surl.li/img/surli-logo.svg
104.26.5.19200 OK 133 kB URL GET HTTP/2 surl.li/img/surli-logo.svg
IP 104.26.5.19:443
Certificate IssuerGoogle Trust Services LLC
Subjectsurl.li
Fingerprint4A:8A:47:88:45:49:9E:79:20:E2:25:13:21:0D:14:FD:40:9F:73:38
ValiditySat, 30 Mar 2024 17:55:26 GMT - Fri, 28 Jun 2024 17:55:25 GMT
File type SVG Scalable Vector Graphics image
Size 133 kB (133364 bytes)
Hash 482601fd25a8410e0868ce1e178cbaea
79a25cfa623613a31fc7d3813cfa9a223b54b2a8
f389fb51afbd8077d4e8e260bf820115f7111c246e02cc4aab081c5317c56db6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img/surli-logo.svg HTTP/1.1
Host: surl.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://surl.li/sscpp
Cookie: XSRF-TOKEN=eyJpdiI6ImFnS2J1RXRWNEN1R3YwTWNvUzEweXc9PSIsInZhbHVlIjoiYUt1ZFNqRFRXVzlvNXJqcisybmtFK2krL1R1UnhVOU5FdEkzalVpWjF0WjdaR2drOC9vdGhWY1dKQXdTMmQ2VWQrN2tiVVh1OWN5VVpkeVZ2My9yenphbmlaZkc2NTdGUVJwQjcvZjlkZVV3eC94RHd6T1dVMm5ZeXpONkI4MTUiLCJtYWMiOiJmOGEwNzNhYmZmMTMwNzc3OTYzYzNjMzVhZWI0ZGU2MjZiZTQxY2FiYjc5NmNkODkxZGVkYTE4NTExOWExMmI3IiwidGFnIjoiIn0%3D; surli_application_session=eyJpdiI6IllIK2ljRUhSQVlsSmlBQiszanBVeGc9PSIsInZhbHVlIjoiTG9JNXNCcVh1ZmlzQnNpelZrUytKWHVOUWlMcCtKdmlZQStMazVqNUtqQUpQVm5QNGMrT25MQTN0QThycUpXYlFjNGo1WlpzM0ZHTGRhTmZyVnJnQWdNclk0Z2oxcCt4NVM3WURZRHp0UUlaY2tDUVlsK0dxVHdaZlQ1MDJNQ0wiLCJtYWMiOiIyOWNjZDNkNWUzNDAxNTkxZjNiOGE0ODA1ZDc3MDAzM2QxOGI3MDZkY2M5YmJlMGMyY2Q1ODIwYmZkYmQ3Mzc2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:44:21 GMT
content-type: image/svg+xml
last-modified: Thu, 18 Apr 2024 14:47:33 GMT
etag: W/"66213285-233d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1711
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vCDabzUfs8yZMLtvL38BNlMRXCzED4uhudwMG0ubTvsRiDrHTaBgoUnJZl8qNOm43%2BfmG%2BGvScSsBUDExqzi4IVuv1q2y4WjXX1hP%2BWVcDMdMm%2F763gYvBc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879fcc173976b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
surl.li/img/pc-rouded-icon.svg
104.26.5.19200 OK 131 kB URL GET HTTP/2 surl.li/img/pc-rouded-icon.svg
IP 104.26.5.19:443
Certificate IssuerGoogle Trust Services LLC
Subjectsurl.li
Fingerprint4A:8A:47:88:45:49:9E:79:20:E2:25:13:21:0D:14:FD:40:9F:73:38
ValiditySat, 30 Mar 2024 17:55:26 GMT - Fri, 28 Jun 2024 17:55:25 GMT
File type SVG Scalable Vector Graphics image
Size 131 kB (130809 bytes)
Hash 7005e41f692583c19abac0a7fd5b7c5f
bda49cd99401420d490a32f2f547e4ddd43b7300
2f9e711abfb70ec1515ded7f4c18c9208b1325f53b551698b90fa4664542ceed
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img/pc-rouded-icon.svg HTTP/1.1
Host: surl.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://surl.li/sscpp
Cookie: XSRF-TOKEN=eyJpdiI6ImFnS2J1RXRWNEN1R3YwTWNvUzEweXc9PSIsInZhbHVlIjoiYUt1ZFNqRFRXVzlvNXJqcisybmtFK2krL1R1UnhVOU5FdEkzalVpWjF0WjdaR2drOC9vdGhWY1dKQXdTMmQ2VWQrN2tiVVh1OWN5VVpkeVZ2My9yenphbmlaZkc2NTdGUVJwQjcvZjlkZVV3eC94RHd6T1dVMm5ZeXpONkI4MTUiLCJtYWMiOiJmOGEwNzNhYmZmMTMwNzc3OTYzYzNjMzVhZWI0ZGU2MjZiZTQxY2FiYjc5NmNkODkxZGVkYTE4NTExOWExMmI3IiwidGFnIjoiIn0%3D; surli_application_session=eyJpdiI6IllIK2ljRUhSQVlsSmlBQiszanBVeGc9PSIsInZhbHVlIjoiTG9JNXNCcVh1ZmlzQnNpelZrUytKWHVOUWlMcCtKdmlZQStMazVqNUtqQUpQVm5QNGMrT25MQTN0QThycUpXYlFjNGo1WlpzM0ZHTGRhTmZyVnJnQWdNclk0Z2oxcCt4NVM3WURZRHp0UUlaY2tDUVlsK0dxVHdaZlQ1MDJNQ0wiLCJtYWMiOiIyOWNjZDNkNWUzNDAxNTkxZjNiOGE0ODA1ZDc3MDAzM2QxOGI3MDZkY2M5YmJlMGMyY2Q1ODIwYmZkYmQ3Mzc2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:44:21 GMT
content-type: image/svg+xml
last-modified: Thu, 18 Apr 2024 14:47:33 GMT
etag: W/"66213285-4f3e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1711
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xCOXSd573VO2oe7Os1yfw3Ifu3Ro8%2BdbW5hofdmbPpJjyxFD5LHVZqRItswAgYwT6Z7vZg8WnMmHAZbo0G3HKfsQti28JmDQ2CCiIZyrs6o9O6o2JqkIKV8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879fcc173981b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
surl.li/img/planet-rouded-icon.svg
104.26.5.19200 OK 142 kB URL GET HTTP/2 surl.li/img/planet-rouded-icon.svg
IP 104.26.5.19:443
Certificate IssuerGoogle Trust Services LLC
Subjectsurl.li
Fingerprint4A:8A:47:88:45:49:9E:79:20:E2:25:13:21:0D:14:FD:40:9F:73:38
ValiditySat, 30 Mar 2024 17:55:26 GMT - Fri, 28 Jun 2024 17:55:25 GMT
File type SVG Scalable Vector Graphics image
Size 142 kB (141786 bytes)
Hash 7a6de872239474d5c24060e4d6b89bae
9c921e59d96e37770aad1045ba2900e233d5b657
6c847af4400d327ad6a64ae87c50f6990011348f1cbbe293de44b7bc283eb379
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img/planet-rouded-icon.svg HTTP/1.1
Host: surl.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://surl.li/sscpp
Cookie: XSRF-TOKEN=eyJpdiI6ImFnS2J1RXRWNEN1R3YwTWNvUzEweXc9PSIsInZhbHVlIjoiYUt1ZFNqRFRXVzlvNXJqcisybmtFK2krL1R1UnhVOU5FdEkzalVpWjF0WjdaR2drOC9vdGhWY1dKQXdTMmQ2VWQrN2tiVVh1OWN5VVpkeVZ2My9yenphbmlaZkc2NTdGUVJwQjcvZjlkZVV3eC94RHd6T1dVMm5ZeXpONkI4MTUiLCJtYWMiOiJmOGEwNzNhYmZmMTMwNzc3OTYzYzNjMzVhZWI0ZGU2MjZiZTQxY2FiYjc5NmNkODkxZGVkYTE4NTExOWExMmI3IiwidGFnIjoiIn0%3D; surli_application_session=eyJpdiI6IllIK2ljRUhSQVlsSmlBQiszanBVeGc9PSIsInZhbHVlIjoiTG9JNXNCcVh1ZmlzQnNpelZrUytKWHVOUWlMcCtKdmlZQStMazVqNUtqQUpQVm5QNGMrT25MQTN0QThycUpXYlFjNGo1WlpzM0ZHTGRhTmZyVnJnQWdNclk0Z2oxcCt4NVM3WURZRHp0UUlaY2tDUVlsK0dxVHdaZlQ1MDJNQ0wiLCJtYWMiOiIyOWNjZDNkNWUzNDAxNTkxZjNiOGE0ODA1ZDc3MDAzM2QxOGI3MDZkY2M5YmJlMGMyY2Q1ODIwYmZkYmQ3Mzc2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:44:21 GMT
content-type: image/svg+xml
last-modified: Thu, 18 Apr 2024 14:47:33 GMT
etag: W/"66213285-1574"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1711
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PONKRBD4SEkyWqY%2FPzbbwmqu%2FeYqyQaqxclwJMSBobx5dbUWzbFUdQDNNokaV90NOy8hg6l3q6YXcoCv0%2B8hlwb%2BBU0%2Bv5a7QjMuHHtazzsIS0tKMXF0%2FsA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879fcc174988b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
web-screen.com/img/plug.jpg
104.21.20.132200 OK 14 kB URL GET HTTP/2 web-screen.com/img/plug.jpg
IP 104.21.20.132:443
Certificate IssuerCloudflare, Inc.
Subjectweb-screen.com
FingerprintA2:90:6A:2E:A9:56:79:71:CC:53:5D:F0:D7:0A:ED:BB:54:19:F9:A9
ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type PNG image data, 1280 x 720, 8-bit/color RGB, non-interlaced
Hash 6448aca5739995f3b9c1b3c5e50ce7a0
f50fa07327f55f864a42698fd8fa86270f35da9b
856f999ea580bfa2f03ce5872b848246a66492f17675693e2f429938250d231a
GET /img/plug.jpg HTTP/1.1
Host: web-screen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:44:21 GMT
content-type: image/jpeg
content-length: 13510
last-modified: Mon, 29 Aug 2022 13:27:44 GMT
etag: "630cbed0-34c6"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5770
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lpd%2BtgYkK8U%2BmnjD4EYQUSRq9rqOd1Upiy%2FjKpHwlZzrayojJSjmunOIhLbTrGUeCD0ccaiKVY%2FoNXhheHJ%2ByKzpYXSqw24XqCcQvg3LJ5Ea5uO2JIrKjdOq0JcRVCVPtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879fcc186a8e56ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
web-screen.com/storage/screenshots/2024/04/a0c80019-63c3-4698-b204-db314e8f73fd.png
104.21.20.132200 OK 67 kB URL GET HTTP/3 web-screen.com/storage/screenshots/2024/04/a0c80019-63c3-4698-b204-db314e8f73fd.png
IP 104.21.20.132:443
Certificate IssuerCloudflare, Inc.
Subjectweb-screen.com
FingerprintA2:90:6A:2E:A9:56:79:71:CC:53:5D:F0:D7:0A:ED:BB:54:19:F9:A9
ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type PNG image data, 800 x 800, 8-bit/color RGBA, non-interlaced
Hash 9cfe0b071e793d6f42787acd5b06a956
5002a55c7767381b9818e4ab034827ef02280756
63bf3861d27b0827bbd68ee471ad28729dcb7da2d9200d9cf446b3b9053a99d9
GET /storage/screenshots/2024/04/a0c80019-63c3-4698-b204-db314e8f73fd.png HTTP/1.1
Host: web-screen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://surl.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:44:21 GMT
content-type: image/png
content-length: 66621
last-modified: Mon, 22 Apr 2024 15:23:41 GMT
etag: "662680fd-1043d"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AHAtyZ3lCA3%2FLDep4TiVXRfR%2BUNAtd4nISAvVuZ6DEa1edRzddl495n38KOMEZ3%2FfmCOeJSXEy4GU89U2Hw7aUy%2F9yeyJBjl3VkP1uXlyTdPVvl3Yr5k4Yx1mkOkeWlAbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879fcc1a0c5b5693-OSL
alt-svc: h3=":443"; ma=86400
www.google.com/s2/favicons?domain=https://discord.gg/sPYNCpZZQ8
142.250.74.164301 Moved Permanently 342 B URL GET HTTP/2 www.google.com/s2/favicons?domain=https://discord.gg/sPYNCpZZQ8
IP 142.250.74.164:443
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73
ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT
File type HTML document, ASCII text, with CRLF, LF line terminators
Hash 2e0fd9443d5ef541d413ad397b156785
0407db8da4dd50033291ef68024c4721f5e1d723
ea18701fa900ecbeb8ab591313111a97f26289a24817458a625920c73726e6ae
GET /s2/favicons?domain=https://discord.gg/sPYNCpZZQ8 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://surl.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://discord.gg/sPYNCpZZQ8&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 25 Apr 2024 16:44:21 GMT
expires: Thu, 25 Apr 2024 17:14:21 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 342
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
surl.li/img/gears-rouded-icon.svg
104.26.5.19200 OK 1.5 kB URL GET HTTP/2 surl.li/img/gears-rouded-icon.svg
IP 104.26.5.19:443
Certificate IssuerGoogle Trust Services LLC
Subjectsurl.li
Fingerprint4A:8A:47:88:45:49:9E:79:20:E2:25:13:21:0D:14:FD:40:9F:73:38
ValiditySat, 30 Mar 2024 17:55:26 GMT - Fri, 28 Jun 2024 17:55:25 GMT
File type SVG Scalable Vector Graphics image
Hash aecbc06e12760ff4f4334696cb12f70f
479d2ba236eeb0c524d10d2681beaf890b154604
b08ee81fa51d661b5c24460f41bb2ee09eeb5157c9426c6b3b83d7ada262473d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img/gears-rouded-icon.svg HTTP/1.1
Host: surl.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://surl.li/sscpp
Cookie: XSRF-TOKEN=eyJpdiI6ImFnS2J1RXRWNEN1R3YwTWNvUzEweXc9PSIsInZhbHVlIjoiYUt1ZFNqRFRXVzlvNXJqcisybmtFK2krL1R1UnhVOU5FdEkzalVpWjF0WjdaR2drOC9vdGhWY1dKQXdTMmQ2VWQrN2tiVVh1OWN5VVpkeVZ2My9yenphbmlaZkc2NTdGUVJwQjcvZjlkZVV3eC94RHd6T1dVMm5ZeXpONkI4MTUiLCJtYWMiOiJmOGEwNzNhYmZmMTMwNzc3OTYzYzNjMzVhZWI0ZGU2MjZiZTQxY2FiYjc5NmNkODkxZGVkYTE4NTExOWExMmI3IiwidGFnIjoiIn0%3D; surli_application_session=eyJpdiI6IllIK2ljRUhSQVlsSmlBQiszanBVeGc9PSIsInZhbHVlIjoiTG9JNXNCcVh1ZmlzQnNpelZrUytKWHVOUWlMcCtKdmlZQStMazVqNUtqQUpQVm5QNGMrT25MQTN0QThycUpXYlFjNGo1WlpzM0ZHTGRhTmZyVnJnQWdNclk0Z2oxcCt4NVM3WURZRHp0UUlaY2tDUVlsK0dxVHdaZlQ1MDJNQ0wiLCJtYWMiOiIyOWNjZDNkNWUzNDAxNTkxZjNiOGE0ODA1ZDc3MDAzM2QxOGI3MDZkY2M5YmJlMGMyY2Q1ODIwYmZkYmQ3Mzc2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:44:21 GMT
content-type: image/svg+xml
last-modified: Thu, 18 Apr 2024 14:47:33 GMT
etag: W/"66213285-e1f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1711
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJe6Mjrdekbx%2BddyHTxAzka841Z80t7nTmpEHa6Kpe6QrEq%2BcV8dXabltNfjfFRWkgmyirdQ7bD38o8QAlsPg0rowkptAnnB0ZgP48je9uQMCdMCe6V2ing%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879fcc173984b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://discord.gg/sPYNCpZZQ8&size=16
142.250.74.68200 OK 272 B URL GET HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://discord.gg/sPYNCpZZQ8&size=16
IP 142.250.74.68:443
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Hash af4a6e77ef9e27d3503edd196a0d1abe
99630a73d3d2f80b993621cc2783088634d4df2d
43a6549949cfd02dec4221b8e59f3ab582729da2dffa91cca116777b88b3edd2
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://discord.gg/sPYNCpZZQ8&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://surl.li/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://assets-global.website-files.com/6257adef93867e50d84d30e2/62fddf0fde45a8baedcc7ee5_847541504914fd33810e70a0ea73177e%20(2)-1.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 272
date: Thu, 25 Apr 2024 16:44:21 GMT
expires: Thu, 02 May 2024 16:44:21 GMT
cache-control: public, max-age=604800
last-modified: Fri, 19 Aug 2022 02:09:42 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
surl.li/getMetaInfo
104.26.5.19200 OK 3.6 kB IP 104.26.5.19:443
Certificate IssuerGoogle Trust Services LLC
Subjectsurl.li
Fingerprint4A:8A:47:88:45:49:9E:79:20:E2:25:13:21:0D:14:FD:40:9F:73:38
ValiditySat, 30 Mar 2024 17:55:26 GMT - Fri, 28 Jun 2024 17:55:25 GMT
Hash abb02e44c5c97a5314f4717d211ea6a1
4c1898e3421c67a1475b1888cbd8ec3f9e84e26c
3cd17a0f322d2e6d19db0da516cdbb624746cc1da6d9c137e88e04100bbf5341
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /getMetaInfo HTTP/1.1
Host: surl.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRF-TOKEN: nIPAasILgZ17O3wfiESqYxhiGJvEWZk8DKx2bJyP
X-Requested-With: XMLHttpRequest
Content-Length: 41
Origin: https://surl.li
DNT: 1
Connection: keep-alive
Referer: https://surl.li/sscpp
Cookie: XSRF-TOKEN=eyJpdiI6ImFnS2J1RXRWNEN1R3YwTWNvUzEweXc9PSIsInZhbHVlIjoiYUt1ZFNqRFRXVzlvNXJqcisybmtFK2krL1R1UnhVOU5FdEkzalVpWjF0WjdaR2drOC9vdGhWY1dKQXdTMmQ2VWQrN2tiVVh1OWN5VVpkeVZ2My9yenphbmlaZkc2NTdGUVJwQjcvZjlkZVV3eC94RHd6T1dVMm5ZeXpONkI4MTUiLCJtYWMiOiJmOGEwNzNhYmZmMTMwNzc3OTYzYzNjMzVhZWI0ZGU2MjZiZTQxY2FiYjc5NmNkODkxZGVkYTE4NTExOWExMmI3IiwidGFnIjoiIn0%3D; surli_application_session=eyJpdiI6IllIK2ljRUhSQVlsSmlBQiszanBVeGc9PSIsInZhbHVlIjoiTG9JNXNCcVh1ZmlzQnNpelZrUytKWHVOUWlMcCtKdmlZQStMazVqNUtqQUpQVm5QNGMrT25MQTN0QThycUpXYlFjNGo1WlpzM0ZHTGRhTmZyVnJnQWdNclk0Z2oxcCt4NVM3WURZRHp0UUlaY2tDUVlsK0dxVHdaZlQ1MDJNQ0wiLCJtYWMiOiIyOWNjZDNkNWUzNDAxNTkxZjNiOGE0ODA1ZDc3MDAzM2QxOGI3MDZkY2M5YmJlMGMyY2Q1ODIwYmZkYmQ3Mzc2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:44:22 GMT
content-type: application/json
x-powered-by: PHP/8.2.15
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkNLODV4WDA1Z0pQVnRHMlVzYjJ1THc9PSIsInZhbHVlIjoiMDRvTE01SHdzZE5vY2J3dUR2MStiR1BaWTRxSVUzVDZXVW51ZEUxYTQyNi8vM3JmWE4rSTlMZUtWTVllbGRMSzIvMWFkTEVjVzFySXVuSUt1bFVZODBlbGFVZURsQ2JncjI0MzlpN29zV0w5Vm9tMWFPOTk3NnpuOGZMNVhjU0IiLCJtYWMiOiIwMTdlZmFjNmJiZTRlMWUxYThjMDIzNGQ4YjQxM2EyOWQwMGVhZWNlYjk3NjFjNDM4ZDczOTRiZDY2YzZkOWQzIiwidGFnIjoiIn0%3D; expires=Thu, 25 Apr 2024 18:44:22 GMT; Max-Age=7200; path=/; secure; samesite=lax
surli_application_session=eyJpdiI6IjRiU3UzMTdqWGpvQVp0OFB2dFY1QVE9PSIsInZhbHVlIjoiczhZMjhtQmlQbDRhcjZqSi9hVmVrT21rNGFKSXZzYkFzU2FBcWpTTFRMbWE4SDkzSHJyM0QwYVR0elFTY3FtQlVmRlZyRFptcWFQK1UzVFJKYUpCNXp0M2VLdkFvOUZKTTl2RVNONlJVZktUNFd2MmpkVWNpQktBcTBqTUxJWDIiLCJtYWMiOiIxMGQ3YjYxN2FjNTFlN2E0ZTgyZjVlMTM2MzFmZmIyZDVkMjIxNmY2Y2IyNDlmYjlmZGY2MTVhYjg4ZWE2ZWQyIiwidGFnIjoiIn0%3D; expires=Thu, 25 Apr 2024 18:44:22 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=12%2F78HbpzMPXmHs4Zi0xrII%2FkLeJbtF5fropqYNhylveCFOe%2BGenagKZc9R8nMKiw9Pg5jScWdDOG7znAzE6vLzcln31AHdTYqKHSS91I0OL2z7feYx1H54%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879fcc18cb19b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
104.26.5.19200 OK 13 kB URL User Request GET HTTP/2 IP 104.26.5.19:443
Certificate IssuerGoogle Trust Services LLC
Subjectsurl.li
Fingerprint4A:8A:47:88:45:49:9E:79:20:E2:25:13:21:0D:14:FD:40:9F:73:38
ValiditySat, 30 Mar 2024 17:55:26 GMT - Fri, 28 Jun 2024 17:55:25 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sscpp HTTP/1.1
Host: surl.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:44:20 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/8.2.15
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImFnS2J1RXRWNEN1R3YwTWNvUzEweXc9PSIsInZhbHVlIjoiYUt1ZFNqRFRXVzlvNXJqcisybmtFK2krL1R1UnhVOU5FdEkzalVpWjF0WjdaR2drOC9vdGhWY1dKQXdTMmQ2VWQrN2tiVVh1OWN5VVpkeVZ2My9yenphbmlaZkc2NTdGUVJwQjcvZjlkZVV3eC94RHd6T1dVMm5ZeXpONkI4MTUiLCJtYWMiOiJmOGEwNzNhYmZmMTMwNzc3OTYzYzNjMzVhZWI0ZGU2MjZiZTQxY2FiYjc5NmNkODkxZGVkYTE4NTExOWExMmI3IiwidGFnIjoiIn0%3D; expires=Thu, 25 Apr 2024 18:44:20 GMT; Max-Age=7200; path=/; secure; samesite=lax
surli_application_session=eyJpdiI6IllIK2ljRUhSQVlsSmlBQiszanBVeGc9PSIsInZhbHVlIjoiTG9JNXNCcVh1ZmlzQnNpelZrUytKWHVOUWlMcCtKdmlZQStMazVqNUtqQUpQVm5QNGMrT25MQTN0QThycUpXYlFjNGo1WlpzM0ZHTGRhTmZyVnJnQWdNclk0Z2oxcCt4NVM3WURZRHp0UUlaY2tDUVlsK0dxVHdaZlQ1MDJNQ0wiLCJtYWMiOiIyOWNjZDNkNWUzNDAxNTkxZjNiOGE0ODA1ZDc3MDAzM2QxOGI3MDZkY2M5YmJlMGMyY2Q1ODIwYmZkYmQ3Mzc2IiwidGFnIjoiIn0%3D; expires=Thu, 25 Apr 2024 18:44:20 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yGZYVqv%2F%2BhnVzCN6IicN96zOu2Qckyzt8ejm%2Flgqyi44GE3JFMx54pATv7XqEaPaAeSyMG9vOqHtPqlQ540NCY6iVbCg3RkAD4tPFnK61c7WpisR0apUQY0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879fcc150f74b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
surl.li/fonts/roboto/Roboto-Regular.ttf
104.26.5.19200 OK 130 kB URL GET HTTP/2 surl.li/fonts/roboto/Roboto-Regular.ttf
IP 104.26.5.19:443
Certificate IssuerGoogle Trust Services LLC
Subjectsurl.li
Fingerprint4A:8A:47:88:45:49:9E:79:20:E2:25:13:21:0D:14:FD:40:9F:73:38
ValiditySat, 30 Mar 2024 17:55:26 GMT - Fri, 28 Jun 2024 17:55:25 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-Regularhtt
Size 130 kB (129584 bytes)
Hash afe8eacfc0903cc0612dc696881f0480
ba879317acdc045b8fa78cb8f948650627d0477c
7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /fonts/roboto/Roboto-Regular.ttf HTTP/1.1
Host: surl.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://surl.li/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6ImFnS2J1RXRWNEN1R3YwTWNvUzEweXc9PSIsInZhbHVlIjoiYUt1ZFNqRFRXVzlvNXJqcisybmtFK2krL1R1UnhVOU5FdEkzalVpWjF0WjdaR2drOC9vdGhWY1dKQXdTMmQ2VWQrN2tiVVh1OWN5VVpkeVZ2My9yenphbmlaZkc2NTdGUVJwQjcvZjlkZVV3eC94RHd6T1dVMm5ZeXpONkI4MTUiLCJtYWMiOiJmOGEwNzNhYmZmMTMwNzc3OTYzYzNjMzVhZWI0ZGU2MjZiZTQxY2FiYjc5NmNkODkxZGVkYTE4NTExOWExMmI3IiwidGFnIjoiIn0%3D; surli_application_session=eyJpdiI6IllIK2ljRUhSQVlsSmlBQiszanBVeGc9PSIsInZhbHVlIjoiTG9JNXNCcVh1ZmlzQnNpelZrUytKWHVOUWlMcCtKdmlZQStMazVqNUtqQUpQVm5QNGMrT25MQTN0QThycUpXYlFjNGo1WlpzM0ZHTGRhTmZyVnJnQWdNclk0Z2oxcCt4NVM3WURZRHp0UUlaY2tDUVlsK0dxVHdaZlQ1MDJNQ0wiLCJtYWMiOiIyOWNjZDNkNWUzNDAxNTkxZjNiOGE0ODA1ZDc3MDAzM2QxOGI3MDZkY2M5YmJlMGMyY2Q1ODIwYmZkYmQ3Mzc2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:44:21 GMT
content-type: application/octet-stream
content-length: 129584
last-modified: Thu, 18 Apr 2024 14:47:33 GMT
etag: "66213285-1fa30"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5261
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RK7mjOnn%2BDxtrE7yg81vzv7QMpI%2Bgv0YwNM%2FaAH66gKcXg%2BFxYVgdH4efMNCTj5pJbvztaxgK8vr53tD8wpfHvajGmf4DklnEunv8g%2BK54e1%2Bsrs3NOXqCk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879fcc17ca01b50f-OSL
X-Firefox-Spdy: h2
surl.li/css/app.css
104.26.5.19200 OK 162 kB IP 104.26.5.19:443
Certificate IssuerGoogle Trust Services LLC
Subjectsurl.li
Fingerprint4A:8A:47:88:45:49:9E:79:20:E2:25:13:21:0D:14:FD:40:9F:73:38
ValiditySat, 30 Mar 2024 17:55:26 GMT - Fri, 28 Jun 2024 17:55:25 GMT
Size 162 kB (162128 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /css/app.css HTTP/1.1
Host: surl.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://surl.li/sscpp
Cookie: XSRF-TOKEN=eyJpdiI6ImFnS2J1RXRWNEN1R3YwTWNvUzEweXc9PSIsInZhbHVlIjoiYUt1ZFNqRFRXVzlvNXJqcisybmtFK2krL1R1UnhVOU5FdEkzalVpWjF0WjdaR2drOC9vdGhWY1dKQXdTMmQ2VWQrN2tiVVh1OWN5VVpkeVZ2My9yenphbmlaZkc2NTdGUVJwQjcvZjlkZVV3eC94RHd6T1dVMm5ZeXpONkI4MTUiLCJtYWMiOiJmOGEwNzNhYmZmMTMwNzc3OTYzYzNjMzVhZWI0ZGU2MjZiZTQxY2FiYjc5NmNkODkxZGVkYTE4NTExOWExMmI3IiwidGFnIjoiIn0%3D; surli_application_session=eyJpdiI6IllIK2ljRUhSQVlsSmlBQiszanBVeGc9PSIsInZhbHVlIjoiTG9JNXNCcVh1ZmlzQnNpelZrUytKWHVOUWlMcCtKdmlZQStMazVqNUtqQUpQVm5QNGMrT25MQTN0QThycUpXYlFjNGo1WlpzM0ZHTGRhTmZyVnJnQWdNclk0Z2oxcCt4NVM3WURZRHp0UUlaY2tDUVlsK0dxVHdaZlQ1MDJNQ0wiLCJtYWMiOiIyOWNjZDNkNWUzNDAxNTkxZjNiOGE0ODA1ZDc3MDAzM2QxOGI3MDZkY2M5YmJlMGMyY2Q1ODIwYmZkYmQ3Mzc2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:44:20 GMT
content-type: text/css
last-modified: Tue, 09 Apr 2024 12:14:36 GMT
etag: W/"6615312c-27950"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1710
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oc6p%2FzXbnawT6dMn%2Buo4vUqOTa6UWSBC%2Fs4w4Iif8ZEW%2FCx4PCs4%2FxB7u5wKLwndxuhhaw5bTVjHG2512Ojf%2BOqqNXS4EV%2BwGeUjieHSZCUnO1v%2BNM4Lhhk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879fcc17296bb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
surl.li/js/app.js
104.26.5.19200 OK 191 kB IP 104.26.5.19:443
Certificate IssuerGoogle Trust Services LLC
Subjectsurl.li
Fingerprint4A:8A:47:88:45:49:9E:79:20:E2:25:13:21:0D:14:FD:40:9F:73:38
ValiditySat, 30 Mar 2024 17:55:26 GMT - Fri, 28 Jun 2024 17:55:25 GMT
Size 191 kB (190893 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/app.js HTTP/1.1
Host: surl.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://surl.li/sscpp
Cookie: XSRF-TOKEN=eyJpdiI6ImFnS2J1RXRWNEN1R3YwTWNvUzEweXc9PSIsInZhbHVlIjoiYUt1ZFNqRFRXVzlvNXJqcisybmtFK2krL1R1UnhVOU5FdEkzalVpWjF0WjdaR2drOC9vdGhWY1dKQXdTMmQ2VWQrN2tiVVh1OWN5VVpkeVZ2My9yenphbmlaZkc2NTdGUVJwQjcvZjlkZVV3eC94RHd6T1dVMm5ZeXpONkI4MTUiLCJtYWMiOiJmOGEwNzNhYmZmMTMwNzc3OTYzYzNjMzVhZWI0ZGU2MjZiZTQxY2FiYjc5NmNkODkxZGVkYTE4NTExOWExMmI3IiwidGFnIjoiIn0%3D; surli_application_session=eyJpdiI6IllIK2ljRUhSQVlsSmlBQiszanBVeGc9PSIsInZhbHVlIjoiTG9JNXNCcVh1ZmlzQnNpelZrUytKWHVOUWlMcCtKdmlZQStMazVqNUtqQUpQVm5QNGMrT25MQTN0QThycUpXYlFjNGo1WlpzM0ZHTGRhTmZyVnJnQWdNclk0Z2oxcCt4NVM3WURZRHp0UUlaY2tDUVlsK0dxVHdaZlQ1MDJNQ0wiLCJtYWMiOiIyOWNjZDNkNWUzNDAxNTkxZjNiOGE0ODA1ZDc3MDAzM2QxOGI3MDZkY2M5YmJlMGMyY2Q1ODIwYmZkYmQ3Mzc2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:44:21 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 17 Jan 2024 14:23:01 GMT
etag: W/"65a7e2c5-2e9ad"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1711
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B1fKHZIslyioUdntKbWp6SSzSH69uqk02SeVNpeHjMFpgWXGe8U%2Fsmuf94MFNeglVB1uN1xp%2BGYcyYcJlvR08D%2BHJOMw1eFuAT1NkN6VVSWV0oPFFYj5K9U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879fcc174989b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
surl.li/js/preview.js
104.26.5.19200 OK 90 kB IP 104.26.5.19:443
Certificate IssuerGoogle Trust Services LLC
Subjectsurl.li
Fingerprint4A:8A:47:88:45:49:9E:79:20:E2:25:13:21:0D:14:FD:40:9F:73:38
ValiditySat, 30 Mar 2024 17:55:26 GMT - Fri, 28 Jun 2024 17:55:25 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/preview.js HTTP/1.1
Host: surl.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://surl.li/sscpp
Cookie: XSRF-TOKEN=eyJpdiI6ImFnS2J1RXRWNEN1R3YwTWNvUzEweXc9PSIsInZhbHVlIjoiYUt1ZFNqRFRXVzlvNXJqcisybmtFK2krL1R1UnhVOU5FdEkzalVpWjF0WjdaR2drOC9vdGhWY1dKQXdTMmQ2VWQrN2tiVVh1OWN5VVpkeVZ2My9yenphbmlaZkc2NTdGUVJwQjcvZjlkZVV3eC94RHd6T1dVMm5ZeXpONkI4MTUiLCJtYWMiOiJmOGEwNzNhYmZmMTMwNzc3OTYzYzNjMzVhZWI0ZGU2MjZiZTQxY2FiYjc5NmNkODkxZGVkYTE4NTExOWExMmI3IiwidGFnIjoiIn0%3D; surli_application_session=eyJpdiI6IllIK2ljRUhSQVlsSmlBQiszanBVeGc9PSIsInZhbHVlIjoiTG9JNXNCcVh1ZmlzQnNpelZrUytKWHVOUWlMcCtKdmlZQStMazVqNUtqQUpQVm5QNGMrT25MQTN0QThycUpXYlFjNGo1WlpzM0ZHTGRhTmZyVnJnQWdNclk0Z2oxcCt4NVM3WURZRHp0UUlaY2tDUVlsK0dxVHdaZlQ1MDJNQ0wiLCJtYWMiOiIyOWNjZDNkNWUzNDAxNTkxZjNiOGE0ODA1ZDc3MDAzM2QxOGI3MDZkY2M5YmJlMGMyY2Q1ODIwYmZkYmQ3Mzc2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:44:21 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 17 Jan 2024 14:23:01 GMT
etag: W/"65a7e2c5-160f5"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1711
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yWwQR37lAgLLikfXIJg08iMsI%2FtOUXnfsSBL6xANPUEkjvYygX6Qgisca6pVDLvZX2U%2Bp7yqQhP540InHBdIXcuv%2BIhpNc8AbVNmwFWCuXdJoBVEn8einqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879fcc17498ab50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
surl.li/img/favicon.ico
104.26.5.19200 OK 15 kB IP 104.26.5.19:443
Certificate IssuerGoogle Trust Services LLC
Subjectsurl.li
Fingerprint4A:8A:47:88:45:49:9E:79:20:E2:25:13:21:0D:14:FD:40:9F:73:38
ValiditySat, 30 Mar 2024 17:55:26 GMT - Fri, 28 Jun 2024 17:55:25 GMT
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Hash ec9741289f19f212fd2ffb2dda1df05c
9b97a75a795b848f086f75db50903dd15954a573
13c9447a56e92641eff376880ff848e6e8e25719f721421f9b276a9b152753d4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img/favicon.ico HTTP/1.1
Host: surl.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://surl.li/sscpp
Cookie: XSRF-TOKEN=eyJpdiI6Im05UWcxMzFzblF1ZTdyTVVMQTRWMFE9PSIsInZhbHVlIjoiaExUZ2JEUFdiSERyWjdWb3lQd3F6RHRkOUR4RVBsdUhqdTVwYkxjUURub1lFWmIzTXFrMDcxYmM3V0hMNkV2c3BVdmh4cXBuSncrc3E5N2Y5R0VvcEsrNDk0c1JnS0MvR2UyL2hPZGJLWUlkVk1taHZpbXRKRjhKcFZTeVlhL1UiLCJtYWMiOiI3N2M0ZDkzMGM0NjE4ODZjMzUyZjc4NjBlNzQ1NWI5Y2NhMWZlMmE0NDRhNDExYzY2NjJhOGZlYTMxODJhZjFhIiwidGFnIjoiIn0%3D; surli_application_session=eyJpdiI6InBKY0R6TjYydmFMVzdDSUlCT29Fa2c9PSIsInZhbHVlIjoidDU0N2FUMTBMRTJhRGQ3bkMwVVNKcGRMZTFyUUkxbVBYbkozcDFpT3BPeE8vOEoxZXNTcFJHMUxRZER0SitBZjZYaE1DeEJSUVExUlZ4YzUzd1B1TWZ6OE54QStyZ1RwNllxNkU4RXBQYWJvS3FVQ1diQjhBOFhvRDFxMHFvVm4iLCJtYWMiOiJlM2Q5ZGI0ZWRkM2Y1OTVlNzNjMzRkNTNkY2Q2ZDI3ZGFlZDVkOTM1MWMxMDRhM2RiMjhiYTA4OWY2NWVmNDFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:44:21 GMT
content-type: image/x-icon
last-modified: Thu, 18 Apr 2024 14:47:33 GMT
etag: W/"66213285-3aee"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 1709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2B15gwQtRzkboUl2w%2BXNYT%2B7%2FDRhBBLWLk2S5zc923TFhzdesghywHor95FYkOM8wz4oQi%2F%2Fny7yZZbFJvI%2FJDqsKfTlun%2F5%2FvoGbMQX8vUxw2Hn5uC%2FLWs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879fcc1b4dc4b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
surl.li/fonts/rubik/Rubik-Medium.ttf
104.26.5.19200 OK 116 kB URL GET HTTP/2 surl.li/fonts/rubik/Rubik-Medium.ttf
IP 104.26.5.19:443
Certificate IssuerGoogle Trust Services LLC
Subjectsurl.li
Fingerprint4A:8A:47:88:45:49:9E:79:20:E2:25:13:21:0D:14:FD:40:9F:73:38
ValiditySat, 30 Mar 2024 17:55:26 GMT - Fri, 28 Jun 2024 17:55:25 GMT
File type TrueType Font data, 16 tables, 1st "GDEF", 14 names, Microsoft, language 0x409
Size 116 kB (116056 bytes)
Hash 4dd3023b03ba2b68d4b9da9176b7285a
d734c149587c12d9083c03bc90009c84b52aec78
ce40d27c6c90b990229510c46115ec852237276e1aa09cdebffc6ae085b1d1e2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /fonts/rubik/Rubik-Medium.ttf HTTP/1.1
Host: surl.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://surl.li/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6ImFnS2J1RXRWNEN1R3YwTWNvUzEweXc9PSIsInZhbHVlIjoiYUt1ZFNqRFRXVzlvNXJqcisybmtFK2krL1R1UnhVOU5FdEkzalVpWjF0WjdaR2drOC9vdGhWY1dKQXdTMmQ2VWQrN2tiVVh1OWN5VVpkeVZ2My9yenphbmlaZkc2NTdGUVJwQjcvZjlkZVV3eC94RHd6T1dVMm5ZeXpONkI4MTUiLCJtYWMiOiJmOGEwNzNhYmZmMTMwNzc3OTYzYzNjMzVhZWI0ZGU2MjZiZTQxY2FiYjc5NmNkODkxZGVkYTE4NTExOWExMmI3IiwidGFnIjoiIn0%3D; surli_application_session=eyJpdiI6IllIK2ljRUhSQVlsSmlBQiszanBVeGc9PSIsInZhbHVlIjoiTG9JNXNCcVh1ZmlzQnNpelZrUytKWHVOUWlMcCtKdmlZQStMazVqNUtqQUpQVm5QNGMrT25MQTN0QThycUpXYlFjNGo1WlpzM0ZHTGRhTmZyVnJnQWdNclk0Z2oxcCt4NVM3WURZRHp0UUlaY2tDUVlsK0dxVHdaZlQ1MDJNQ0wiLCJtYWMiOiIyOWNjZDNkNWUzNDAxNTkxZjNiOGE0ODA1ZDc3MDAzM2QxOGI3MDZkY2M5YmJlMGMyY2Q1ODIwYmZkYmQ3Mzc2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:44:21 GMT
content-type: application/octet-stream
content-length: 116056
last-modified: Thu, 18 Apr 2024 14:47:33 GMT
etag: "66213285-1c558"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5261
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VHBZIkHo2UXNUjOyDAoNy8zNq9HSSxUCP18LRHyX%2Bj24sTfpD6vxWquep5FXGHdz4NbQ3Yg%2BGb54ODb%2FZb2ODKQfa1RM0F%2FizxIHv21mOm25r7ta96fc3XI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879fcc17ca1db50f-OSL
X-Firefox-Spdy: h2
surl.li/getPreview
104.26.5.19200 OK 100 B IP 104.26.5.19:443
Certificate IssuerGoogle Trust Services LLC
Subjectsurl.li
Fingerprint4A:8A:47:88:45:49:9E:79:20:E2:25:13:21:0D:14:FD:40:9F:73:38
ValiditySat, 30 Mar 2024 17:55:26 GMT - Fri, 28 Jun 2024 17:55:25 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 90e6e761c6238277b63f27fafe7063c8
16aaff0f45bb51b0e591b863d8654591a91e1b40
fdad768cd2e5920a3e6cd233258bf74df54ea38ba3fcc4972c52c060db250777
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /getPreview HTTP/1.1
Host: surl.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRF-TOKEN: nIPAasILgZ17O3wfiESqYxhiGJvEWZk8DKx2bJyP
X-Requested-With: XMLHttpRequest
Content-Length: 41
Origin: https://surl.li
DNT: 1
Connection: keep-alive
Referer: https://surl.li/sscpp
Cookie: XSRF-TOKEN=eyJpdiI6ImFnS2J1RXRWNEN1R3YwTWNvUzEweXc9PSIsInZhbHVlIjoiYUt1ZFNqRFRXVzlvNXJqcisybmtFK2krL1R1UnhVOU5FdEkzalVpWjF0WjdaR2drOC9vdGhWY1dKQXdTMmQ2VWQrN2tiVVh1OWN5VVpkeVZ2My9yenphbmlaZkc2NTdGUVJwQjcvZjlkZVV3eC94RHd6T1dVMm5ZeXpONkI4MTUiLCJtYWMiOiJmOGEwNzNhYmZmMTMwNzc3OTYzYzNjMzVhZWI0ZGU2MjZiZTQxY2FiYjc5NmNkODkxZGVkYTE4NTExOWExMmI3IiwidGFnIjoiIn0%3D; surli_application_session=eyJpdiI6IllIK2ljRUhSQVlsSmlBQiszanBVeGc9PSIsInZhbHVlIjoiTG9JNXNCcVh1ZmlzQnNpelZrUytKWHVOUWlMcCtKdmlZQStMazVqNUtqQUpQVm5QNGMrT25MQTN0QThycUpXYlFjNGo1WlpzM0ZHTGRhTmZyVnJnQWdNclk0Z2oxcCt4NVM3WURZRHp0UUlaY2tDUVlsK0dxVHdaZlQ1MDJNQ0wiLCJtYWMiOiIyOWNjZDNkNWUzNDAxNTkxZjNiOGE0ODA1ZDc3MDAzM2QxOGI3MDZkY2M5YmJlMGMyY2Q1ODIwYmZkYmQ3Mzc2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:44:21 GMT
content-type: application/json
x-powered-by: PHP/8.2.15
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Im05UWcxMzFzblF1ZTdyTVVMQTRWMFE9PSIsInZhbHVlIjoiaExUZ2JEUFdiSERyWjdWb3lQd3F6RHRkOUR4RVBsdUhqdTVwYkxjUURub1lFWmIzTXFrMDcxYmM3V0hMNkV2c3BVdmh4cXBuSncrc3E5N2Y5R0VvcEsrNDk0c1JnS0MvR2UyL2hPZGJLWUlkVk1taHZpbXRKRjhKcFZTeVlhL1UiLCJtYWMiOiI3N2M0ZDkzMGM0NjE4ODZjMzUyZjc4NjBlNzQ1NWI5Y2NhMWZlMmE0NDRhNDExYzY2NjJhOGZlYTMxODJhZjFhIiwidGFnIjoiIn0%3D; expires=Thu, 25 Apr 2024 18:44:21 GMT; Max-Age=7200; path=/; secure; samesite=lax
surli_application_session=eyJpdiI6InBKY0R6TjYydmFMVzdDSUlCT29Fa2c9PSIsInZhbHVlIjoidDU0N2FUMTBMRTJhRGQ3bkMwVVNKcGRMZTFyUUkxbVBYbkozcDFpT3BPeE8vOEoxZXNTcFJHMUxRZER0SitBZjZYaE1DeEJSUVExUlZ4YzUzd1B1TWZ6OE54QStyZ1RwNllxNkU4RXBQYWJvS3FVQ1diQjhBOFhvRDFxMHFvVm4iLCJtYWMiOiJlM2Q5ZGI0ZWRkM2Y1OTVlNzNjMzRkNTNkY2Q2ZDI3ZGFlZDVkOTM1MWMxMDRhM2RiMjhiYTA4OWY2NWVmNDFhIiwidGFnIjoiIn0%3D; expires=Thu, 25 Apr 2024 18:44:21 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z3Yw9nLz%2B4Hhp5Z0a%2FpsOIxlwenkbUralpLD%2BWrDZ6MpYPFOmq1qrc5qOO2BoTqU1qh97k6WRxFY0S28hD4ca6yCoTQv7mcUNmz01ZqHLAqA8aECkl%2BkAWM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879fcc18cb16b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
surl.li/fonts/NunitoSans-Regular.ttf?a427ddbe4dc20889d6e0ac752dce4bea
104.26.5.19200 OK 139 kB URL GET HTTP/2 surl.li/fonts/NunitoSans-Regular.ttf?a427ddbe4dc20889d6e0ac752dce4bea
IP 104.26.5.19:443
Certificate IssuerGoogle Trust Services LLC
Subjectsurl.li
Fingerprint4A:8A:47:88:45:49:9E:79:20:E2:25:13:21:0D:14:FD:40:9F:73:38
ValiditySat, 30 Mar 2024 17:55:26 GMT - Fri, 28 Jun 2024 17:55:25 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2016 The Nunito Sans Project Authors (https://github.com/Fonthausen/NunitoSans)Nunito
Size 139 kB (139168 bytes)
Hash 4dac705158fb1ca226d583b3829f82a0
771b9299e1d5d4239c032c7d4243a6f9343f89c4
7acb3e456d98d55be401bb07a32c9cb04e074de37bd58932b11bcf0fe9f59ab0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /fonts/NunitoSans-Regular.ttf?a427ddbe4dc20889d6e0ac752dce4bea HTTP/1.1
Host: surl.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://surl.li/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6ImFnS2J1RXRWNEN1R3YwTWNvUzEweXc9PSIsInZhbHVlIjoiYUt1ZFNqRFRXVzlvNXJqcisybmtFK2krL1R1UnhVOU5FdEkzalVpWjF0WjdaR2drOC9vdGhWY1dKQXdTMmQ2VWQrN2tiVVh1OWN5VVpkeVZ2My9yenphbmlaZkc2NTdGUVJwQjcvZjlkZVV3eC94RHd6T1dVMm5ZeXpONkI4MTUiLCJtYWMiOiJmOGEwNzNhYmZmMTMwNzc3OTYzYzNjMzVhZWI0ZGU2MjZiZTQxY2FiYjc5NmNkODkxZGVkYTE4NTExOWExMmI3IiwidGFnIjoiIn0%3D; surli_application_session=eyJpdiI6IllIK2ljRUhSQVlsSmlBQiszanBVeGc9PSIsInZhbHVlIjoiTG9JNXNCcVh1ZmlzQnNpelZrUytKWHVOUWlMcCtKdmlZQStMazVqNUtqQUpQVm5QNGMrT25MQTN0QThycUpXYlFjNGo1WlpzM0ZHTGRhTmZyVnJnQWdNclk0Z2oxcCt4NVM3WURZRHp0UUlaY2tDUVlsK0dxVHdaZlQ1MDJNQ0wiLCJtYWMiOiIyOWNjZDNkNWUzNDAxNTkxZjNiOGE0ODA1ZDc3MDAzM2QxOGI3MDZkY2M5YmJlMGMyY2Q1ODIwYmZkYmQ3Mzc2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:44:21 GMT
content-type: application/octet-stream
content-length: 139168
last-modified: Thu, 18 Apr 2024 14:47:33 GMT
etag: "66213285-21fa0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 5261
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGqMzpsPMAnbjR6uLrVhV%2BB1j6kCgeNg%2F2AGYKJMIvBxq%2BWl6%2FZMiNmwTYWWa0mQZOnr9lxZJzLSApsgIq%2F%2B7dSDxvLAvUjaT0KuCVw4YAiviZUngKNlzJ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879fcc17b9f9b50f-OSL
X-Firefox-Spdy: h2