7ead7013e9e6ee91fceca23467dd0108f11b
54fc07884922c37710d975ace7f6e413500f4b0225eff4b3e2a25aa68473f6c2
GET /20ea47 HTTP/1.1
Host: suaads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 100
Connection: keep-alive
X-Powered-By: Express
Location: https://l3.suaurl.com/20ea47
Vary: Accept
104.243.45.202200 OK 6.9 kB URL User Request GET HTTP/1.1 IP 104.243.45.202:443
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 0aec07f0afdb3ffbe33bf58280a1ed53
626ee6e9504a007729747a37d325c97bf26f2a1d
765c373088724f3d30c312a756d5367bb1642c6473135432a8eb1c14733bfdec
GET /20ea47 HTTP/1.1
Host: l3.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"579c-Ym7m6VBKAHcpdHo30yXJe/JvKh0"
Set-Cookie: connect.sid=s%3AueWTCAnfO5IESQNDscN_EAeAFPrQacJJ.UGlvcsYTEppwN9i1leiLLNdK9TC4MuJ%2BB3Fruiz1EFw; Path=/; Expires=Mon, 29 May 2023 21:08:10 GMT; HttpOnly
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash b85157c1ca7989c7bf757e43d01632f7
e32bb00f069d897e00c56cec96155d2c351b5d67
e30b4636b7524d0ebbfa9ad57b4d5d9188420ff139437bf8664920391569286f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 20:53:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash d064cee448396618dd3b4e91c8ff9bd1
4e32647996abca8dfea7bcfb43b0655a3e597650
62330fac13ae462bab4a742d9aa76d8bb8aa06d3d68b3b49072ce5a2953ba9cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 20:53:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash ca8cca05e813856677c0ba3133770742
688ee02bc307e73cef39bb1f1747b3e8845cecef
9f6e94f2196a935cb4dfe085aa6a3528a310faf58816e949dca6130e6dc8a41a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 20:53:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/UrAfP9jR1p4
142.250.74.131 471 B URL ocsp.pki.goog/s/gts1d4/UrAfP9jR1p4
IP 142.250.74.131:0
Hash b156f2a1352560d12aa9fce11c606d52
0a99bfbd27a7a4221caa3ebbb50bf0ffb731228c
a0d1952f042423a9efbb2b2d9fbf4a593162cccdcadb63b7690d2f631c7e03b5
POST /s/gts1d4/UrAfP9jR1p4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 20:53:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.132200 OK 556 B URL GET HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.132:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint48:E3:15:66:FC:EA:15:BF:D2:34:C1:DD:60:D4:23:A3:63:57:89:8D
ValidityMon, 08 May 2023 08:25:18 GMT - Mon, 31 Jul 2023 08:25:17 GMT
File type ASCII text, with very long lines (850), with no line terminators
Hash df783ce1aff114831a54f9f75f41f66c
33148dcdac51d1a72787969900203bc0316ff82f
f75b96abf98a7f4874b54f268b85ba2b2fa261741afa891097537bcfa1e73fd3
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Mon, 29 May 2023 20:53:11 GMT
date: Mon, 29 May 2023 20:53:11 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-162979965-1
142.250.74.168200 OK 64 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-162979965-1
IP 142.250.74.168:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (4372)
Hash 266d0f8c446fdc3332a8c8c1e495bb97
79906d9fa21c4d4dc3f446212b0d1a8fbb8b44c8
724e99a1b32cb785cae9d008a2e5b65fe862fce8b355ce33ab0ea1b510d28804
GET /gtag/js?id=UA-162979965-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 29 May 2023 20:53:11 GMT
expires: Mon, 29 May 2023 20:53:11 GMT
cache-control: private, max-age=900
last-modified: Mon, 29 May 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 63707
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
l3.suaurl.com/vendor/fontawesome-free/css/all.min.css
104.243.45.202200 OK 59 kB URL GET HTTP/1.1 l3.suaurl.com/vendor/fontawesome-free/css/all.min.css
IP 104.243.45.202:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type ASCII text, with very long lines (58749)
Hash 870dbf9e3d22ee9d7cd21acc620e107b
61e37af38389d10e3ec44b0f5f05b10978c23768
d9716994f96b14296dd1b21d3e0a73f07ee88e7935d07ebdc51a9df7eb934a10
GET /vendor/fontawesome-free/css/all.min.css HTTP/1.1
Host: l3.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/20ea47
Cookie: connect.sid=s%3AueWTCAnfO5IESQNDscN_EAeAFPrQacJJ.UGlvcsYTEppwN9i1leiLLNdK9TC4MuJ%2BB3Fruiz1EFw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:11 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 58935
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:03 GMT
ETag: W/"e637-187ba442e9d"
l3.suaurl.com/css/simple-sidebar.css
104.243.45.202200 OK 964 B URL GET HTTP/1.1 l3.suaurl.com/css/simple-sidebar.css
IP 104.243.45.202:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
Hash c7ac0e8149580cdd6b0815f4c213335f
4a51b8f512d3da05f12e2fee19c14b495dbb468d
bbadf10b8cc33816c6a775307b34a90240588e0709d2e2fa2f76ba772e5b0550
GET /css/simple-sidebar.css HTTP/1.1
Host: l3.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/20ea47
Cookie: connect.sid=s%3AueWTCAnfO5IESQNDscN_EAeAFPrQacJJ.UGlvcsYTEppwN9i1leiLLNdK9TC4MuJ%2BB3Fruiz1EFw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:11 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 964
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:03 GMT
ETag: W/"3c4-187ba442e91"
l3.suaurl.com/css/custom.css
104.243.45.202200 OK 6.7 kB URL GET HTTP/1.1 l3.suaurl.com/css/custom.css
IP 104.243.45.202:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Hash 60fc0009e2b1f35b70af8f0dc4b6d25b
021675a93d81d08ff41198debbfa926c7ab73465
7c28935555587f3cb234c1ce50fa5400ebf9641e56b26657b38ed041635092cf
GET /css/custom.css HTTP/1.1
Host: l3.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/20ea47
Cookie: connect.sid=s%3AueWTCAnfO5IESQNDscN_EAeAFPrQacJJ.UGlvcsYTEppwN9i1leiLLNdK9TC4MuJ%2BB3Fruiz1EFw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:11 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 6684
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:03 GMT
ETag: W/"1a1c-187ba442e91"
l3.suaurl.com/css/preloaderbar.css
104.243.45.202200 OK 519 B URL GET HTTP/1.1 l3.suaurl.com/css/preloaderbar.css
IP 104.243.45.202:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 3728118b9d522cff3852c391151bf568
1028b42380ac3d56e6a982991486091c6f0ad5e1
1fd8a67ed214bddc0125833ebc7b0f2302d8606cb57bdf697fe1c6ebba8e7ce4
GET /css/preloaderbar.css HTTP/1.1
Host: l3.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/20ea47
Cookie: connect.sid=s%3AueWTCAnfO5IESQNDscN_EAeAFPrQacJJ.UGlvcsYTEppwN9i1leiLLNdK9TC4MuJ%2BB3Fruiz1EFw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:11 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 519
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:03 GMT
ETag: W/"207-187ba442e91"
api.nobeta.com.br/nobetaads&id=suaurl.inter
35.244.156.216200 OK 42 B URL GET HTTP/2 api.nobeta.com.br/nobetaads&id=suaurl.inter
IP 35.244.156.216:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerGoogle Trust Services LLC
Subjectapi.nobeta.com.br
Fingerprint9F:22:0D:38:E2:E5:E1:8B:26:BA:3A:82:F6:69:A2:0D:DA:B9:76:7E
ValidityMon, 22 May 2023 13:14:21 GMT - Sun, 20 Aug 2023 14:07:15 GMT
File type ASCII text, with no line terminators
Hash 11831a201b470ec37b74e8a5f2fe09dc
052cc185172df1744d5069513bf7e8f5cb92dfc1
10efdae0f55e6bd7e73d0a43d1eb4764c67e1e3a14dc1f5e512887ebd0eb4ae1
GET /nobetaads&id=suaurl.inter HTTP/1.1
Host: api.nobeta.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:11 GMT
server: Apache/2.4.29 (Ubuntu)
cache-control: public, max-age=604800
last-modified: Wed, 12 Apr 2023 19:12:22 GMT
content-length: 42
content-type: application/javascript
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
suaads.com/peel1-ad-300x250.js
104.243.45.202200 OK 1.3 kB URL GET HTTP/1.1 suaads.com/peel1-ad-300x250.js
IP 104.243.45.202:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type Unicode text, UTF-8 text, with very long lines (571), with CRLF line terminators
Hash 17ab628dd70372be5ca3a1900d3d3b5c
c787ee1ad8522f7cc773b022ec23e03e2813c637
f35146e2c1d7e6170bb172f91dd891e4c4b85df05713f19a0e045edbad78fe33
GET /peel1-ad-300x250.js HTTP/1.1
Host: suaads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:11 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1279
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sun, 26 Feb 2023 02:10:16 GMT
ETag: W/"4ff-1868b7c2b40"
l3.suaurl.com/vendor/jquery-easing/jquery.easing.min.js
104.243.45.202200 OK 2.5 kB URL GET HTTP/1.1 l3.suaurl.com/vendor/jquery-easing/jquery.easing.min.js
IP 104.243.45.202:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type ASCII text, with very long lines (2532), with no line terminators
Hash e2d41e5c8fed838d9014fea53d45ce75
bde98133f735398b27339c423a817e755329f7d1
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
GET /vendor/jquery-easing/jquery.easing.min.js HTTP/1.1
Host: l3.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/20ea47
Cookie: connect.sid=s%3AueWTCAnfO5IESQNDscN_EAeAFPrQacJJ.UGlvcsYTEppwN9i1leiLLNdK9TC4MuJ%2BB3Fruiz1EFw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:11 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2532
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:03 GMT
ETag: W/"9e4-187ba442eb5"
l3.suaurl.com/js/sb-admin-2.min.js
104.243.45.202200 OK 1.2 kB URL GET HTTP/1.1 l3.suaurl.com/js/sb-admin-2.min.js
IP 104.243.45.202:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type ASCII text, with very long lines (969)
Hash c6e5141bdef9fc24ce5578c2fe880380
96bfe47e21f710ccac32422add05d7780ba91e46
56e52d69caae577f69c8612dd121147c5ade8c05e23bb490f27d13e010727c50
GET /js/sb-admin-2.min.js HTTP/1.1
Host: l3.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/20ea47
Cookie: connect.sid=s%3AueWTCAnfO5IESQNDscN_EAeAFPrQacJJ.UGlvcsYTEppwN9i1leiLLNdK9TC4MuJ%2BB3Fruiz1EFw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:11 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1207
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:03 GMT
ETag: W/"4b7-187ba442e95"
l3.suaurl.com/js/custom.js
104.243.45.202200 OK 968 B URL GET HTTP/1.1 l3.suaurl.com/js/custom.js
IP 104.243.45.202:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type ASCII text, with very long lines (371), with CRLF line terminators
Hash fac06bfe1a8405c65a01001f746ff0e1
514f4780b2296b46f342ba1e111c8b795c149d3a
4239d03ea5fb4426c2cba9a8ea90b23d75aadd8fc51cd1b4d8068923757cc875
GET /js/custom.js HTTP/1.1
Host: l3.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/20ea47
Cookie: connect.sid=s%3AueWTCAnfO5IESQNDscN_EAeAFPrQacJJ.UGlvcsYTEppwN9i1leiLLNdK9TC4MuJ%2BB3Fruiz1EFw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:11 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 968
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:03 GMT
ETag: W/"3c8-187ba442e95"
l3.suaurl.com/vendor/bootstrap/js/bootstrap.bundle.min.js
104.243.45.202200 OK 81 kB URL GET HTTP/1.1 l3.suaurl.com/vendor/bootstrap/js/bootstrap.bundle.min.js
IP 104.243.45.202:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type ASCII text, with very long lines (65297)
Hash 7fd2f04e75bd7ab1a79d80cdd4c33085
e02a14457b25e6df2568b772feab4387c00a4934
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
GET /vendor/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: l3.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/20ea47
Cookie: connect.sid=s%3AueWTCAnfO5IESQNDscN_EAeAFPrQacJJ.UGlvcsYTEppwN9i1leiLLNdK9TC4MuJ%2BB3Fruiz1EFw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:11 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 81084
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:03 GMT
ETag: W/"13cbc-187ba442e99"
l3.suaurl.com/js/capcha.js
104.243.45.202200 OK 3.5 kB URL GET HTTP/1.1 l3.suaurl.com/js/capcha.js
IP 104.243.45.202:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type Unicode text, UTF-8 text, with very long lines (3040), with CRLF line terminators
Hash 505a0953b66a5288b5e9e8a241a74868
af07e310f33ad6f94bb15cb0f0ebec0cee0baa2e
5b0dc65f0f57740aaf6d8fb206fede0506a5ad47dd1698c049cc3f3945eaac6a
GET /js/capcha.js HTTP/1.1
Host: l3.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/20ea47
Cookie: connect.sid=s%3AueWTCAnfO5IESQNDscN_EAeAFPrQacJJ.UGlvcsYTEppwN9i1leiLLNdK9TC4MuJ%2BB3Fruiz1EFw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:11 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 3456
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:03 GMT
ETag: W/"d80-187ba442e95"
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash b85157c1ca7989c7bf757e43d01632f7
e32bb00f069d897e00c56cec96155d2c351b5d67
e30b4636b7524d0ebbfa9ad57b4d5d9188420ff139437bf8664920391569286f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 20:53:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.themoneytizer.com/s/gen.js?type=19
185.76.9.23 3.2 kB URL GET ads.themoneytizer.com/s/gen.js?type=19
IP 185.76.9.23:0
ASN #60068 Datacamp Limited
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint63:1E:82:09:E3:B2:0E:7E:6F:CC:42:29:E6:C2:9C:F2:A6:12:0E:CA
ValidityWed, 10 May 2023 08:47:47 GMT - Tue, 08 Aug 2023 08:47:46 GMT
File type gzip compressed data, from Unix\012- data
Hash 614f24941305a92ea36bf14ca5aa2d7e
580f2edb5adbdecd1f78d69179d749f7ba6f6c42
15ae2cb1e6c5f848312a682b1573492d0e1c6fb05e5608858e0b332f64ae7b90
GET /s/gen.js?type=19 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRRDszj/P+wAAA
x-77-nzt-ray: af5856304fb6f62ab71075644afc4020
x-accel-expires: @1685937912
x-accel-date: 1685333112
x-cache: HIT
x-age: 60479
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash ca8cca05e813856677c0ba3133770742
688ee02bc307e73cef39bb1f1747b3e8845cecef
9f6e94f2196a935cb4dfe085aa6a3528a310faf58816e949dca6130e6dc8a41a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 20:53:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
l3.suaurl.com/vendor/jquery/jquery.min.js
104.243.45.202200 OK 90 kB URL GET HTTP/1.1 l3.suaurl.com/vendor/jquery/jquery.min.js
IP 104.243.45.202:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /vendor/jquery/jquery.min.js HTTP/1.1
Host: l3.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/20ea47
Cookie: connect.sid=s%3AueWTCAnfO5IESQNDscN_EAeAFPrQacJJ.UGlvcsYTEppwN9i1leiLLNdK9TC4MuJ%2BB3Fruiz1EFw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:11 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 89476
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:03 GMT
ETag: W/"15d84-187ba442eb5"
l3.suaurl.com/css/sb-admin-2.min.css
104.243.45.202200 OK 169 kB URL GET HTTP/1.1 l3.suaurl.com/css/sb-admin-2.min.css
IP 104.243.45.202:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type ASCII text, with very long lines (65088)
Size 169 kB (169306 bytes)
Hash 8e4e6a8bdaa4468bed2cfb9aaf1cc5bd
4ff8cd5fa9ecb0bc904f3119680af9459bf12951
00541c2eb2c72c1c58dae8ae4a9d576ee1aa53edb548da98d573a88cf57cea31
GET /css/sb-admin-2.min.css HTTP/1.1
Host: l3.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/20ea47
Cookie: connect.sid=s%3AueWTCAnfO5IESQNDscN_EAeAFPrQacJJ.UGlvcsYTEppwN9i1leiLLNdK9TC4MuJ%2BB3Fruiz1EFw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:11 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 169306
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:03 GMT
ETag: W/"2955a-187ba442e91"
ocsp.pki.goog/s/gts1d4/UrAfP9jR1p4
142.250.74.131 471 B URL ocsp.pki.goog/s/gts1d4/UrAfP9jR1p4
IP 142.250.74.131:0
Hash b156f2a1352560d12aa9fce11c606d52
0a99bfbd27a7a4221caa3ebbb50bf0ffb731228c
a0d1952f042423a9efbb2b2d9fbf4a593162cccdcadb63b7690d2f631c7e03b5
POST /s/gts1d4/UrAfP9jR1p4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 20:53:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
172.67.13.182200 OK 21 kB URL GET HTTP/2 spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
IP 172.67.13.182:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint3B:56:4D:4F:0A:90:47:5B:07:F8:ED:CD:91:23:F7:D5:B3:86:F0:26
ValidityThu, 04 May 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (50946), with NEL line terminators
Hash f5c0fe44bf0b4b64558ae041c2f1f7c4
d51a642bf4440bf3bea2e9f7b3b92de595d8d7ab
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad
GET /mapper.js?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:12 GMT
content-type: application/javascript
cache-control: public, max-age=21600
cf-bgj: minify
cf-polished: origSize=62056
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://www.shoppinglifestyle.com
expires: Mon, 29 May 2023 21:47:24 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 18348
server: cloudflare
cf-ray: 7cf1a0203bc10b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/moneybile.js
185.76.9.23200 OK 17 kB URL GET HTTP/2 ads.themoneytizer.com/moneybile.js
IP 185.76.9.23:443
ASN #60068 Datacamp Limited
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint63:1E:82:09:E3:B2:0E:7E:6F:CC:42:29:E6:C2:9C:F2:A6:12:0E:CA
ValidityWed, 10 May 2023 08:47:47 GMT - Tue, 08 Aug 2023 08:47:46 GMT
File type gzip compressed data, from Unix\012- data
Hash 985dc1d599c49a2d9a4fc8cef3509102
c4415659b7dd24548887ac03ed99fddc3977225f
45ddbaa846b0fad2292ad4c7bce07071dbed6e2aa45ecdae6421822ad8e8dc14
GET /moneybile.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
expires: Tue, 30 May 2023 04:05:10 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
server: CDN77-Turbo
x-77-nzt: AblMCRTVauP/QuwAAA
x-77-nzt-ray: af5856304fb6f62ab81075643dae6010
x-accel-expires: @1685419510
x-accel-date: 1685333110
x-cache: HIT
x-age: 60482
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
185.76.9.23200 OK 184 kB URL GET HTTP/2 ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
IP 185.76.9.23:443
ASN #60068 Datacamp Limited
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint63:1E:82:09:E3:B2:0E:7E:6F:CC:42:29:E6:C2:9C:F2:A6:12:0E:CA
ValidityWed, 10 May 2023 08:47:47 GMT - Tue, 08 Aug 2023 08:47:46 GMT
File type gzip compressed data, from Unix\012- data
Size 184 kB (184346 bytes)
Hash 701aba2785a053fe82dc52de45d46773
1f28e0ae37857f412f04c41c3f6dc0e563c1e153
fa2c1f9597dd31fef31b8ccd508e056fcd10e8e50af1c5a21281878fd0072f4b
GET /moneybid7_44/build/dist/prebid.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 18 May 2023 19:09:28 GMT
expires: Tue, 30 May 2023 04:05:10 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
server: CDN77-Turbo
x-77-nzt: AblMCRQKtaX/QuwAAA
x-77-nzt-ray: af5856304fb6f62ab810756420558515
x-accel-expires: @1685419510
x-accel-date: 1685333110
x-cache: HIT
x-age: 60482
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 20:53:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 36 kB URL GET HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://l3.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 16:35:19 GMT
expires: Thu, 23 May 2024 16:35:19 GMT
cache-control: public, max-age=31536000
age: 447473
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.14.101 281 B IP 104.18.14.101:0
Hash 7ac2ce54cfc68827cc204b8a766d1b68
37af42b62a364dec73404557b31f4c58f9d08496
f8a9fdbad361a231a93a343e73afa0ee658ed9e360805f108b07ba9ce953e61d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 29 May 2023 20:53:12 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 16:43:58 GMT
Expires: Sun, 04 Jun 2023 16:43:57 GMT
Etag: "37af42b62a364dec73404557b31f4c58f9d08496"
Cache-Control: max-age=503866,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cf1a0210887b4f3-OSL
www.googletagmanager.com/gtm.js?id=GTM-PC2RG39
142.250.74.168200 OK 46 kB URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-PC2RG39
IP 142.250.74.168:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (9671)
Hash 83d3a5604951f69e1316206d80077e8b
a4ae97aa529e9f8c6e7b63537d4ac10398069fec
28f542bdfc91b9af5370b2930d5a74d63f18afd9011517434c69e31ad199c75f
GET /gtm.js?id=GTM-PC2RG39 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 29 May 2023 20:53:12 GMT
expires: Mon, 29 May 2023 20:53:12 GMT
cache-control: private, max-age=900
last-modified: Mon, 29 May 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46112
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c.tmyzer.com/c/?s=48659&f=3&fi=99
54.38.64.100200 OK 0 B URL GET HTTP/1.1 c.tmyzer.com/c/?s=48659&f=3&fi=99
IP 54.38.64.100:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectc.tmyzer.com
Fingerprint34:B1:54:5C:5B:09:87:82:2E:95:C0:AF:8A:F9:4B:39:8F:DF:95:E8
ValidityThu, 25 May 2023 04:03:32 GMT - Wed, 23 Aug 2023 04:03:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=48659&f=3&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l3.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Mon, 29 May 2023 20:53:12 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
access-control-allow-origin: *
x-iplb-request-id: 5B5A2A9A:9E4D_36264064:01BB_647510B8_25F0D00:2B2B5
x-iplb-instance: 20687
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 36 kB URL GET HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://l3.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 16:35:19 GMT
expires: Thu, 23 May 2024 16:35:19 GMT
cache-control: public, max-age=31536000
age: 447473
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cmp.optad360.io/items/300d3285-f4f8-41c1-8646-51e981aaafa7.min.js
54.230.111.24200 OK 73 kB URL GET HTTP/2 cmp.optad360.io/items/300d3285-f4f8-41c1-8646-51e981aaafa7.min.js
IP 54.230.111.24:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerAmazon
Subject*.optad360.io
Fingerprint3F:63:46:F2:3D:9C:21:94:0F:CF:0E:DE:4A:9F:ED:7B:21:E5:77:21
ValidityWed, 01 Mar 2023 00:00:00 GMT - Wed, 15 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 03ea4bff6e3260d734478be250818b0a
078d1c575433ec66600e69fc8ee2fe72329e7511
93fe95d6eea3ac321108b8f4aaafe638aef5cd5be4b5460bd1f64ee181799b21
GET /items/300d3285-f4f8-41c1-8646-51e981aaafa7.min.js HTTP/1.1
Host: cmp.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 25 May 2023 19:53:07 GMT
last-modified: Wed, 15 Mar 2023 12:14:26 GMT
etag: W/"03ea4bff6e3260d734478be250818b0a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c7jP0B98Wp5lk4NEOkFWTDUxYG4e6fUX0i1cZJvewUhWzLwXoJ8gHg==
age: 349205
X-Firefox-Spdy: h2
l3.suaurl.com/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
104.243.45.202200 OK 80 kB URL GET HTTP/1.1 l3.suaurl.com/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
IP 104.243.45.202:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type Web Open Font Format (Version 2), TrueType, length 80328, version 331.589\012- data
Hash 412a43d6840addd683665ec12c30f810
f3be6605dbff23cf22ec3abddd1141a81a99e3aa
0bf1b8d8ac1b4ef0caea0db8cbe1b6a35f8a84a2f5fffa2421936cc11a1a91fc
GET /vendor/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: l3.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/vendor/fontawesome-free/css/all.min.css
Cookie: connect.sid=s%3AueWTCAnfO5IESQNDscN_EAeAFPrQacJJ.UGlvcsYTEppwN9i1leiLLNdK9TC4MuJ%2BB3Fruiz1EFw
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:12 GMT
Content-Type: font/woff2
Content-Length: 80328
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:03 GMT
ETag: W/"139c8-187ba442eb5"
c.tmyzer.com/c/?s=48659&f=19&fi=99
54.38.64.100200 OK 0 B URL GET HTTP/1.1 c.tmyzer.com/c/?s=48659&f=19&fi=99
IP 54.38.64.100:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectc.tmyzer.com
Fingerprint34:B1:54:5C:5B:09:87:82:2E:95:C0:AF:8A:F9:4B:39:8F:DF:95:E8
ValidityThu, 25 May 2023 04:03:32 GMT - Wed, 23 Aug 2023 04:03:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=48659&f=19&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l3.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx
date: Mon, 29 May 2023 20:53:12 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
access-control-allow-origin: *
x-iplb-request-id: 5B5A2A9A:5256_36264064:01BB_647510B8_25FD415:18342
x-iplb-instance: 38436
ocsp.sectigo.com/
104.18.14.101 472 B IP 104.18.14.101:0
Hash ec7f29c6da989e5999d8d143175dc59b
997010332b19580aee52766dc89fd2c92de513d8
d0a9f49cc5560cd357b446ffb1827f2aae9d26f492cdb57bf762d933a2231db8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 29 May 2023 20:53:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 08:45:24 GMT
Expires: Sun, 04 Jun 2023 08:45:23 GMT
Etag: "997010332b19580aee52766dc89fd2c92de513d8"
Cache-Control: max-age=475748,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cf1a021ea26b4f3-OSL
l3.suaurl.com/img/ads.png
104.243.45.202200 OK 4.0 kB URL GET HTTP/1.1 l3.suaurl.com/img/ads.png
IP 104.243.45.202:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type PNG image data, 303 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash 10d62b67880d34297406e261c48cb930
605880a5522df57d1d712bd54dd3737a4ed8fe11
5e988860df08c118fa9df4f704536caf1bd0bd497ff318e1fd403dfebf84be61
GET /img/ads.png HTTP/1.1
Host: l3.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/20ea47
Cookie: connect.sid=s%3AueWTCAnfO5IESQNDscN_EAeAFPrQacJJ.UGlvcsYTEppwN9i1leiLLNdK9TC4MuJ%2BB3Fruiz1EFw; ztestc=Ik1vbiBNYXkgMjkgMjAyMyAyMDo1MzoxMiBHTVQrMDAwMCAoQ29vcmRpbmF0ZWQgVW5pdmVyc2FsIFRpbWUpIg%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:12 GMT
Content-Type: image/png
Content-Length: 4006
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:03 GMT
ETag: W/"fa6-187ba442e95"
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 20:53:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-C528SSEPW2&l=dataLayer&cx=c
142.250.74.168200 OK 76 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-C528SSEPW2&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (5858)
Hash f46f8563679be4bda6150f63fc74822d
01e2a57759b4efa89372a83fd42c17f14c0f4829
284ca5afd58c0820bc9b3872c2b07003d3d76e2f084d1e1033f52cba2a3c9b63
GET /gtag/js?id=G-C528SSEPW2&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 29 May 2023 20:53:12 GMT
expires: Mon, 29 May 2023 20:53:12 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76546
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
optad360.mgr.consensu.org/icons/branding-ads.svg
54.230.111.126200 OK 49 kB URL GET HTTP/2 optad360.mgr.consensu.org/icons/branding-ads.svg
IP 54.230.111.126:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerAmazon
Subjectoptad360.mgr.consensu.org
Fingerprint8B:C9:3E:15:55:54:9D:7D:D5:33:ED:A1:0C:42:F1:34:C2:8A:B0:0A
ValiditySun, 23 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 82e9b70c893ec972e4f15dcecfe8e0e0
f9a984d9a573d628e9e64cdc080a4bf317d4fcfc
88d8c76032c1189795cd16b500ecc13fa75880f15075aad4d862277868612829
GET /icons/branding-ads.svg HTTP/1.1
Host: optad360.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 29 May 2023 00:33:26 GMT
cache-control: public, max-age=360000000
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6Ta01O9iBuSPlS3wqop6KKX51wJodDD59TxXPjx6QvtFCFVFBJsBew==
age: 73187
X-Firefox-Spdy: h2
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
54.230.245.166200 OK 26 kB URL GET HTTP/1.1 d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
IP 54.230.245.166:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (16085)
Hash 8703fc9eead243fe2f47380e962d7fa2
3d9f707259112fa9ccdd1e676f00eadcff71906c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Date: Sun, 28 May 2023 21:29:11 GMT
X-Cache: Hit from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WfpkkeUCBAhXEryzIJWHfQrVCUtjUUqCtHqkdfP__dFtD3cVve-SmA==
Age: 84243
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l3.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:49:29 GMT
expires: Tue, 21 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 594224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash ec987a0d97e1f0d4d930dc81e50190f7
d549668e175141bd2dc34c35128a01fa0e7c42d3
74aca11f5b107cae5ee6479b263e7fbb54682ede8059252a6dbdb549e5d30b18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 20:53:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
optad360.mgr.consensu.org/cmp/v2/translations/v4/en.json
54.230.111.126200 OK 15 kB URL GET HTTP/2 optad360.mgr.consensu.org/cmp/v2/translations/v4/en.json
IP 54.230.111.126:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerAmazon
Subjectoptad360.mgr.consensu.org
Fingerprint8B:C9:3E:15:55:54:9D:7D:D5:33:ED:A1:0C:42:F1:34:C2:8A:B0:0A
ValiditySun, 23 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 69c0eda83c5db75fb4f7f4ed68519bac
349a13c0a7e07f26539056e8f59983f198207ae4
54aefe278a62b7837241f36368c996694518403a88a5a671ce6c8106db56a532
GET /cmp/v2/translations/v4/en.json HTTP/1.1
Host: optad360.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l3.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Thu, 29 Oct 2020 12:24:15 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 29 May 2023 09:55:34 GMT
cache-control: public, max-age=360000000
etag: W/"e3fe984dfb883f99b54c331403be617b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vDTG-zLNRMxPoORth7nz19D06CGIV0_4IRRK-6WIVCfTwe6W_fHSRQ==
age: 39459
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.162200 OK 0 B URL HEAD HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.162:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint4D:38:FE:62:28:C3:2C:26:D3:E4:2A:D2:FD:07:5A:0E:7D:C6:AD:7C
ValidityMon, 08 May 2023 08:20:04 GMT - Mon, 31 Jul 2023 08:20:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://l3.suaurl.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 29 May 2023 20:53:13 GMT
expires: Mon, 29 May 2023 20:53:13 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11262472095113119367
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 47250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230529
151.101.129.229200 OK 851 B URL GET HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230529
IP 151.101.129.229:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type JSON data\012- , ASCII text, with very long lines (1600), with no line terminators
Hash 4f72aee759186d297babfa11a20edd49
27f6c388c9800e16ce4742b8e9fd417ec7f1b324
5547ccd000f55d51916dde9e7ba9e0c34b77445032d345abdfdbb25cc3d0b337
GET /gh/prebid/currency-file@1/latest.json?date=20230529 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://l3.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1706
x-jsd-version-type: version
etag: W/"640-J/bDiMmADhbOR0K46f1BfsfxsyQ"
content-encoding: br
accept-ranges: bytes
date: Mon, 29 May 2023 20:53:13 GMT
age: 17550
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 851
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash ec987a0d97e1f0d4d930dc81e50190f7
d549668e175141bd2dc34c35128a01fa0e7c42d3
74aca11f5b107cae5ee6479b263e7fbb54682ede8059252a6dbdb549e5d30b18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 20:53:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226 1.5 kB URL ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 38335e775050fb0564a3dbf444ba6c33
90a5048f22ee5507f48395a0f69cc47ae4f475be
f64e01ed65dc29f4fb9af75c627887e7d032d17233f30cfcfb6a9cd35ab4814e
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 29 May 2023 20:53:13 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "1507E32597F8B07EBB2F3B60EFB97A09A6631ECB"
Expires: Tue, 30 May 2023 07:00:00 GMT
Last-Modified: Mon, 29 May 2023 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3192
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cf1a026cb24b50f-OSL
www.google.com/recaptcha/api2/anchor?ar=1&k=6LcpPLoUAAAAALs3DT266inZ2dzudIP_bwoTpPL3&co=aHR0cHM6Ly9sMy5zdWF1cmwuY29tOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=normal&cb=cw72btfhgtqx
142.250.74.132200 OK 29 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LcpPLoUAAAAALs3DT266inZ2dzudIP_bwoTpPL3&co=aHR0cHM6Ly9sMy5zdWF1cmwuY29tOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=normal&cb=cw72btfhgtqx
IP 142.250.74.132:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43954)
Hash b283bf133f25ede399bd76e59a17cc0c
68157287f8f6059d92827d449a396576ad198139
1f233b7f05b4e073c5269effa43a67fd8fc527d422ed52953d15088af36b2450
GET /recaptcha/api2/anchor?ar=1&k=6LcpPLoUAAAAALs3DT266inZ2dzudIP_bwoTpPL3&co=aHR0cHM6Ly9sMy5zdWF1cmwuY29tOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=normal&cb=cw72btfhgtqx HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 May 2023 20:53:13 GMT
content-security-policy: script-src 'nonce-ssKj_b4Q52z1Z49nN_2yeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28749
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
call.cleverwebserver.com/?id=57155&c=NO&r=03&l=259&b=Firefox&os=Linux&mob=0&v=1.34.7&ref=aHR0cHM6Ly9sMy5zdWF1cmwuY29tLzIwZWE0Nw%3D%3D&ruri=&iv=-1&ctr=NO
104.18.25.246200 OK 43 B URL GET HTTP/2 call.cleverwebserver.com/?id=57155&c=NO&r=03&l=259&b=Firefox&os=Linux&mob=0&v=1.34.7&ref=aHR0cHM6Ly9sMy5zdWF1cmwuY29tLzIwZWE0Nw%3D%3D&ruri=&iv=-1&ctr=NO
IP 104.18.25.246:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerCloudflare, Inc.
Subjectcleverwebserver.com
FingerprintEF:45:E2:48:2B:D0:01:F7:D5:BB:45:23:DB:C5:3E:C4:E1:20:13:EC
ValidityTue, 06 Sep 2022 00:00:00 GMT - Tue, 05 Sep 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /?id=57155&c=NO&r=03&l=259&b=Firefox&os=Linux&mob=0&v=1.34.7&ref=aHR0cHM6Ly9sMy5zdWF1cmwuY29tLzIwZWE0Nw%3D%3D&ruri=&iv=-1&ctr=NO HTTP/1.1
Host: call.cleverwebserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:13 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7cf1a026eb0bb503-OSL
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
142.250.74.138200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP 142.250.74.138:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type ASCII text, with very long lines (32034)
Hash d0212568ce69457081dacf84e327fa5c
d6702a1af0378b2342f6a0692e77c169f580aed7
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
GET /ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 20:59:58 GMT
expires: Sun, 26 May 2024 20:59:58 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 172395
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
142.250.74.35200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcpPLoUAAAAALs3DT266inZ2dzudIP_bwoTpPL3&co=aHR0cHM6Ly9sMy5zdWF1cmwuY29tOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=normal&cb=cw72btfhgtqx
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (56403), with no line terminators
Hash 83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:55:34 GMT
expires: Tue, 21 May 2024 23:55:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/css
vary: Accept-Encoding
age: 593859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:49:29 GMT
expires: Tue, 21 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 594224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ad-delivery.net/px.gif?ch=1&e=0.8725843119045845
172.67.69.19200 OK 43 B URL GET HTTP/2 ad-delivery.net/px.gif?ch=1&e=0.8725843119045845
IP 172.67.69.19:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:7E:C3:56:0A:04:84:BD:24:32:3D:C3:8E:66:52:26:37:E8:90:D3
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=1&e=0.8725843119045845 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:13 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycduMK75IJMJXhB4y2IDzyAp1ME52Jl3cWMF9oBGWS_oGnU8_4qwtTKVHSk2oQ9k9ARBJ-_dX2e0ZHRyoLVrXTL0mWO2iy0KW
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Thu, 25 May 2023 18:49:56 GMT
cache-control: public, max-age=86400
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 356597
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXPS1bexMW49N2o%2FT52oobrj8lKQevJZ30%2BXFrTFE4K95sEID%2Bx2ZubItNCx6orOJ%2BOTsuVQAt28fRlj4x5PCdCuS%2F5U9S0%2FnkiepuLBvLeSOGVYcvMBUa94czKjacHMqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf1a028eea6fac0-OSL
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=2
172.67.69.19200 OK 43 B URL GET HTTP/2 ad-delivery.net/px.gif?ch=2
IP 172.67.69.19:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:7E:C3:56:0A:04:84:BD:24:32:3D:C3:8E:66:52:26:37:E8:90:D3
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:13 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycduMK75IJMJXhB4y2IDzyAp1ME52Jl3cWMF9oBGWS_oGnU8_4qwtTKVHSk2oQ9k9ARBJ-_dX2e0ZHRyoLVrXTL0mWO2iy0KW
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Thu, 25 May 2023 18:49:56 GMT
cache-control: public, max-age=86400
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 356597
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2ee9spuaJZMJENAisEZkgY3SJXFctuMyxm0scbN0QN4MF11Oz0MtIdXdHmb8MmAI6spkqUnXNidtnXZRW%2B92iMu0lpA4%2BddbCgMTj6pyZUdV3PJsuva1BTEK%2BRv5wbg9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf1a028eeaffac0-OSL
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.35200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcpPLoUAAAAALs3DT266inZ2dzudIP_bwoTpPL3&co=aHR0cHM6Ly9sMy5zdWF1cmwuY29tOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=normal&cb=cw72btfhgtqx
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 21:48:58 GMT
expires: Mon, 29 May 2023 21:48:58 GMT
cache-control: public, max-age=604800
age: 601455
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcpPLoUAAAAALs3DT266inZ2dzudIP_bwoTpPL3&co=aHR0cHM6Ly9sMy5zdWF1cmwuY29tOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=normal&cb=cw72btfhgtqx
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 17:31:32 GMT
expires: Wed, 22 May 2024 17:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 530502
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
142.250.74.132200 OK 112 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
IP 142.250.74.132:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcpPLoUAAAAALs3DT266inZ2dzudIP_bwoTpPL3&co=aHR0cHM6Ly9sMy5zdWF1cmwuY29tOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=normal&cb=cw72btfhgtqx
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with no line terminators
Hash ffdfcf8fae84f7684f006bf5af012c06
b31182bbb1c60a114919bf05e698805b61f76aba
1bf768716a75b7620d341f775d10d79ee73a3a47f6609a24ca25dd88e4aeda95
GET /recaptcha/api2/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcpPLoUAAAAALs3DT266inZ2dzudIP_bwoTpPL3&co=aHR0cHM6Ly9sMy5zdWF1cmwuY29tOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=normal&cb=cw72btfhgtqx
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
expires: Mon, 29 May 2023 20:53:14 GMT
date: Mon, 29 May 2023 20:53:14 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:49:29 GMT
expires: Tue, 21 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 594225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 4ca792588c986dd2f257c61e503e29f4
aff470d21b677e19d4219013d04207177b48b8e1
cbbeb6563368bf867a8acbb3b0cea2f7fcf3f4426a2721dfaed2fbbf87ed806d
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Mon, 29 May 2023 20:53:14 GMT
Last-Modified: Mon, 29 May 2023 20:46:18 GMT
Server: ECAcc (nya/7968)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kYQnztiSfk8HocvPelDNooLxauJxEUQqNcRtQivxVRl4YajOf2Kbog==
Age: 416
adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
52.30.41.49200 OK 20 B URL GET HTTP/1.1 adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
IP 52.30.41.49:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerAmazon
Subject*.adleadevent.com
Fingerprint65:80:33:93:C0:64:B8:15:CE:E4:57:0F:89:95:9E:E2:41:29:DC:0F
ValidityMon, 13 Feb 2023 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 HTTP/1.1
Host: adtrack.adleadevent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l3.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://l3.suaurl.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Mon, 29 May 2023 20:53:14 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon, 29 May 2023 20:53:14 GMT
Pragma: no-cache
Server: Apache
Set-Cookie: AWSELB=9FC54D150466C174912E5199B1F8E822A79961F45959205F48155F06FB9BD61C957639C62B5256CD101C7B5617B87EC222DB6810D5FA7F2601127727C3997A195B0D3022C0;PATH=/
AWSELBCORS=9FC54D150466C174912E5199B1F8E822A79961F45959205F48155F06FB9BD61C957639C62B5256CD101C7B5617B87EC222DB6810D5FA7F2601127727C3997A195B0D3022C0;PATH=/;SECURE;SAMESITE=None
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive
www.google.com/recaptcha/api2/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6LcpPLoUAAAAALs3DT266inZ2dzudIP_bwoTpPL3
142.250.74.132200 OK 1.2 kB URL GET HTTP/3 www.google.com/recaptcha/api2/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6LcpPLoUAAAAALs3DT266inZ2dzudIP_bwoTpPL3
IP 142.250.74.132:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6afeb1611c00ab97ba576f090326ef15
4956970547a6d383df29f4576ec498e543bd5032
661ac32768861e68f641d84efd754e336c98b7fcae7b0d4e225974c0af03d547
GET /recaptcha/api2/bframe?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6LcpPLoUAAAAALs3DT266inZ2dzudIP_bwoTpPL3 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 May 2023 20:53:14 GMT
content-security-policy: script-src 'nonce-ANq_euB3DebNiMWOVM2AOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1151
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
142.250.74.35200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcpPLoUAAAAALs3DT266inZ2dzudIP_bwoTpPL3&co=aHR0cHM6Ly9sMy5zdWF1cmwuY29tOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=normal&cb=cw72btfhgtqx
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (56403), with no line terminators
Hash 83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:55:34 GMT
expires: Tue, 21 May 2024 23:55:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/css
vary: Accept-Encoding
age: 593860
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 23:49:29 GMT
expires: Tue, 21 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 594225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1685393591893
51.89.9.253204 No Content 0 B URL GET HTTP/2 onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1685393591893
IP 51.89.9.253:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint1B:3E:A7:6D:D6:26:C6:9E:AB:38:DE:9E:22:71:64:8C:9F:91:0B:7B
ValidityWed, 28 Dec 2022 00:00:00 GMT - Sun, 28 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2a897e3f18e6769&cb=1685393591893 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ad.a-ads.com/2204752?size=300x250
176.9.77.232200 OK 13 kB URL GET HTTP/2 ad.a-ads.com/2204752?size=300x250
IP 176.9.77.232:443
ASN #24940 Hetzner Online GmbH
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11122)
Hash ddb0907e371625e38e7bda1401737332
d540f2b0d85be3e1d561d649a506304da64adcc4
294a23eaaa698a0f448b2b2d7e07f3aa001d981ad9e506bc90eb2fda44e98a5b
GET /2204752?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 20:53:12 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://l3.suaurl.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
scripts.cleverwebserver.com/8a6f7bff61eadc7c53c8a91cbc98b656.js
104.18.25.246200 OK 135 kB URL GET HTTP/2 scripts.cleverwebserver.com/8a6f7bff61eadc7c53c8a91cbc98b656.js
IP 104.18.25.246:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerCloudflare, Inc.
Subjectcleverwebserver.com
FingerprintEF:45:E2:48:2B:D0:01:F7:D5:BB:45:23:DB:C5:3E:C4:E1:20:13:EC
ValidityTue, 06 Sep 2022 00:00:00 GMT - Tue, 05 Sep 2023 23:59:59 GMT
Size 135 kB (135403 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /8a6f7bff61eadc7c53c8a91cbc98b656.js HTTP/1.1
Host: scripts.cleverwebserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:12 GMT
content-type: application/javascript
x-amz-id-2: xaD8xMamQycYx9LNsYqF2g3zjzQTNBw/HSst4c7TmZLgutJBmZX5zlh3DksgUdT02wvSm4hG7jg=
x-amz-request-id: KB2PPMWDMK0RKRBX
last-modified: Fri, 12 May 2023 15:01:37 GMT
x-amz-version-id: xIGR492TMZn16iT2IERavQY6d2j6hY7h
etag: W/"bdc73e7607e97dd9034405d3903ffb1a"
cf-cache-status: HIT
expires: Mon, 29 May 2023 21:23:12 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf1a021f988b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
l3.suaurl.com/img/faicon.png
104.243.45.202200 OK 14 kB URL GET HTTP/1.1 l3.suaurl.com/img/faicon.png
IP 104.243.45.202:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subjectonfilex.com
FingerprintD0:88:B4:22:63:3E:9B:BE:3C:54:DD:EC:50:13:4E:16:55:75:2D:62
ValiditySat, 27 May 2023 07:59:59 GMT - Fri, 25 Aug 2023 07:59:58 GMT
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 00966e069b8d4fc3fa979a6b61a6ce28
03b27f044fbf1ccfbd38c06958766b3b4d5cc1aa
e657b17aaf6e31e684fa251710929bbf83fc0245d6c0a8dc69d2a13d2430f87e
GET /img/faicon.png HTTP/1.1
Host: l3.suaurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/20ea47
Cookie: connect.sid=s%3AueWTCAnfO5IESQNDscN_EAeAFPrQacJJ.UGlvcsYTEppwN9i1leiLLNdK9TC4MuJ%2BB3Fruiz1EFw; _ga_C528SSEPW2=GS1.1.1685393592.1.0.1685393592.0.0.0; _ga=GA1.1.1369661881.1685393593
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 May 2023 20:53:13 GMT
Content-Type: image/png
Content-Length: 13715
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 25 Apr 2023 21:14:03 GMT
ETag: W/"3593-187ba442e95"
ads.themoneytizer.com/s/requestform.js?siteId=48659&formatId=19
0.0.0.0 0 B URL GET ads.themoneytizer.com/s/requestform.js?siteId=48659&formatId=19
IP 0.0.0.0:0
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint63:1E:82:09:E3:B2:0E:7E:6F:CC:42:29:E6:C2:9C:F2:A6:12:0E:CA
ValidityWed, 10 May 2023 08:47:47 GMT - Tue, 08 Aug 2023 08:47:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/requestform.js?siteId=48659&formatId=19 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRT9yd7/KOIAAA
x-77-nzt-ray: af5856304fb6f62ab710756496e80420
x-accel-expires: @1685940495
x-accel-date: 1685335695
x-cache: HIT
x-age: 57896
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
optad360.mgr.consensu.org/cmp/v2/vendor-list.json
54.230.111.126200 OK 552 kB URL GET HTTP/2 optad360.mgr.consensu.org/cmp/v2/vendor-list.json
IP 54.230.111.126:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerAmazon
Subjectoptad360.mgr.consensu.org
Fingerprint8B:C9:3E:15:55:54:9D:7D:D5:33:ED:A1:0C:42:F1:34:C2:8A:B0:0A
ValiditySun, 23 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (1068)
Size 552 kB (551799 bytes)
Hash fc2ec65f9cf17067ac2746e0e0bade13
69afc8f20a993f956a487d73fb8ae5bf0eca8504
a21b20c52fbc7ca1897d496862d422e5ce453e50d57d0defda0af7e09c904d35
GET /cmp/v2/vendor-list.json HTTP/1.1
Host: optad360.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l3.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Fri, 19 May 2023 08:47:37 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 29 May 2023 09:55:49 GMT
cache-control: public, max-age=604802
etag: W/"fc2ec65f9cf17067ac2746e0e0bade13"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rMm8cWF_J6FewH2tyDFKOw6TKGKGM0JXsSXjrEQU8LYBAdAQS_8iJw==
age: 39445
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=48659&formatId=3
0.0.0.0 0 B URL GET ads.themoneytizer.com/s/requestform.js?siteId=48659&formatId=3
IP 0.0.0.0:0
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint63:1E:82:09:E3:B2:0E:7E:6F:CC:42:29:E6:C2:9C:F2:A6:12:0E:CA
ValidityWed, 10 May 2023 08:47:47 GMT - Tue, 08 Aug 2023 08:47:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/requestform.js?siteId=48659&formatId=3 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRSyQHz/KOIAAA
x-77-nzt-ray: af5856304fb6f62ab71075645cffc820
x-accel-expires: @1685940495
x-accel-date: 1685335695
x-cache: HIT
x-age: 57896
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
172.67.13.182200 OK 239 B URL GET HTTP/2 spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
IP 172.67.13.182:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint3B:56:4D:4F:0A:90:47:5B:07:F8:ED:CD:91:23:F7:D5:B3:86:F0:26
ValidityThu, 04 May 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 339a7252f1c78ae2b4b67f0c086549c1
41a6ba76fe88ff0a624ed8907d1da0a0ac2698d9
b57ad78976d81460b0e2a9709d787ca77c02f593820b6753dd68c353bbc936b8
GET /?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l3.suaurl.com
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:12 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://l3.suaurl.com
set-cookie: zc=9ba39362-92eb-49c9-782a-b4ca22cabda0; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
zsc=S%5D%A6j%96%0DR%1D%0CT%97~b+%28U%5C%EC%97%E3%CBb%AD2%2F%0B%25%A6%C6%2A%17%E8%BB%8B%EA%A0J%40%C7%09B%D7%05%AF%BB%86%CBEI%DE%40%A7%3F%94U%F2%89%DF%84%AF%8B%21%7B%96%C9%C5%26%E3%DF%D3%B4%AF%03LJS%A7%7F0%08%DB%C6%9D; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7cf1a022aee90b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
p.cpx.to/p/12763/px.js
99.80.114.47200 OK 3.5 kB IP 99.80.114.47:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerSectigo Limited
Subjectp.cpx.to
FingerprintB7:D4:04:01:07:C8:6E:F6:F4:A7:B7:F7:0A:5D:BE:2E:A4:E2:2D:D7
ValidityThu, 12 Jan 2023 00:00:00 GMT - Sat, 13 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (3561), with no line terminators
Hash f5cae0d869071cb7b0e50aa5f5453d49
7bbcf5cb29b4700cbabecb35082de7574fd60fa3
856cfba766defd69b2c65f12fc5631c93e36baa531d52c2d045850e127354bf8
GET /p/12763/px.js HTTP/1.1
Host: p.cpx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:12 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=2419200, public
X-Firefox-Spdy: h2
ui.cleverwebserver.com/
104.18.25.246200 OK 161 B IP 104.18.25.246:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerCloudflare, Inc.
Subjectcleverwebserver.com
FingerprintEF:45:E2:48:2B:D0:01:F7:D5:BB:45:23:DB:C5:3E:C4:E1:20:13:EC
ValidityTue, 06 Sep 2022 00:00:00 GMT - Tue, 05 Sep 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 1c5b7062e77b9e47c21083e7ab473b03
f179707d6798c186380847e541a0807a1df441c9
00fba9df15285a2f2d65aa2e77c05f8cc6c63dff5f4c10bc1b3fd799b49f1c48
GET / HTTP/1.1
Host: ui.cleverwebserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:13 GMT
content-type: application/javascript
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7cf1a0245e8bb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
scripts.cleverwebserver.com/e6de69552960e2a2af8c824b52374b0e.js
104.18.25.246200 OK 130 kB URL GET HTTP/2 scripts.cleverwebserver.com/e6de69552960e2a2af8c824b52374b0e.js
IP 104.18.25.246:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerCloudflare, Inc.
Subjectcleverwebserver.com
FingerprintEF:45:E2:48:2B:D0:01:F7:D5:BB:45:23:DB:C5:3E:C4:E1:20:13:EC
ValidityTue, 06 Sep 2022 00:00:00 GMT - Tue, 05 Sep 2023 23:59:59 GMT
Size 130 kB (130065 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e6de69552960e2a2af8c824b52374b0e.js HTTP/1.1
Host: scripts.cleverwebserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:12 GMT
content-type: application/javascript
x-amz-id-2: R1BDZvZHVep20yFud14krUbIHC6G0cXQKCTvRnkD1pGLotTmxpxUYN9BUD2G1GPaM7XkleiTgr8=
x-amz-request-id: KB2NYNXWJ7BMX87M
last-modified: Wed, 18 Jan 2023 04:11:30 GMT
x-amz-version-id: V1GUVL6K2U2OQ_IKDXKlG9JyeiGAfVSQ
etag: W/"abd04ec81a68eace3ab60725313dbb2c"
cf-cache-status: HIT
expires: Mon, 29 May 2023 21:23:12 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf1a021f982b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
get.optad360.io/sf/prebid7.17.0.js
54.230.111.124200 OK 504 kB URL GET HTTP/2 get.optad360.io/sf/prebid7.17.0.js
IP 54.230.111.124:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerAmazon
Subject*.optad360.io
Fingerprint3F:63:46:F2:3D:9C:21:94:0F:CF:0E:DE:4A:9F:ED:7B:21:E5:77:21
ValidityWed, 01 Mar 2023 00:00:00 GMT - Wed, 15 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (64496)
Size 504 kB (504152 bytes)
Hash 840fa482840c0b1f014b3c14f6e0ab2e
c9746910146e09cd4d64d5183a61ba7bdf0161ae
529d5a06e1e90ceadfad7e6c2eaed6e9b868a35798345d5431c90f6024f15b55
GET /sf/prebid7.17.0.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 12 May 2023 20:07:03 GMT
last-modified: Mon, 03 Oct 2022 06:53:57 GMT
etag: W/"840fa482840c0b1f014b3c14f6e0ab2e"
cache-control: public, max-age=360000000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v-_Ar0XGK9BuTNK2IlrfEpoiC9eOc_TzbdsHX0NxZiU-7CUtvIG42w==
age: 1471570
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
142.250.74.74200 OK 23 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
IP 142.250.74.74:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
Hash 4983678c48c485245f39c2b9cef40888
d3de969b8e60d740a32f4f1e1eb9d0aba79d6e29
efd15ebba9106e78e5786de7ee546178b97d963a2fc21ea0a65c04fb75fb2b9a
GET /css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 29 May 2023 20:53:11 GMT
date: Mon, 29 May 2023 20:53:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
btloader.com/tag?o=5756097762689024&upapi=true
104.26.6.139200 OK 26 kB URL GET HTTP/2 btloader.com/tag?o=5756097762689024&upapi=true
IP 104.26.6.139:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA8:02:37:24:FE:31:73:D9:E5:C2:16:59:EE:BA:F8:45:83:AB:6A:30
ValidityFri, 05 Aug 2022 00:00:00 GMT - Sat, 05 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (25637)
Hash 961643831b71c2dd99d04b1918b8bdd3
cbc42c3176602e2f3f9321fe8982384843bc68d9
b45fd8aeffdaed80692353477273780f4b93c8301a7345f6c789259bcbfd1b16
GET /tag?o=5756097762689024&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:13 GMT
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
etag: W/"a2aa60d32c7aa364cd3af240f998eb81"
last-modified: Mon, 29 May 2023 20:05:05 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 2878
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuX1IQtVYJSr%2FlgNViE9frR8qG4bHhpk7yF9hoOCimg3nfT02PHiSBgUoyIZL8OWwT9qWKoGJQmpsAk7V9cDeOxxqfFfKg9PlbDxfaSModVp2Jb%2BvP%2BNNqbdcGN9sw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf1a0272ceb0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=3
0.0.0.0 0 B URL GET ads.themoneytizer.com/s/gen.js?type=3
IP 0.0.0.0:0
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerLet's Encrypt
Subject1266287590.rsc.cdn77.org
Fingerprint63:1E:82:09:E3:B2:0E:7E:6F:CC:42:29:E6:C2:9C:F2:A6:12:0E:CA
ValidityWed, 10 May 2023 08:47:47 GMT - Tue, 08 Aug 2023 08:47:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/gen.js?type=3 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 20:53:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRTMg9H/PuwAAA
x-77-nzt-ray: af5856304fb6f62ab710756490477520
x-accel-expires: @1685937913
x-accel-date: 1685333113
x-cache: HIT
x-age: 60478
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
optad360.mgr.consensu.org/cmp/v2/cmp-3.7.0.min.js
54.230.111.126200 OK 709 kB URL GET HTTP/2 optad360.mgr.consensu.org/cmp/v2/cmp-3.7.0.min.js
IP 54.230.111.126:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerAmazon
Subjectoptad360.mgr.consensu.org
Fingerprint8B:C9:3E:15:55:54:9D:7D:D5:33:ED:A1:0C:42:F1:34:C2:8A:B0:0A
ValiditySun, 23 Apr 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
Size 709 kB (709448 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cmp/v2/cmp-3.7.0.min.js HTTP/1.1
Host: optad360.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 29 May 2023 13:25:29 GMT
last-modified: Mon, 20 Feb 2023 09:42:50 GMT
etag: W/"48a5b65b05ae0f4e57e237d6c10b993c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=360000000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RGLAE9XjaUQIH9sO1GJ1JErdunbiyCjf7GvUQUAsdoYxPFmYh1pGgw==
age: 26865
X-Firefox-Spdy: h2
get.optad360.io/sf/ce3a1978-3c4d-450b-a92e-3f71a52ec219/plugin.min.js
54.230.111.124200 OK 272 kB URL GET HTTP/2 get.optad360.io/sf/ce3a1978-3c4d-450b-a92e-3f71a52ec219/plugin.min.js
IP 54.230.111.124:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerAmazon
Subject*.optad360.io
Fingerprint3F:63:46:F2:3D:9C:21:94:0F:CF:0E:DE:4A:9F:ED:7B:21:E5:77:21
ValidityWed, 01 Mar 2023 00:00:00 GMT - Wed, 15 Nov 2023 23:59:59 GMT
Size 272 kB (272349 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sf/ce3a1978-3c4d-450b-a92e-3f71a52ec219/plugin.min.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 29 May 2023 18:04:18 GMT
last-modified: Wed, 22 Mar 2023 08:02:33 GMT
etag: W/"a412a800809635de9f2b38e92e41cd07"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lMwfM8na6nhmhdElxB__Ae3HkXqdkmwkWa6UU75fxIfjKGmTyyVv5g==
age: 10134
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-WS7SWNV
142.250.74.168200 OK 123 kB URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-WS7SWNV
IP 142.250.74.168:443
Requested by https://l3.suaurl.com/20ea47
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (12166)
Size 123 kB (122711 bytes)
Hash c0c598354b8833ceb6adb6d23a21bd72
3e30ef2b83cbc7f010f70282766b38968907d01b
e1747513396cffe2900699f7a11fb37048254891684edeba9d5fa1a08b93a832
GET /gtm.js?id=GTM-WS7SWNV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l3.suaurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 29 May 2023 20:53:13 GMT
expires: Mon, 29 May 2023 20:53:13 GMT
cache-control: private, max-age=900
last-modified: Mon, 29 May 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46472
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000