Report - safe.sur.ly/i/rotatemyads.net/?sofiahalbof

Report Overview

Visited public
2025-02-08 18:54:20
Tags
URL
safe.sur.ly/i/rotatemyads.net/?sofiahalbof
Finishing URL
safe.sur.ly/i/rotatemyads.net/?sofiahalbof
IP / ASN
54.173.41.122
#14618 AMAZON-AES
Title
rotatemyads

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.sur.ly	167578	2008-08-11	2015-11-05	2025-01-29	5.2 kB	166 kB	188.114.96.1
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-02-05	430 B	114 kB	142.250.74.168
sur.ly	76343	2008-08-11	2012-12-27	2025-02-07	4.0 kB	3.0 kB	54.173.41.122
rotatemyads.net	unknown	2016-05-24	2017-02-25	2025-01-13	1.4 kB	0 B	0.0.0.0
safe.sur.ly	unknown	2008-08-11	2023-09-26	2025-02-07	1.2 kB	17 kB	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (19)

	URL	From	Size	First Seen	Last Seen
	safe.sur.ly/i/rotatemyads.net/?sofiahalbof	ScriptElement	162 B	2023-03-07	2025-05-03
Pretty URL safe.sur.ly/i/rotatemyads.net/?sofiahalbof IP 54.173.41.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:59 Last Seen2025-05-03 00:38 Times Seen108 Hash c326c4ce84615d4f58e0f4497c9ed65a 1a6311d1e33b361c4c6c429e7b6435cef53805cc 0caffb05b3b5148a6a868341112fd9650a25c1fb742e8052c50c6b0a4cd938ba Loading...

	cdn.sur.ly/js/device.js	ScriptElement	2.6 kB	2023-03-07	2025-05-03
Pretty URL cdn.sur.ly/js/device.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59 Last Seen2025-05-03 00:38 Times Seen115 Hash 1bed29a99c55c9b9f50233c2642f0d57 bbeaeca88daec22dcd5b28f937e8b5903dca946f 99bfdf3fec5f85f15ff7eab703567df493fd816c9f5def19324ad81e3c3da40d Loading...

	cdn.sur.ly/js/panel.js	ScriptElement	2.2 kB	2023-03-07	2025-05-03
Pretty URL cdn.sur.ly/js/panel.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59 Last Seen2025-05-03 00:38 Times Seen108 Hash 7504f50af78b9394632e70a787b0a563 9b357f37f273fdbe528b0e11ebaeb46ede015a4b baba3988b5be911a40b685194ebb47eacfdd29ff65c6ca357974c57c5e10c8fa Loading...

	cdn.sur.ly/desktop/js/desktop.js	ScriptElement	5.5 kB	2023-03-07	2025-05-03
Pretty URL cdn.sur.ly/desktop/js/desktop.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59 Last Seen2025-05-03 00:38 Times Seen111 Hash 3a2abcf00b2f17e53a90d43c80c02341 f2efb0ac3609a64a53e6f35b841176766c0b50b9 687aa3f2e902b02283d9a08521b7d77314cd2c7a1c921006974c8e40382bae08 Loading...

	safe.sur.ly/i/rotatemyads.net/?sofiahalbof	ScriptElement	28 B	2023-03-07	2025-05-03
Pretty URL safe.sur.ly/i/rotatemyads.net/?sofiahalbof IP 54.173.41.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:59 Last Seen2025-05-03 00:38 Times Seen92 Hash 903965efff52a336bfc6febda6f7890a a612fc1f8b8232c26ef2f17988092a8c4aaed913 c56ed7d20a3ed4cb78de3033696199af3bee73f4544ae13fb1f62e02b6505d53 Loading...

	safe.sur.ly/i/rotatemyads.net/?sofiahalbof	ScriptElement	852 B	2023-03-07	2025-05-03
Pretty URL safe.sur.ly/i/rotatemyads.net/?sofiahalbof IP 54.173.41.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:59 Last Seen2025-05-03 00:38 Times Seen113 Hash e9d2f2bd44a49a22497f1df03cb6ae61 99f0b0864bbad3f31c34fb94fb228594466a4f5f f7a09aadfb692f6606d838e50168a81da2851777b80ff72f67efef1d5feb6031 Loading...

	safe.sur.ly/i/rotatemyads.net/?sofiahalbof	ScriptElement	73 B	2023-03-07	2025-05-03
Pretty URL safe.sur.ly/i/rotatemyads.net/?sofiahalbof IP 54.173.41.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:59 Last Seen2025-05-03 00:38 Times Seen126 Hash 58a33a21a2ae5d714757f4cdc4780b92 581fe6c916b0a39c0e01e6fcb0db993ea2aafef5 a21b8d67671c2ba5dd35338c5ea13c52157e6040a109c3e006ec867d3e8c2223 Loading...

	cdn.sur.ly/js/jquery.min.js	ScriptElement	93 kB	2023-03-07	2025-05-07
Pretty URL cdn.sur.ly/js/jquery.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12 Last Seen2025-05-07 22:59 Times Seen4044 Hash 0b6ecf17e30037994d3ffee51b525914 d09d3a99ed25d0f1fbe6856de9e14ffd33557256 f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729 Loading...

	safe.sur.ly/i/rotatemyads.net/?sofiahalbof	ScriptElement	155 B	2023-03-07	2025-05-03
Pretty URL safe.sur.ly/i/rotatemyads.net/?sofiahalbof IP 54.173.41.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:59 Last Seen2025-05-03 00:38 Times Seen108 Hash 3bd30ccdf797932d3efae33da0505df3 32414c1862259b8181d76b80258e6607439cec12 06b86bab18589e47e09191a311b19f8fdac5b632246830f9a8a1e378c151f56b Loading...

	safe.sur.ly/i/rotatemyads.net/?sofiahalbof	ScriptElement	267 B	2023-03-07	2025-05-03
Pretty URL safe.sur.ly/i/rotatemyads.net/?sofiahalbof IP 54.173.41.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:59 Last Seen2025-05-03 00:38 Times Seen103 Hash 072d224cd4cca4a6e1df408b6495b38c e28348ccc67519421e9896a2c6b8ab9441de8fc5 76959b30059d6a9e51e95ff5fe13285a72e8eb3c2de96633ce6f53284a5aabdd Loading...

	safe.sur.ly/i/rotatemyads.net/?sofiahalbof	ScriptElement	401 B	2023-03-07	2025-05-03
Pretty URL safe.sur.ly/i/rotatemyads.net/?sofiahalbof IP 54.173.41.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:59 Last Seen2025-05-03 00:38 Times Seen103 Hash c19f2a288939b38d94f4905014b04a93 313631ce7fc74aaf4bd235eca06304027a849e9c 8fd3a2ff00428ee21c2422259cf7fc9d0331d875706544651fc7d90d47942b06 Loading...

	safe.sur.ly/i/rotatemyads.net/?sofiahalbof	ScriptElement	162 B	2023-03-07	2025-05-03
Pretty URL safe.sur.ly/i/rotatemyads.net/?sofiahalbof IP 54.173.41.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:59 Last Seen2025-05-03 00:38 Times Seen107 Hash 224c56e784ab4c329d95fc452791bab4 d77606017d17523df2e49183db9010d6fd1bc36f f24791bf6f6857d8478bd709a82d338d1d100597191301c272255a9936317f7a Loading...

	safe.sur.ly/i/rotatemyads.net/?sofiahalbof	ScriptElement	151 B	2023-05-01	2025-05-03
Pretty URL safe.sur.ly/i/rotatemyads.net/?sofiahalbof IP 54.173.41.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-01 09:51 Last Seen2025-05-03 00:38 Times Seen123 Hash f0bd5689b2be6a8cb81b93d3a7d1dd90 8e6484378b2f1581f9cfa9a96cdd237e08785df4 0d905809281c3fa8d894b4a439725cd6cb4cf9ee1f775201db02226685492138 Loading...

	safe.sur.ly/i/rotatemyads.net/?sofiahalbof	ScriptElement	162 B	2023-03-07	2025-05-03
Pretty URL safe.sur.ly/i/rotatemyads.net/?sofiahalbof IP 54.173.41.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:59 Last Seen2025-05-03 00:38 Times Seen107 Hash e401bfc4c77e699815d373cc91654c6b ed8447b654d3b8b6ef05410c88fe039c27a7dd48 ac093f4ab798146a923e1849eb41ef1f4c5375977a3b65e7ca455cb9d776f2c2 Loading...

	www.googletagservices.com/tag/js/gpt.js	ScriptElement	13 kB	2023-04-05	2025-05-08
Pretty URL www.googletagservices.com/tag/js/gpt.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 04:46 Last Seen2025-05-08 02:38 Times Seen39205 Hash 0c9ed134ae3d5ffe972da2a3e59dc428 620df222551395592e46e4c5f425cf23dcdad891 5f9efa604bfe2aee8c1a90376125a098306ba390530a6f9b2ecb0a67cdac178d Loading...

	safe.sur.ly/i/rotatemyads.net/sandbox%20eval%20code		136 B	2023-04-11	2025-05-08
Pretty URL safe.sur.ly/i/rotatemyads.net/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-05-08 02:38 Times Seen41366 Hash fb4eb094524daea58bf7f82331598541 f5ca39eb98fa1685f8647514a627d3d7f216f7ef 7cbf1e77bb9277bac7030ded2087246adf5c59564a5a1f28ce8c09be6ef48683 Loading...

	safe.sur.ly/i/rotatemyads.net/?sofiahalbof	ScriptElement	162 B	2023-03-07	2025-05-03
Pretty URL safe.sur.ly/i/rotatemyads.net/?sofiahalbof IP 54.173.41.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:59 Last Seen2025-05-03 00:38 Times Seen112 Hash aa33bafcf17dbcaa1c7b5232cef7a0e3 66a4a6b3646bb70dde1482df3f57fe064c1ada6d a4199e768003bebda36e5df24bfd4211c62f36ac0ad320e88da1157aa23bc627 Loading...

	www.googletagmanager.com/gtag/js?id=G-L04HQHN9RZ	ScriptElement	339 kB	2025-02-08	2025-02-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-L04HQHN9RZ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-08 18:54 Last Seen2025-02-08 18:54 Times Seen1 Hash fa9c84cf942180609dc5deb92fd55643 90b55055e53d357e22b21c0fe84afcdbea27babc 4b053fff716369399fbb1771986efc410c5e7d093d2e25ad2cf1da2c2d8fc82a Loading...

	safe.sur.ly/i/rotatemyads.net/?sofiahalbof	ScriptElement	162 B	2024-01-30	2025-05-03
Pretty URL safe.sur.ly/i/rotatemyads.net/?sofiahalbof IP 54.173.41.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-30 23:36 Last Seen2025-05-03 00:38 Times Seen99 Hash a6a00c2fd1ab09572b18b79e5f9ac053 b2a811a227b5ce210a5a1832c52d7af3f4d41937 75851f669b5c8f7061f88cf20be77d03c2232d9e2e3fb3ec3b4cc4030b16c76e Loading...

HTTP Transactions (26)

	URL	IP	Response	Size
	cdn.sur.ly/favicon_sur.ly_white_32px.png	188.114.96.1	200 OK	1.2 kB
URL GET HTTP/2 cdn.sur.ly/favicon_sur.ly_white_32px.png IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerGoogle Trust Services Subjectsur.ly Fingerprint17:2E:23:F4:D1:D3:72:DA:15:57:5C:15:19:57:02:1C:54:E7:BF:EA ValidityWed, 29 Jan 2025 22:49:29 GMT - Tue, 29 Apr 2025 23:47:50 GMT File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced Size 1.2 kB (1177 bytes) Hash 4b1c97502eb3ba360de346708a28894b d1d1896ec7c25c63815836161016644d6e6087b2 a564ec942cbcfa490ed50ea86db279f91784f5d0de8b9df0dcd7294287223252 HTTP Headers `GET /favicon_sur.ly_white_32px.png HTTP/1.1 Host: cdn.sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://safe.sur.ly/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Sat, 08 Feb 2025 18:53:56 GMT content-type: image/png content-length: 1177 last-modified: Mon, 13 Jun 2022 04:23:22 GMT etag: "62a6bbba-499" expires: Fri, 21 Feb 2025 09:10:45 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 1486031 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2Fxow3UDlIKIqkX5hBcD9IO3glOJIPOri1OICTOHs50Vh1imrpXc2i%2FczGFUvJFZMXNUsoJbCHoLL5%2Bl0FSFDM7Sb19Kci35XnJT1uzSZjWa1X57xakMpU2MQuUi"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 90edd34eda3b56b7-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=2195&min_rtt=444&rtt_var=1984&sent=8&recv=13&lost=0&retrans=0&sent_bytes=3254&recv_bytes=1396&delivery_rate=7528596&cwnd=254&unsent_bytes=0&cid=f533e79ce431db52&ts=74&x=0" X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=G-L04HQHN9RZ	142.250.74.168	200 OK	113 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-L04HQHN9RZ IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerGoogle Trust Services Subject.google-analytics.com Fingerprint18:BB:CC:69:33:72:62:2E:E5:B6:28:51:17:5B:BD:CE:CD:85:8D:B3 ValidityMon, 20 Jan 2025 08:36:04 GMT - Mon, 14 Apr 2025 08:36:03 GMT File type JavaScript source, ASCII text, with very long lines (5268) Size 113 kB (112970 bytes) Hash fa9c84cf942180609dc5deb92fd55643 90b55055e53d357e22b21c0fe84afcdbea27babc 4b053fff716369399fbb1771986efc410c5e7d093d2e25ad2cf1da2c2d8fc82a HTTP Headers `GET /gtag/js?id=G-L04HQHN9RZ HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://safe.sur.ly/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sat, 08 Feb 2025 18:53:57 GMT expires: Sat, 08 Feb 2025 18:53:57 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0 cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0 report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],} server: Google Tag Manager content-length: 112970 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdn.sur.ly/font/surly.ttf	188.114.96.1	200 OK	2.4 kB
URL GET HTTP/3 cdn.sur.ly/font/surly.ttf IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerGoogle Trust Services Subjectsur.ly Fingerprint17:2E:23:F4:D1:D3:72:DA:15:57:5C:15:19:57:02:1C:54:E7:BF:EA ValidityWed, 29 Jan 2025 22:49:29 GMT - Tue, 29 Apr 2025 23:47:50 GMT File type TrueType Font data, 13 tables, 1st "FFTM", 12 names, Macintosh, type 1 string Size 2.4 kB (2440 bytes) Hash 210ba5a80f391a507dde440730f248ce 9cbc55238682a9b21378e9a163825d718fe4a4fc 893f9fbf43e5c59e7f3fde7dc3e3596bca16a8e1e02e0972d456fba3a67cb20a HTTP Headers `GET /font/surly.ttf HTTP/1.1 Host: cdn.sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://safe.sur.ly DNT: 1 Connection: keep-alive Referer: https://cdn.sur.ly/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Sat, 08 Feb 2025 18:53:57 GMT content-type: application/octet-stream content-length: 2440 last-modified: Mon, 13 Jun 2022 04:23:22 GMT etag: "62a6bbba-988" expires: Wed, 26 Feb 2025 11:08:21 GMT cache-control: max-age=2592000 access-control-allow-origin: * cf-cache-status: HIT age: 706328 accept-ranges: bytes priority: u=4,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vrtiGVcF0bIJ79XGY4PXC9MxzAmLdGegnkM0jovXFRSPDjBWbcGtphwwNi5Q1biV%2Fi02CAFIsvuhzkdRG02U1H6p%2BSRfw0uNlrtwMJzg1eKCwN1sNYdHPlxcAj%2FL"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 90edd3513c2556c0-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=24158&min_rtt=4810&rtt_var=15624&sent=17&recv=14&lost=0&retrans=0&sent_bytes=4394&recv_bytes=1555&delivery_rate=133459&cwnd=12000&unsent_bytes=0&cid=530b1ad8ef5c46a1&ts=62&x=1", cfExtPri, cfHdrFlush;dur=0

	sur.ly/surly/images/platforms/jml.png	54.173.41.122	301 Moved Permanently	185 B
URL GET HTTP/2 sur.ly/surly/images/platforms/jml.png IP 54.173.41.122:443 ASN #14618 AMAZON-AES Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerLet's Encrypt Subjectsur.ly Fingerprint7A:CF:D7:39:47:07:F8:2B:0B:A1:C5:A9:63:D6:1A:DA:3C:51:95:CA ValidityWed, 25 Dec 2024 05:58:24 GMT - Tue, 25 Mar 2025 05:58:23 GMT File type HTML document, ASCII text, with CRLF line terminators Size 185 B (185 bytes) Hash 4c555068310076e85908835c721911f5 9ec990aabb4391e139034f68e5e657e0f1d0b74d 568b4de0ad30e85670e724dc30ccb675924353b77807356c5ad7f29c8c38f510 HTTP Headers `GET /surly/images/platforms/jml.png HTTP/1.1 Host: sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Referer: https://safe.sur.ly/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently server: nginx/1.14.2 date: Sat, 08 Feb 2025 18:53:57 GMT content-type: text/html content-length: 185 location: https://cdn.sur.ly/surly/images/platforms/jml.png referrer-policy: origin-when-cross-origin X-Firefox-Spdy: h2`

	sur.ly/surly/images/platforms/drpl.png	54.173.41.122	301 Moved Permanently	185 B
URL GET HTTP/2 sur.ly/surly/images/platforms/drpl.png IP 54.173.41.122:443 ASN #14618 AMAZON-AES Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerLet's Encrypt Subjectsur.ly Fingerprint7A:CF:D7:39:47:07:F8:2B:0B:A1:C5:A9:63:D6:1A:DA:3C:51:95:CA ValidityWed, 25 Dec 2024 05:58:24 GMT - Tue, 25 Mar 2025 05:58:23 GMT File type HTML document, ASCII text, with CRLF line terminators Size 185 B (185 bytes) Hash 4c555068310076e85908835c721911f5 9ec990aabb4391e139034f68e5e657e0f1d0b74d 568b4de0ad30e85670e724dc30ccb675924353b77807356c5ad7f29c8c38f510 HTTP Headers `GET /surly/images/platforms/drpl.png HTTP/1.1 Host: sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Referer: https://safe.sur.ly/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently server: nginx/1.14.2 date: Sat, 08 Feb 2025 18:53:57 GMT content-type: text/html content-length: 185 location: https://cdn.sur.ly/surly/images/platforms/drpl.png referrer-policy: origin-when-cross-origin X-Firefox-Spdy: h2`

	sur.ly/surly/images/platforms/php.png	54.173.41.122	301 Moved Permanently	185 B
URL GET HTTP/2 sur.ly/surly/images/platforms/php.png IP 54.173.41.122:443 ASN #14618 AMAZON-AES Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerLet's Encrypt Subjectsur.ly Fingerprint7A:CF:D7:39:47:07:F8:2B:0B:A1:C5:A9:63:D6:1A:DA:3C:51:95:CA ValidityWed, 25 Dec 2024 05:58:24 GMT - Tue, 25 Mar 2025 05:58:23 GMT File type HTML document, ASCII text, with CRLF line terminators Size 185 B (185 bytes) Hash 4c555068310076e85908835c721911f5 9ec990aabb4391e139034f68e5e657e0f1d0b74d 568b4de0ad30e85670e724dc30ccb675924353b77807356c5ad7f29c8c38f510 HTTP Headers `GET /surly/images/platforms/php.png HTTP/1.1 Host: sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Referer: https://safe.sur.ly/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently server: nginx/1.14.2 date: Sat, 08 Feb 2025 18:53:57 GMT content-type: text/html content-length: 185 location: https://cdn.sur.ly/surly/images/platforms/php.png referrer-policy: origin-when-cross-origin X-Firefox-Spdy: h2`

	sur.ly/surly/images/platforms/wp.png	54.173.41.122	301 Moved Permanently	185 B
URL GET HTTP/2 sur.ly/surly/images/platforms/wp.png IP 54.173.41.122:443 ASN #14618 AMAZON-AES Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerLet's Encrypt Subjectsur.ly Fingerprint7A:CF:D7:39:47:07:F8:2B:0B:A1:C5:A9:63:D6:1A:DA:3C:51:95:CA ValidityWed, 25 Dec 2024 05:58:24 GMT - Tue, 25 Mar 2025 05:58:23 GMT File type HTML document, ASCII text, with CRLF line terminators Size 185 B (185 bytes) Hash 4c555068310076e85908835c721911f5 9ec990aabb4391e139034f68e5e657e0f1d0b74d 568b4de0ad30e85670e724dc30ccb675924353b77807356c5ad7f29c8c38f510 HTTP Headers `GET /surly/images/platforms/wp.png HTTP/1.1 Host: sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Referer: https://safe.sur.ly/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently server: nginx/1.14.2 date: Sat, 08 Feb 2025 18:53:57 GMT content-type: text/html content-length: 185 location: https://cdn.sur.ly/surly/images/platforms/wp.png referrer-policy: origin-when-cross-origin X-Firefox-Spdy: h2`

	cdn.sur.ly/surly/images/platforms/jml.png	188.114.96.1	200 OK	11 kB
URL GET HTTP/3 cdn.sur.ly/surly/images/platforms/jml.png IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerGoogle Trust Services Subjectsur.ly Fingerprint17:2E:23:F4:D1:D3:72:DA:15:57:5C:15:19:57:02:1C:54:E7:BF:EA ValidityWed, 29 Jan 2025 22:49:29 GMT - Tue, 29 Apr 2025 23:47:50 GMT File type PNG image data, 197 x 125, 8-bit/color RGBA, non-interlaced Size 11 kB (10602 bytes) Hash 19d27007325b542d03ed84114c05a3db 6ba9d5f6006fd0f2e46ed0198636ddd614adaa8c 9334526aab708c62fb488a186ca20acb8fb27e092c377e121ce59c33bf4917f3 HTTP Headers GET /surly/images/platforms/jml.png HTTP/1.1 Host: cdn.sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://safe.sur.ly/ DNT: 1 Connection: keep-alive Cookie: _ga_L04HQHN9RZ=GS1.1.1739040837.1.0.1739040837.0.0.0; _ga=GA1.1.66266072.1739040837 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sat, 08 Feb 2025 18:53:57 GMT content-type: image/png content-length: 10602 last-modified: Mon, 13 Jun 2022 04:23:22 GMT etag: "62a6bbba-296a" expires: Thu, 20 Feb 2025 06:46:09 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 803835 accept-ranges: bytes priority: u=4,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uxY87VyjMtJRXkzPr%2FatvKSSE7ahfKMZRz6W4VXcIjWYBIhIJkXZgrbsv77afwSV4t4hl9hw3eVJKMVRF1GFAQo5ZoGhXm9Vgu6JrFyz%2B8ID%2Bn%2FWhjxy1ru2waTu"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 90edd351fad056ab-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=3525&min_rtt=1599&rtt_var=1975&sent=15&recv=10&lost=0&retrans=0&sent_bytes=4230&recv_bytes=1973&delivery_rate=401411&cwnd=12000&unsent_bytes=0&cid=2669aa8c1ed979b4&ts=494&x=1", cfExtPri, cfHdrFlush;dur=0

	cdn.sur.ly/surly/images/platforms/drpl.png	188.114.96.1	200 OK	7.7 kB
URL GET HTTP/3 cdn.sur.ly/surly/images/platforms/drpl.png IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerGoogle Trust Services Subjectsur.ly Fingerprint17:2E:23:F4:D1:D3:72:DA:15:57:5C:15:19:57:02:1C:54:E7:BF:EA ValidityWed, 29 Jan 2025 22:49:29 GMT - Tue, 29 Apr 2025 23:47:50 GMT File type PNG image data, 197 x 125, 8-bit/color RGBA, non-interlaced Size 7.7 kB (7732 bytes) Hash 6f36a046dca910c56d066c3528f5142b c3d99b6aae29f56fb6c855ef75b1f01a589934dd ff83f3c2977b3b195ded8087efa82f7dc808615eba9be46201bb3bf247442bfb HTTP Headers GET /surly/images/platforms/drpl.png HTTP/1.1 Host: cdn.sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://safe.sur.ly/ DNT: 1 Connection: keep-alive Cookie: _ga_L04HQHN9RZ=GS1.1.1739040837.1.0.1739040837.0.0.0; _ga=GA1.1.66266072.1739040837 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sat, 08 Feb 2025 18:53:57 GMT content-type: image/png content-length: 7732 last-modified: Mon, 13 Jun 2022 04:23:22 GMT etag: "62a6bbba-1e34" expires: Mon, 24 Feb 2025 09:46:50 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 809234 accept-ranges: bytes priority: u=4,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pMhKWdk9y%2F8hINv29h8%2Ff0BwuwSc0UsR3MZqsm1BqsUyQsuOSWTeEXntIlyqpgo%2BYQo1JYkpIj19lEEr8UMvpns5YRAm2xqjqH7Eba9oA3wIM714C3KiV5NyYTE7"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 90edd351fad156ab-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=3525&min_rtt=1599&rtt_var=1975&sent=25&recv=10&lost=0&retrans=0&sent_bytes=15826&recv_bytes=1973&delivery_rate=401411&cwnd=12000&unsent_bytes=0&cid=2669aa8c1ed979b4&ts=494&x=1", cfExtPri, cfHdrFlush;dur=2

	cdn.sur.ly/surly/images/platforms/php.png	188.114.96.1	200 OK	8.9 kB
URL GET HTTP/3 cdn.sur.ly/surly/images/platforms/php.png IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerGoogle Trust Services Subjectsur.ly Fingerprint17:2E:23:F4:D1:D3:72:DA:15:57:5C:15:19:57:02:1C:54:E7:BF:EA ValidityWed, 29 Jan 2025 22:49:29 GMT - Tue, 29 Apr 2025 23:47:50 GMT File type PNG image data, 197 x 125, 8-bit/color RGBA, non-interlaced Size 8.9 kB (8876 bytes) Hash 2c23080e5e2e39ec3fc99129296d0509 83c46996d56692638169f141d15ad2aa896d4a20 e9ef34893838925145587ebbe5b08934b1347536adcdadfbb1cf59086fdb1bd5 HTTP Headers GET /surly/images/platforms/php.png HTTP/1.1 Host: cdn.sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://safe.sur.ly/ DNT: 1 Connection: keep-alive Cookie: _ga_L04HQHN9RZ=GS1.1.1739040837.1.0.1739040837.0.0.0; _ga=GA1.1.66266072.1739040837 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sat, 08 Feb 2025 18:53:57 GMT content-type: image/png content-length: 8876 last-modified: Mon, 13 Jun 2022 04:23:22 GMT etag: "62a6bbba-22ac" expires: Tue, 25 Feb 2025 06:05:42 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 891854 accept-ranges: bytes priority: u=4,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JViLiHkiFD5xKWQAcC7pyEizyYXInPd0IM2P00HIRnzKW3ziXxxUFGCDbfaJ4sBtrQr3rVTUIfZOEfOdgUzbPwt4%2B4eJb8z8ufrlrDsKBnRS2PnpOLHGZlRkNm0a"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 90edd351fad356ab-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=3525&min_rtt=1599&rtt_var=1975&sent=25&recv=10&lost=0&retrans=0&sent_bytes=15826&recv_bytes=1973&delivery_rate=401411&cwnd=12000&unsent_bytes=0&cid=2669aa8c1ed979b4&ts=494&x=1", cfExtPri, cfHdrFlush;dur=2

	sur.ly/stat.php?id=5893&r=61367	54.173.41.122	200 OK	43 B
URL GET HTTP/2 sur.ly/stat.php?id=5893&r=61367 IP 54.173.41.122:443 ASN #14618 AMAZON-AES Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerLet's Encrypt Subjectsur.ly Fingerprint7A:CF:D7:39:47:07:F8:2B:0B:A1:C5:A9:63:D6:1A:DA:3C:51:95:CA ValidityWed, 25 Dec 2024 05:58:24 GMT - Tue, 25 Mar 2025 05:58:23 GMT File type GIF image data, version 89a, 1 x 1 Size 43 B (43 bytes) Hash 325472601571f31e1bf00674c368d335 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b HTTP Headers `GET /stat.php?id=5893&r=61367 HTTP/1.1 Host: sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://safe.sur.ly/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx/1.14.2 date: Sat, 08 Feb 2025 18:53:57 GMT content-type: image/gif content-length: 43 x-powered-by: PHP/8.3.16 referrer-policy: origin-when-cross-origin X-Firefox-Spdy: h2`

	sur.ly/stat.php?id=5055&r=82363	54.173.41.122	200 OK	43 B
URL GET HTTP/2 sur.ly/stat.php?id=5055&r=82363 IP 54.173.41.122:443 ASN #14618 AMAZON-AES Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerLet's Encrypt Subjectsur.ly Fingerprint7A:CF:D7:39:47:07:F8:2B:0B:A1:C5:A9:63:D6:1A:DA:3C:51:95:CA ValidityWed, 25 Dec 2024 05:58:24 GMT - Tue, 25 Mar 2025 05:58:23 GMT File type GIF image data, version 89a, 1 x 1 Size 43 B (43 bytes) Hash 325472601571f31e1bf00674c368d335 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b HTTP Headers `GET /stat.php?id=5055&r=82363 HTTP/1.1 Host: sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://safe.sur.ly/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx/1.14.2 date: Sat, 08 Feb 2025 18:53:57 GMT content-type: image/gif content-length: 43 x-powered-by: PHP/8.3.16 referrer-policy: origin-when-cross-origin X-Firefox-Spdy: h2`

	cdn.sur.ly/surly/images/platforms/wp.png	188.114.96.1	200 OK	11 kB
URL GET HTTP/3 cdn.sur.ly/surly/images/platforms/wp.png IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerGoogle Trust Services Subjectsur.ly Fingerprint17:2E:23:F4:D1:D3:72:DA:15:57:5C:15:19:57:02:1C:54:E7:BF:EA ValidityWed, 29 Jan 2025 22:49:29 GMT - Tue, 29 Apr 2025 23:47:50 GMT File type PNG image data, 197 x 125, 8-bit/color RGBA, non-interlaced Size 11 kB (10554 bytes) Hash a9d4428a3455b3dcbd29eb5859c25de8 1aa18f4338fc3cc2c3064e53e7117345e2217c78 1e084569927237870fa12bbf1ff34affb621f3495ab50da96cb9fbfdd71a7034 HTTP Headers GET /surly/images/platforms/wp.png HTTP/1.1 Host: cdn.sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://safe.sur.ly/ DNT: 1 Connection: keep-alive Cookie: _ga_L04HQHN9RZ=GS1.1.1739040837.1.0.1739040837.0.0.0; _ga=GA1.1.66266072.1739040837 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Sat, 08 Feb 2025 18:53:57 GMT content-type: image/png content-length: 10554 last-modified: Mon, 13 Jun 2022 04:23:22 GMT etag: "62a6bbba-293a" expires: Thu, 20 Feb 2025 11:41:49 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 959784 accept-ranges: bytes priority: u=4,i=?0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DDNVxGrQc%2Fg4RUyXs0vAvGAvExI4MlBtqLBWl%2BaSJrKlIRcm0X9RczWfLNFsKTpVik5c9LqTf611duh%2FYUdIY7Y8GA5gc5CWf44oUoyHaZpj8irVXdknBxvoF3Tf"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 90edd3520ae356ab-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=3109&min_rtt=1228&rtt_var=1578&sent=43&recv=14&lost=0&retrans=0&sent_bytes=34290&recv_bytes=2452&delivery_rate=5240592&cwnd=24000&unsent_bytes=0&cid=2669aa8c1ed979b4&ts=505&x=1", cfExtPri, cfHdrFlush;dur=0

	sur.ly/stat.php?id=1888&r=970	54.173.41.122	200 OK	43 B
URL GET HTTP/2 sur.ly/stat.php?id=1888&r=970 IP 54.173.41.122:443 ASN #14618 AMAZON-AES Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerLet's Encrypt Subjectsur.ly Fingerprint7A:CF:D7:39:47:07:F8:2B:0B:A1:C5:A9:63:D6:1A:DA:3C:51:95:CA ValidityWed, 25 Dec 2024 05:58:24 GMT - Tue, 25 Mar 2025 05:58:23 GMT File type GIF image data, version 89a, 1 x 1 Size 43 B (43 bytes) Hash 325472601571f31e1bf00674c368d335 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b HTTP Headers `GET /stat.php?id=1888&r=970 HTTP/1.1 Host: sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://safe.sur.ly/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx/1.14.2 date: Sat, 08 Feb 2025 18:53:57 GMT content-type: image/gif content-length: 43 x-powered-by: PHP/8.3.16 referrer-policy: origin-when-cross-origin X-Firefox-Spdy: h2`

	sur.ly/stat.php?id=9726&r=33179	54.173.41.122	200 OK	43 B
URL GET HTTP/2 sur.ly/stat.php?id=9726&r=33179 IP 54.173.41.122:443 ASN #14618 AMAZON-AES Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerLet's Encrypt Subjectsur.ly Fingerprint7A:CF:D7:39:47:07:F8:2B:0B:A1:C5:A9:63:D6:1A:DA:3C:51:95:CA ValidityWed, 25 Dec 2024 05:58:24 GMT - Tue, 25 Mar 2025 05:58:23 GMT File type GIF image data, version 89a, 1 x 1 Size 43 B (43 bytes) Hash 325472601571f31e1bf00674c368d335 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b HTTP Headers `GET /stat.php?id=9726&r=33179 HTTP/1.1 Host: sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://safe.sur.ly/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx/1.14.2 date: Sat, 08 Feb 2025 18:53:57 GMT content-type: image/gif content-length: 43 x-powered-by: PHP/8.3.16 referrer-policy: origin-when-cross-origin X-Firefox-Spdy: h2`

	sur.ly/stat.php?id=5212&r=96061	54.173.41.122	200 OK	43 B
URL GET HTTP/2 sur.ly/stat.php?id=5212&r=96061 IP 54.173.41.122:443 ASN #14618 AMAZON-AES Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerLet's Encrypt Subjectsur.ly Fingerprint7A:CF:D7:39:47:07:F8:2B:0B:A1:C5:A9:63:D6:1A:DA:3C:51:95:CA ValidityWed, 25 Dec 2024 05:58:24 GMT - Tue, 25 Mar 2025 05:58:23 GMT File type GIF image data, version 89a, 1 x 1 Size 43 B (43 bytes) Hash 325472601571f31e1bf00674c368d335 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b HTTP Headers `GET /stat.php?id=5212&r=96061 HTTP/1.1 Host: sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://safe.sur.ly/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.14.2 date: Sat, 08 Feb 2025 18:53:57 GMT content-type: image/gif content-length: 43 x-powered-by: PHP/8.3.16 referrer-policy: origin-when-cross-origin X-Firefox-Spdy: h2`

	cdn.sur.ly/js/jquery.min.js	188.114.96.1	200 OK	93 kB
URL GET HTTP/2 cdn.sur.ly/js/jquery.min.js IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerGoogle Trust Services Subjectsur.ly Fingerprint17:2E:23:F4:D1:D3:72:DA:15:57:5C:15:19:57:02:1C:54:E7:BF:EA ValidityWed, 29 Jan 2025 22:49:29 GMT - Tue, 29 Apr 2025 23:47:50 GMT File type Size 93 kB (93435 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /js/jquery.min.js HTTP/1.1 Host: cdn.sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://safe.sur.ly/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sat, 08 Feb 2025 18:53:56 GMT content-type: application/javascript last-modified: Mon, 13 Jun 2022 04:23:22 GMT vary: Accept-Encoding etag: W/"62a6bbba-16cfb" expires: Mon, 27 Jan 2025 10:57:25 GMT cache-control: max-age=2592000 content-encoding: gzip cf-cache-status: HIT age: 1541040 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rqPInDNi1dvUCNWPVNJyYhm9dn%2F1J6dZhkf7vbUBs6HWOrCBw2UeX43O0gLqpc5LbnMEwwMh3aBWR86jCww%2FwovzVmlxDTEgympEtPdsqeP2V0aoXwFnlqEDhimn"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 90edd34efa5256b7-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=2046&min_rtt=444&rtt_var=1239&sent=21&recv=19&lost=0&retrans=0&sent_bytes=11749&recv_bytes=1633&delivery_rate=7528596&cwnd=257&unsent_bytes=0&cid=f533e79ce431db52&ts=95&x=0" X-Firefox-Spdy: h2

	cdn.sur.ly/css/panel.css	188.114.96.1	200 OK	9.6 kB
URL GET HTTP/2 cdn.sur.ly/css/panel.css IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerGoogle Trust Services Subjectsur.ly Fingerprint17:2E:23:F4:D1:D3:72:DA:15:57:5C:15:19:57:02:1C:54:E7:BF:EA ValidityWed, 29 Jan 2025 22:49:29 GMT - Tue, 29 Apr 2025 23:47:50 GMT File type ASCII text, with very long lines (9579), with no line terminators Size 9.6 kB (9563 bytes) Hash 55c9fff22371b9fff7a0a079f27e831d 86344aee830667f0c8f837084e956028d7b32c75 197648daa9a50e5b7101c9815671942c862f66b1724a7b40b68fde96907303f9 HTTP Headers `GET /css/panel.css HTTP/1.1 Host: cdn.sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://safe.sur.ly/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sat, 08 Feb 2025 18:53:56 GMT content-type: text/css cache-control: max-age=2592000 cf-bgj: minify cf-polished: origSize=16422 etag: W/"62a6bbba-4026" expires: Sun, 26 Jan 2025 06:04:46 GMT last-modified: Mon, 13 Jun 2022 04:23:22 GMT vary: Accept-Encoding cf-cache-status: HIT age: 1685732 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dIgcH8LfcaXmO%2FaW8UBbouwby8LVZqGtfkh%2FqcqvU4%2FlxnNZEJ7rDNOhz%2FhE3NOAA2dLs1tbPQ3Qvq5BarGI%2FGOxKARj1uXuF6iMY6iS2vUmWMM%2FshbhicAssSMK"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 90edd34eda3f56b7-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=2244&min_rtt=444&rtt_var=1585&sent=14&recv=14&lost=0&retrans=0&sent_bytes=6540&recv_bytes=1396&delivery_rate=7528596&cwnd=257&unsent_bytes=0&cid=f533e79ce431db52&ts=79&x=0" X-Firefox-Spdy: h2

	cdn.sur.ly/desktop/js/desktop.js	188.114.96.1	200 OK	5.5 kB
URL GET HTTP/2 cdn.sur.ly/desktop/js/desktop.js IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerGoogle Trust Services Subjectsur.ly Fingerprint17:2E:23:F4:D1:D3:72:DA:15:57:5C:15:19:57:02:1C:54:E7:BF:EA ValidityWed, 29 Jan 2025 22:49:29 GMT - Tue, 29 Apr 2025 23:47:50 GMT File type JavaScript source, ASCII text, with very long lines (5694), with no line terminators Size 5.5 kB (5523 bytes) Hash 12833e7e8559950e1e4ca8a6fd9d889a 0bf2242d693ebabc576c7df2b034c0adc5ca62d6 1f8fa797ae9a67d412ebd6537470aaf8a2808cbc7a9b451b044cae19e7223f81 HTTP Headers `GET /desktop/js/desktop.js HTTP/1.1 Host: cdn.sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://safe.sur.ly/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sat, 08 Feb 2025 18:53:56 GMT content-type: application/javascript cache-control: max-age=2592000 cf-bgj: minify cf-polished: origSize=9803 etag: W/"62a6bbba-264b" expires: Thu, 27 Feb 2025 05:52:25 GMT last-modified: Mon, 13 Jun 2022 04:23:22 GMT vary: Accept-Encoding cf-cache-status: HIT age: 724907 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7bTOJYKtRxZ3GwrCpYHlcnnrdlXsnGRgf0NsWISeBam3lBZL7rS16VjgyqzzylHRuQfKMvo%2BA%2FSb0JYjitBRKtWUnart2chpFq%2BgLkaK8ZsB%2BeoO8J4PgSdi7bsk"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 90edd34efa4a56b7-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=2146&min_rtt=444&rtt_var=1385&sent=18&recv=18&lost=0&retrans=0&sent_bytes=9628&recv_bytes=1633&delivery_rate=7528596&cwnd=257&unsent_bytes=0&cid=f533e79ce431db52&ts=91&x=0" X-Firefox-Spdy: h2

	rotatemyads.net/css/images/favicon.ico	0.0.0.0		0 B
URL GET rotatemyads.net/css/images/favicon.ico IP 0.0.0.0:0 ASN #0 Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /css/images/favicon.ico HTTP/1.1 Host: rotatemyads.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://safe.sur.ly/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

	rotatemyads.net/?sofiahalbof=	0.0.0.0		0 B
URL GET rotatemyads.net/?sofiahalbof= IP 0.0.0.0:0 ASN #0 Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /?sofiahalbof= HTTP/1.1 Host: rotatemyads.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://safe.sur.ly/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache

	rotatemyads.net/css/images/favicon.ico	0.0.0.0		0 B
URL GET rotatemyads.net/css/images/favicon.ico IP 0.0.0.0:0 ASN #0 Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /css/images/favicon.ico HTTP/1.1 Host: rotatemyads.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://safe.sur.ly/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

	cdn.sur.ly/js/device.js	188.114.96.1	200 OK	2.6 kB
URL GET HTTP/2 cdn.sur.ly/js/device.js IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerGoogle Trust Services Subjectsur.ly Fingerprint17:2E:23:F4:D1:D3:72:DA:15:57:5C:15:19:57:02:1C:54:E7:BF:EA ValidityWed, 29 Jan 2025 22:49:29 GMT - Tue, 29 Apr 2025 23:47:50 GMT File type JavaScript source, ASCII text, with very long lines (2684), with no line terminators Size 2.6 kB (2602 bytes) Hash 646e1f70a4162a0dcc8ab26182127c3e 7b5a4c7f16ea8bbe021e97492a1524d9ac3a0b0b 7be9f82101a8c1289ea0814f456029600e3926e7cc0b3e1029b6a6289ce009cd HTTP Headers `GET /js/device.js HTTP/1.1 Host: cdn.sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://safe.sur.ly/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sat, 08 Feb 2025 18:53:56 GMT content-type: application/javascript cache-control: max-age=2592000 cf-bgj: minify cf-polished: origSize=2605 etag: W/"62a6bbba-a2d" expires: Mon, 10 Mar 2025 08:59:39 GMT last-modified: Mon, 13 Jun 2022 04:23:22 GMT vary: Accept-Encoding cf-cache-status: HIT age: 26584 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xbLNiVGJWssfvSg9WOQigz5LjL%2BWiqQSfMRPh1F9HEqr5z94Nz0s8Yd6wJaOyaKmbfr6M%2B2RX42Fg2DnrWNwjeimUPEflgcg%2FGE1UzWIMSItGSrCvetKBZbcdNSA"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 90edd34efa5156b7-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1783&min_rtt=432&rtt_var=1066&sent=49&recv=21&lost=0&retrans=0&sent_bytes=46530&recv_bytes=1633&delivery_rate=29594160&cwnd=257&unsent_bytes=0&cid=f533e79ce431db52&ts=97&x=0" X-Firefox-Spdy: h2

	safe.sur.ly/external?url=rotatemyads.net%2F%253Fsofiahalbof%253D&forceHttps=0&panel_lang=en	0.0.0.0	302 Found	0 B
URL GET safe.sur.ly/external?url=rotatemyads.net%2F%253Fsofiahalbof%253D&forceHttps=0&panel_lang=en IP 0.0.0.0:0 ASN #0 Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /external?url=rotatemyads.net%2F%253Fsofiahalbof%253D&forceHttps=0&panel_lang=en HTTP/1.1 Host: safe.sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof DNT: 1 Connection: keep-alive Cookie: visitor_id=3a4473efc7989f27891b2c15f6b4ac18aeda9bdd; surl_panel=1 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found server: nginx/1.14.2 date: Sat, 08 Feb 2025 18:53:57 GMT content-type: text/html; charset=utf-8 location: https://rotatemyads.net/?sofiahalbof= referrer-policy: origin-when-cross-origin X-Firefox-Spdy: h2`

	safe.sur.ly/i/rotatemyads.net/?sofiahalbof	54.173.41.122	200 OK	16 kB
URL User Request GET HTTP/2 safe.sur.ly/i/rotatemyads.net/?sofiahalbof IP 54.173.41.122:443 ASN #14618 AMAZON-AES Certificate IssuerLet's Encrypt Subjectsafe.sur.ly Fingerprint4D:74:5A:BA:CC:00:FB:97:33:C1:73:06:D0:2D:75:2E:76:64:F8:27 ValidityTue, 21 Jan 2025 17:57:33 GMT - Mon, 21 Apr 2025 17:57:32 GMT File type HTML document, ASCII text Size 16 kB (16428 bytes) Hash 2ad25d033d475f4fc11da022853edde1 e8c16710fdd64b7eedde992aba387106d7a75ff5 84f4cc9bcafdbfb1bd423972a59c5aacb166a38bc8028754d643dab64186b3ce HTTP Headers `GET /i/rotatemyads.net/?sofiahalbof HTTP/1.1 Host: safe.sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.14.2 date: Sat, 08 Feb 2025 18:53:56 GMT content-type: text/html; charset=utf-8 vary: Accept-Encoding, User-Agent x-robots-tag: noindex set-cookie: visitor_id=3a4473efc7989f27891b2c15f6b4ac18aeda9bdd; path=/ surl_panel=1; expires=Tue, 18-Mar-2081 18:53:56 GMT; Max-Age=1770508800; path=/ panel_mobile_stub_show=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ referrer-policy: origin-when-cross-origin content-encoding: gzip X-Firefox-Spdy: h2`

	cdn.sur.ly/js/panel.js	188.114.96.1	200 OK	2.2 kB
URL GET HTTP/2 cdn.sur.ly/js/panel.js IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://safe.sur.ly/i/rotatemyads.net/?sofiahalbof Certificate IssuerGoogle Trust Services Subjectsur.ly Fingerprint17:2E:23:F4:D1:D3:72:DA:15:57:5C:15:19:57:02:1C:54:E7:BF:EA ValidityWed, 29 Jan 2025 22:49:29 GMT - Tue, 29 Apr 2025 23:47:50 GMT File type JavaScript source, ASCII text, with very long lines (2211), with no line terminators Size 2.2 kB (2186 bytes) Hash a5f8e938585b1be7dfb8518cdc5123a6 fafe28bade6631ee952c9e898c25ba59e9bc66d8 d3927e04a9a00814375d5589c1a1b99a8c093af49abdec6ab7cd975bc652ab37 HTTP Headers `GET /js/panel.js HTTP/1.1 Host: cdn.sur.ly User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://safe.sur.ly/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sat, 08 Feb 2025 18:53:56 GMT content-type: application/javascript cache-control: max-age=2592000 cf-bgj: minify cf-polished: origSize=3675 etag: W/"62a6bbba-e5b" expires: Thu, 27 Feb 2025 19:12:10 GMT last-modified: Mon, 13 Jun 2022 04:23:22 GMT vary: Accept-Encoding cf-cache-status: HIT age: 725473 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jExvm0cXzX8d7GIhGSG6zrM1qcaltf9RoZgrw2Aq42%2FA6VXr9e9ny6KfGrR9zt6XSa5GXGRjVYJLWfV0AC1SM9%2BGomZ2RHPieVYkdXV8%2BcFRtFKsuoWD40IUHthM"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 90edd34eda3956b7-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=2244&min_rtt=444&rtt_var=1585&sent=11&recv=14&lost=0&retrans=0&sent_bytes=5165&recv_bytes=1396&delivery_rate=7528596&cwnd=257&unsent_bytes=0&cid=f533e79ce431db52&ts=78&x=0" X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML