Submitted URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/#google_vignette
Effective URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Submission: On January 13 via manual from BR — Scanned from US

Summary

This website contacted 11 IPs in 1 countries across 7 domains to perform 57 HTTP transactions. The main IP is 54.173.41.122, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is sur.ly. The Cisco Umbrella rank of the primary domain is 200843.
TLS certificate: Issued by R11 on December 25th 2024. Valid for: 3 months.
This is the only time sur.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
30 sur.ly
sur.ly — Cisco Umbrella Rank: 200843
img.sur.ly — Cisco Umbrella Rank: 485260
cdn.sur.ly — Cisco Umbrella Rank: 253748
api.sur.ly — Cisco Umbrella Rank: 474163
518 KB
13 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
www.google.com — Cisco Umbrella Rank: 3
72 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
256 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
109 KB
57 7
Domain Requested by
17 cdn.sur.ly sur.ly
12 fundingchoicesmessages.google.com pagead2.googlesyndication.com
8 api.sur.ly sur.ly
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com sur.ly
pagead2.googlesyndication.com
3 sur.ly sur.ly
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 img.sur.ly 1 redirects sur.ly
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com sur.ly
57 12

This site contains links to these domains. Also see Links.

Domain
safe.sur.ly
Subject Issuer Validity Valid
sur.ly
R11
2024-12-25 -
2025-03-25
3 months crt.sh
*.g.doubleclick.net
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
*.google-analytics.com
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
*.google.com
WR2
2024-12-09 -
2025-03-03
3 months crt.sh
adtrafficquality.google
WR2
2024-12-09 -
2025-03-03
3 months crt.sh

This page contains 8 frames:

Primary Page: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Frame ID: FB1C66D8C163F490B4A5BBB234F26B16
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20250109/r20190131/zrt_lookup_fy2021.html
Frame ID: 8D11F2FE119E026F57FC43388F6916C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950914822071007&output=html&h=90&slotname=6717816972&adk=2014116802&adf=4272225274&pi=t.ma~as.6717816972&w=970&abgtt=9&lmt=1736811265&rafmt=12&format=970x90&url=https%3A%2F%2Fsur.ly%2Fi%2Fsofiahalbofanimeworld.blogspot.com.atlaq.com%2F%23google_vignette&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1736811265198&bpp=1&bdt=103&idt=137&shv=r20250109&mjsv=m202501030301&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=678195193384&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95350245%2C31089638&oid=2&pvsid=2118316233298154&tmod=1293167019&uas=0&nvt=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=155
Frame ID: E988083AB6595A4C86AF2AA831113B7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950914822071007&output=html&h=600&slotname=6312823995&adk=339616942&adf=3076450515&pi=t.ma~as.6312823995&w=300&abgtt=9&lmt=1736811265&format=300x600&url=https%3A%2F%2Fsur.ly%2Fi%2Fsofiahalbofanimeworld.blogspot.com.atlaq.com%2F%23google_vignette&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1736811265200&bpp=1&bdt=105&idt=279&shv=r20250109&mjsv=m202501030301&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=970x90&correlator=678195193384&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95350245%2C31089638&oid=2&pvsid=2118316233298154&tmod=1293167019&uas=0&nvt=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=289
Frame ID: F8B699F1919F92F60B1FBA86085A42AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950914822071007&output=html&adk=1812271804&adf=3025194257&abgtt=9&lmt=1736811265&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsur.ly%2Fi%2Fsofiahalbofanimeworld.blogspot.com.atlaq.com%2F%23google_vignette&pra=7&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.2&aiapmi=0.33938&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1736811265200&bpp=3&bdt=106&idt=301&shv=r20250109&mjsv=m202501030301&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=970x90%2C300x600&nras=1&correlator=678195193384&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95350245%2C31089638&oid=2&pvsid=2118316233298154&tmod=1293167019&uas=0&nvt=1&fsapi=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=306
Frame ID: 509D1A37C10D786A2BC5817320454DF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20250109/r20190131/zrt_lookup_fy2021.html
Frame ID: 9D8F8A29942ABFDBF5A3DC4BA8063269
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 6F8FFC738B7680A7A0CD0C434D73AD87
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9376410EE5D916F05BE93415CB1F4628
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

sofiahalbofanimeworld.blogspot.com.atlaq.com - sofiahalbof anime world - Sofiahalbof Anime World Blogspot Com Atlaq

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

57
Requests

96 %
HTTPS

90 %
IPv6

7
Domains

12
Subdomains

11
IPs

1
Countries

974 kB
Transfer

2807 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://img.sur.ly/thumbnails/620x343/s/sofiahalbofanimeworld.blogspot.com.atlaq.com.png HTTP 307
  • https://cdn.sur.ly/domain/images/design/no-image.png

57 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
72 KB
15 KB
Document
General
Full URL
https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
2d8f43936d8ca1d305bda2bdefe0a0268cad14656a6e57b85d445bceea3638bb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 13 Jan 2025 23:34:25 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
vary
Accept-Encoding
no-image.png
cdn.sur.ly/domain/images/design/
Redirect Chain
  • https://img.sur.ly/thumbnails/620x343/s/sofiahalbofanimeworld.blogspot.com.atlaq.com.png
  • https://cdn.sur.ly/domain/images/design/no-image.png
2 KB
2 KB
Image
General
Full URL
https://cdn.sur.ly/domain/images/design/no-image.png
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d332757182b0c7d8f2dd3995f7f4408919be6347365c9286fe6373a1f3ea8c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

cf-bgj
imgq:100,h2pri
etag
"62a6bbba-18ee"
age
525775
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DXMcVuuEI%2By0GAiknQNDCegXllWOoZJuKBR5kxs8hoTgENDtqczkYVoLzvF8u%2FcbzuQHbGU6Grvey%2Fj%2FOdeQPm9tFENnDseTL7sY57KdIE7LvatWpuD7zaW4Vz7I2TVWX1z1OZaGx7I%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 24 Jan 2025 08:46:40 GMT
cf-polished
origFmt=png, origSize=6382
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7938&min_rtt=7372&rtt_var=344&sent=314&recv=95&lost=0&retrans=0&sent_bytes=343140&recv_bytes=13209&delivery_rate=92562&cwnd=165600&unsent_bytes=0&cid=fe4c25d0c94e3747&ts=191&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
image/webp
content-disposition
inline; filename="no-image.webp"
vary
Accept
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
priority
u=1,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
9019326898f17c94-EWR
accept-ranges
bytes
content-length
1676
server
cloudflare

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
location
https://cdn.sur.ly/domain/images/design/no-image.png
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3oXRQknbndLqcwtDP65y815%2BthrICXeTQaTEacaRkp2Wy94AjkISKSpDFWL6o5VbTbmgVAF4cSV4GdWF7CN98ozRgrXBSrxt8%2BliRzXpzx158O0sC%2FpU70Gm%2FGcJqWmqZkbOmG9ZHzA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
90193268081f7c94-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7993&min_rtt=7372&rtt_var=313&sent=311&recv=92&lost=0&retrans=0&sent_bytes=342154&recv_bytes=12664&delivery_rate=37750&cwnd=165600&unsent_bytes=0&cid=fe4c25d0c94e3747&ts=140&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
158 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
759e30acbc78774603067a4f321753dca7869b5ea9adc2817b735ddc72217c55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
br
etag
17609329495850890043
x-content-type-options
nosniff
expires
Mon, 13 Jan 2025 23:34:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53799
x-xss-protection
0
server
cafe
sofiahalbofanimeworld.blogspot.com.atlaq.com.ico
img.sur.ly/favicons/s/
412 B
1 KB
Image
General
Full URL
https://img.sur.ly/favicons/s/sofiahalbofanimeworld.blogspot.com.atlaq.com.ico
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e2a0392e3651a72d0a08eb84cab94bcda49b7dfaa2bb2c611ad740486787279

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

cf-cache-status
HIT
etag
"face9ad5ebc8bcdb40fb9dbc1954e603"
x-amz-version-id
t_eY0z.MYeDKa.G6nij8EEdlR9uZADiS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g3j5fHDDTUOhx31hGEdwRyWvkAUtxt873jM9vFjomzaTChvNO6GTqrCWiEAcKtNY0FpAus4C5Z41n3kAbI5c8PEm4JuQ%2F9i3Zo7pbTyzYEWI4l%2B29IW3n8GUJIBS0syB%2FlJ%2BMeORRPM%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 27 Jan 2025 22:59:06 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8005&min_rtt=7372&rtt_var=384&sent=309&recv=91&lost=0&retrans=0&sent_bytes=340786&recv_bytes=12619&delivery_rate=20665867&cwnd=165600&unsent_bytes=0&cid=fe4c25d0c94e3747&ts=115&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
application/octet-stream
last-modified
Fri, 13 Dec 2024 14:38:03 GMT
vary
Accept-Encoding
priority
u=1,i
x-amz-id-2
DCvz0i+J/mOVYwC08m0SEj8QLxfI7rrGbhK3L9qU2oscmuGKcXPisk4RFg/tZ/UiCb/UIbg/N/M=
cache-control
max-age=1209600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
RCP3450G9ZZKRNWH
cf-ray
90193268081d7c94-EWR
accept-ranges
bytes
content-length
412
server
cloudflare
x-amz-server-side-encryption
AES256
async-scripts.js
cdn.sur.ly/domain-redesign/dist/js/
1 MB
304 KB
Script
General
Full URL
https://cdn.sur.ly/domain-redesign/dist/js/async-scripts.js
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cb2b70e11b1ed6b4514e166404220493d254ab16981d9ccedda545ad0531221

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62cebb5b-12cce4"
age
1260957
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GFcoMXj6Sq2FdFgyf9D89EQwFXHeOw8%2F%2FX2HjCc2NdbQ3dG%2BuqiS08Yxm3O1ldbdVYPSIoTlVAKVbyU3VjkZV8tbixktHvKBjJbidt%2FT6q375Uja8o4q16g46iCoFpQHtTZyNlcXBxo%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 25 Jan 2025 07:35:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7753&min_rtt=7572&rtt_var=1842&sent=15&recv=16&lost=0&retrans=0&sent_bytes=7251&recv_bytes=7138&delivery_rate=77185&cwnd=12000&unsent_bytes=0&cid=fe4c25d0c94e3747&ts=29&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
application/javascript
last-modified
Wed, 13 Jul 2022 12:32:27 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
901932679f6e7c94-EWR
server
cloudflare
js
www.googletagmanager.com/gtag/
324 KB
109 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L04HQHN9RZ
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29aff61b5eb83f9f13a1561477ee6dfe9d28b6dc339d932316aa2b0074846268
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 13 Jan 2025 23:34:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110769
x-xss-protection
0
server
Google Tag Manager
create
api.sur.ly/api/hits2/ Frame
0
0
Preflight
General
Full URL
https://api.sur.ly/api/hits2/create?clientId=desktop-68198594bcde893492bacb76e614f12800034c31&pageviewId=desktop-302e3034373539323030203137333638313132363520313633383438303338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sur.ly
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://sur.ly
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
901932677de5189d-EWR
content-length
0
content-type
text/plain charset=UTF-8; charset=utf-8
date
Mon, 13 Jan 2025 23:34:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=3,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SwOY8P097OER3V%2FGOLxchMGO1mCs5jJptqVExwA4yX3mKU2XWRkKk6%2BtxdAONuUv7cCzJqfYY4IVe1AvM8XF5ohLHMUes9NNgVRHa%2BG5ewyQpuPKVZmiim8%2Fgr21GMiWsqJ2epeav50%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=7588&min_rtt=7199&rtt_var=715&sent=42&recv=18&lost=0&retrans=0&sent_bytes=37943&recv_bytes=5603&delivery_rate=649471&cwnd=22800&unsent_bytes=0&cid=c1fcf98cf1b6fa11&ts=50&x=1" cfExtPri cfHdrFlush;dur=4
stat.php
sur.ly/
43 B
161 B
Image
General
Full URL
https://sur.ly/stat.php?id=3760,3662,3381,5893,7683,5982,3564&r=81091
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 / PHP/8.3.7
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/

Response headers

content-length
43
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
image/gif
x-powered-by
PHP/8.3.7
server
nginx/1.14.2
referrer-policy
origin-when-cross-origin
create
api.sur.ly/api/hits2/
32 B
715 B
Fetch
General
Full URL
https://api.sur.ly/api/hits2/create?clientId=desktop-68198594bcde893492bacb76e614f12800034c31&pageviewId=desktop-302e3034373539323030203137333638313132363520313633383438303338
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57717466cdeb139822b43edab7a92f7ae2904b7ee53886f574de134fa868023b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://sur.ly/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JHdPukJU5lhIyi3lGYyiDQ8ZOscThIAxNoUyWUVxxtXbfTL0cn4nC0qNlBPg39hrF5PfV4%2BVzqZuUyq%2BpYIgYj3hNT13pZXK9ypD5Ihtqgrn2ley4nt0E2DjKL4eiqMQgADrcEenJSg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
90193267de53189d-EWR
access-control-allow-origin
https://sur.ly
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8250&min_rtt=7171&rtt_var=526&sent=171&recv=69&lost=0&retrans=0&sent_bytes=186596&recv_bytes=9233&delivery_rate=6771249&cwnd=84000&unsent_bytes=0&cid=c1fcf98cf1b6fa11&ts=119&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
status-excellent.svg
cdn.sur.ly/domain-redesign/assets/img/svg/
874 B
1 KB
Image
General
Full URL
https://cdn.sur.ly/domain-redesign/assets/img/svg/status-excellent.svg
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b8e5e4883253f6092854b614cdf658e7fa2de83d96368dc07d56c13cdbca78c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62cebb5b-36a"
age
832860
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HT6QjxOOjlLCvxEGsQZAHfISUgXxjGU1t%2Fyj2YZI4zSd2Mgvn3RdVMGyn%2B8Q6VaroXs%2FFk3n304mYMR7hAXZLWPkwRTWf%2FuTXKY5LmexI%2B2aLxI1l6BsIjXSxZN4TY1pAoMaawAkuEI%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 23 Jan 2025 10:34:32 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7624&min_rtt=7572&rtt_var=2876&sent=10&recv=14&lost=0&retrans=0&sent_bytes=4243&recv_bytes=7048&delivery_rate=289747&cwnd=12000&unsent_bytes=0&cid=fe4c25d0c94e3747&ts=27&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
image/svg+xml
last-modified
Wed, 13 Jul 2022 12:32:27 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
901932679f707c94-EWR
access-control-allow-origin
*
server
cloudflare
truncated
/
586 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afb22e345370f60cd21a98ddca2fb639b8f5ce25a73f400100e6ce29945cef58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
522 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a44ce80a8e7d52076f35848ad7eac0d438a6984cb253ed87034e7e8f09d1d81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
tooltip.svg
cdn.sur.ly/domain-redesign/assets/img/svg/
767 B
1 KB
Image
General
Full URL
https://cdn.sur.ly/domain-redesign/assets/img/svg/tooltip.svg
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e04e04fdb931b09d5d86a166c1d61fa025cf84f2cf0848b0372ba06fc1c3627d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62cebb5b-2ff"
age
1336756
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TDlAis8gchrUvEgyb0eCgZHqOJ%2Fifyovg%2BTvI3AOyBfo4NTvWD8ruDqgj3%2F1srT9wOep7kgdH2nIuSaoIrR0tSc%2FnuJlzV1NW749omg%2ByIbVfg%2BOIe6Yd1gDiMaLUtSXpTcE%2FHABM%2Bg%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 23 Jan 2025 07:51:38 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7753&min_rtt=7572&rtt_var=1842&sent=23&recv=16&lost=0&retrans=0&sent_bytes=16243&recv_bytes=7138&delivery_rate=77185&cwnd=12000&unsent_bytes=0&cid=fe4c25d0c94e3747&ts=29&x=1", cfExtPri, cfHdrFlush;dur=6
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
image/svg+xml
last-modified
Wed, 13 Jul 2022 12:32:27 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
901932679f717c94-EWR
access-control-allow-origin
*
server
cloudflare
mal-first.svg
cdn.sur.ly/domain-redesign/assets/img/svg/malicious/inactive/
2 KB
2 KB
Image
General
Full URL
https://cdn.sur.ly/domain-redesign/assets/img/svg/malicious/inactive/mal-first.svg
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4610121f526b23bbb4f396472a2b941b031e8896224bc886fe373db7663cebac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62cebb5b-868"
age
1442437
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YYsLkoyTVtzZ0z0ZybAljS9oaTnBoOtEzxYKikGdkJYI541VEAp5ClM7O0qLDFE7RWOozTkmL9Rd%2BaIrgE6vldDYZ3mVaEHYg0ei2kAUssRSPKHyhTpkn0g0Latl2e4vm%2BmFjZbdJBI%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 02 Jan 2025 11:26:11 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7753&min_rtt=7572&rtt_var=1842&sent=13&recv=16&lost=0&retrans=0&sent_bytes=5541&recv_bytes=7138&delivery_rate=77185&cwnd=12000&unsent_bytes=0&cid=fe4c25d0c94e3747&ts=27&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
image/svg+xml
last-modified
Wed, 13 Jul 2022 12:32:27 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
901932679f737c94-EWR
access-control-allow-origin
*
server
cloudflare
mal-second.svg
cdn.sur.ly/domain-redesign/assets/img/svg/malicious/inactive/
2 KB
2 KB
Image
General
Full URL
https://cdn.sur.ly/domain-redesign/assets/img/svg/malicious/inactive/mal-second.svg
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f5298022f15cbea6d9027e3de92f6ec334c8d6db422b8e345799380f559b0d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62cebb5b-973"
age
1355696
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tGKyHbf7Fao7gRo%2BYlTwYRuxFGy%2FhaexVO2ieVl%2F8CDSd%2BVaNwmIGc2fzfc3OyaZ3T2fOiWkCAvbWH%2By52MY2As2vTZY8tkikvTMg1Cd21PG4KiWeiwxPsq4TcvgNruKtijJ7bHlwUw%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 21 Jan 2025 05:56:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8338&min_rtt=7482&rtt_var=1089&sent=50&recv=28&lost=0&retrans=0&sent_bytes=41931&recv_bytes=9090&delivery_rate=1552883&cwnd=25200&unsent_bytes=0&cid=fe4c25d0c94e3747&ts=43&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
image/svg+xml
last-modified
Wed, 13 Jul 2022 12:32:27 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
901932679f747c94-EWR
access-control-allow-origin
*
server
cloudflare
mal-third.svg
cdn.sur.ly/domain-redesign/assets/img/svg/malicious/inactive/
2 KB
1 KB
Image
General
Full URL
https://cdn.sur.ly/domain-redesign/assets/img/svg/malicious/inactive/mal-third.svg
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9bc1853b5192bfa5b9a9272ab7b23e00d33e01cb0534332df600af222851d20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62cebb5b-656"
age
1597854
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PeVQ3wUtyJ68cJKnl8ZfGMUEDVQGMDXtcYbu5tFf0HV8Aw4VJOrxbmCdh3hhsPpweEOBuTuQfm8%2BGjRZkG2ctlGAijAG0JM3vy4F0%2BuMFNqwY1b1DMtvV42y%2Fa42sj2QZcUhc9kXKRo%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 23 Jan 2025 11:09:51 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7748&min_rtt=7571&rtt_var=1107&sent=30&recv=18&lost=0&retrans=0&sent_bytes=21141&recv_bytes=7224&delivery_rate=309052&cwnd=14400&unsent_bytes=0&cid=fe4c25d0c94e3747&ts=36&x=1", cfExtPri, cfHdrFlush;dur=1
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
image/svg+xml
last-modified
Wed, 13 Jul 2022 12:32:27 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
901932679f797c94-EWR
access-control-allow-origin
*
server
cloudflare
mal-fourth.svg
cdn.sur.ly/domain-redesign/assets/img/svg/malicious/inactive/
2 KB
2 KB
Image
General
Full URL
https://cdn.sur.ly/domain-redesign/assets/img/svg/malicious/inactive/mal-fourth.svg
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bde8d9d61d7f6e35ded664c14ce35ee1b78e7b8c84c355d80a4f5d6ba960587

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62cebb5b-8ff"
age
1337195
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Km%2F09XdQS08EYdoAmz0kyJE1Nsj4e5VSisSNNON18PSeV5tfwPTDplMVzsynmJm6Q9qNcm6Jz7Z75Oaw39TMST83WBuCTbuZDA8F%2Bshkv6WK2gmEUBCeVchquaAwVaRWazx%2FpIFBugY%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 27 Jan 2025 00:12:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7753&min_rtt=7572&rtt_var=1842&sent=23&recv=16&lost=0&retrans=0&sent_bytes=16243&recv_bytes=7138&delivery_rate=77185&cwnd=12000&unsent_bytes=0&cid=fe4c25d0c94e3747&ts=33&x=1", cfExtPri, cfHdrFlush;dur=2
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
image/svg+xml
last-modified
Wed, 13 Jul 2022 12:32:27 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
901932679f6c7c94-EWR
access-control-allow-origin
*
server
cloudflare
status-not-avaliable.svg
cdn.sur.ly/domain-redesign/assets/img/svg/
2 KB
2 KB
Image
General
Full URL
https://cdn.sur.ly/domain-redesign/assets/img/svg/status-not-avaliable.svg
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c794c0768ca9c39219affc5f1ea02d2fc9e8b3edd0e9fecfe57bad5d75199b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62cebb5b-8b0"
age
1680982
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbJrZlND9N%2BUNGbs%2FIWVMVfCc17aa8ZRhxdCQ1Xz0T4XgVEfPjqECO1NiyzN32v6XDqgpE0rq4%2FsqiW9oXK%2B%2FrGPs0crkIu6UExJsPUVykLobToWd93HjjrsqFoLICG89%2F345urxfs4%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 24 Jan 2025 11:41:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8572&min_rtt=7571&rtt_var=1224&sent=48&recv=26&lost=0&retrans=0&sent_bytes=40243&recv_bytes=9004&delivery_rate=1484641&cwnd=24000&unsent_bytes=0&cid=fe4c25d0c94e3747&ts=42&x=1", cfExtPri, cfHdrFlush;dur=1
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
image/svg+xml
last-modified
Wed, 13 Jul 2022 12:32:27 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
901932679f7a7c94-EWR
access-control-allow-origin
*
server
cloudflare
adult-first.svg
cdn.sur.ly/domain-redesign/assets/img/svg/malicious/inactive/
2 KB
2 KB
Image
General
Full URL
https://cdn.sur.ly/domain-redesign/assets/img/svg/malicious/inactive/adult-first.svg
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c2595f99856bcab7779d35d4205d329965eab68fe9d7f4018365541a3c0cb44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62cebb5b-7e2"
age
226703
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zNeNxZ8deFJVosYBvw%2FTdMrp6B5pY9CZ7P7%2FPzhsBqo6MG3xDkbuKXXr9MnldUls23VR2oPw1kPEELPAEdRkuOfaiSzNlVO941Agf3sdNQWJWSY8MX2LitpGWyAlxaBsrkPO8b7qC6I%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 06 Feb 2025 08:11:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9305&min_rtt=7451&rtt_var=1415&sent=90&recv=38&lost=0&retrans=0&sent_bytes=86451&recv_bytes=9520&delivery_rate=1682873&cwnd=46800&unsent_bytes=0&cid=fe4c25d0c94e3747&ts=49&x=1", cfExtPri, cfHdrFlush;dur=1
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
image/svg+xml
last-modified
Wed, 13 Jul 2022 12:32:27 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
90193267bfb37c94-EWR
access-control-allow-origin
*
server
cloudflare
adult-second.svg
cdn.sur.ly/domain-redesign/assets/img/svg/malicious/inactive/
2 KB
2 KB
Image
General
Full URL
https://cdn.sur.ly/domain-redesign/assets/img/svg/malicious/inactive/adult-second.svg
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5cbf15d528ab032b709fae196584ebc6472be01d310595d072d91832baef99f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62cebb5b-96e"
age
1767897
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DCQKtmlxUsbRt5h9ulw%2FMtkk8GUgcC%2FBUsfiG5zD5ydDG9kQXyQz3SFOY6rtXEFyL9F2BxcjscSeESrpCBqcRJ4%2FrWXHA7S6W4LLr%2FZM4xrapGj6wzCmyYgb0pMlyJjVsy%2BdU6FAcAY%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 30 Dec 2024 04:38:59 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9364&min_rtt=7451&rtt_var=607&sent=100&recv=42&lost=0&retrans=0&sent_bytes=98451&recv_bytes=9692&delivery_rate=3347722&cwnd=52800&unsent_bytes=0&cid=fe4c25d0c94e3747&ts=51&x=1", cfExtPri, cfHdrFlush;dur=1
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
image/svg+xml
last-modified
Wed, 13 Jul 2022 12:32:27 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
90193267bfb77c94-EWR
access-control-allow-origin
*
server
cloudflare
adult-third.svg
cdn.sur.ly/domain-redesign/assets/img/svg/malicious/inactive/
3 KB
2 KB
Image
General
Full URL
https://cdn.sur.ly/domain-redesign/assets/img/svg/malicious/inactive/adult-third.svg
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481fad2b1e22d63b5cf83ab609aa8b3734b3ef821b0336b3623cba14c00112b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62cebb5b-b7b"
age
1774930
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CUfpgAHrHazirsc%2B0tDS0Qx%2BOTVo4anuxLATw%2F2ztcBlB4IQJoT0sEVAVSCI%2BKvgf8i03eIq%2FUwXE7dJ9plYb%2FPvF%2BPURH%2BZ%2Fw%2Fb6v8m2VV%2FESuDGSX%2BmKjg9AvMawOAXoQZIjuQpDw%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 01 Jan 2025 03:02:45 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8542&min_rtt=7451&rtt_var=855&sent=187&recv=65&lost=0&retrans=0&sent_bytes=200413&recv_bytes=10710&delivery_rate=5492213&cwnd=100800&unsent_bytes=0&cid=fe4c25d0c94e3747&ts=60&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
image/svg+xml
last-modified
Wed, 13 Jul 2022 12:32:27 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
90193267bfb87c94-EWR
access-control-allow-origin
*
server
cloudflare
adult-fourth.svg
cdn.sur.ly/domain-redesign/assets/img/svg/malicious/inactive/
2 KB
2 KB
Image
General
Full URL
https://cdn.sur.ly/domain-redesign/assets/img/svg/malicious/inactive/adult-fourth.svg
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b3178d347f70283e2d0fdc4e9a37c3ba6ff1d8274b1f617429f3dfaa7c3ca0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62cebb5b-985"
age
1422947
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vViGJndCXAa9k%2FtSGlI6LpCDyOG3HuzV%2FwUCCOGxBmOO5yORQx0cCzM2P%2FqN%2FkYAym%2Ba%2BwKv54wOwT8B9Xe2HjCdKEFIjuIDS2paGDtkko0EqDz6nVM0xdhjQxFHOW%2FnkBIheQbRams%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 04 Jan 2025 12:20:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8976&min_rtt=7451&rtt_var=1010&sent=101&recv=44&lost=0&retrans=0&sent_bytes=99613&recv_bytes=9778&delivery_rate=3072973&cwnd=57600&unsent_bytes=0&cid=fe4c25d0c94e3747&ts=52&x=1", cfExtPri, cfHdrFlush;dur=1
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
image/svg+xml
last-modified
Wed, 13 Jul 2022 12:32:27 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
90193267bfb97c94-EWR
access-control-allow-origin
*
server
cloudflare
Inter.latin.woff2
cdn.sur.ly/domain-redesign/assets/fonts/
57 KB
58 KB
Font
General
Full URL
https://cdn.sur.ly/domain-redesign/assets/fonts/Inter.latin.woff2
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ace5d2bafabbd79a9809990f1b2e8ebe0220aabd99db937399e2c2a95231c05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sur.ly
Referer
https://sur.ly/

Response headers

cf-cache-status
HIT
etag
"62cebb5b-e43c"
age
1516021
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nnaEcJbwo%2B3xSM%2FF%2BKipzAfJvvB1CLZdjTd4TXe8pGAesy1jKL%2BXKruZJTU42Kkfvyd676kptWwkQfLmBsNvgn6xhGTlYvM%2B97E33uzRx6MwMnRyA3JZ91qGE97Kjotg4U926Bsx4k4%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 25 Jan 2025 07:33:43 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7297&min_rtt=7199&rtt_var=1562&sent=14&recv=13&lost=0&retrans=0&sent_bytes=4371&recv_bytes=5388&delivery_rate=86464&cwnd=12000&unsent_bytes=0&cid=c1fcf98cf1b6fa11&ts=38&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
application/octet-stream
last-modified
Wed, 13 Jul 2022 12:32:27 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
901932677de9189d-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
58428
server
cloudflare
Inter-500.latin.woff2
cdn.sur.ly/domain-redesign/assets/fonts/
57 KB
58 KB
Font
General
Full URL
https://cdn.sur.ly/domain-redesign/assets/fonts/Inter-500.latin.woff2
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ace5d2bafabbd79a9809990f1b2e8ebe0220aabd99db937399e2c2a95231c05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sur.ly
Referer
https://sur.ly/

Response headers

cf-cache-status
HIT
etag
"62cebb5b-e43c"
age
1430344
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BgmPONU5lrPIsSZkuP%2FRhPOTlwOARBTTfBqzDuDsaSdBHGjoM3uqOEpAHVBF0NnnGTM8vPPnK8CbxX600pAXBJeQG8ngoZd63XkPwHDEEtyi9niaPqe1bkyDX59hfsaXnV6Wr9dgMpI%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 25 Jan 2025 05:52:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7297&min_rtt=7199&rtt_var=1562&sent=24&recv=13&lost=0&retrans=0&sent_bytes=16343&recv_bytes=5388&delivery_rate=86464&cwnd=12000&unsent_bytes=0&cid=c1fcf98cf1b6fa11&ts=41&x=1", cfExtPri, cfHdrFlush;dur=5
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
application/octet-stream
last-modified
Wed, 13 Jul 2022 12:32:27 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
901932677dec189d-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
58428
server
cloudflare
Inter-600.latin.woff2
cdn.sur.ly/domain-redesign/assets/fonts/
57 KB
58 KB
Font
General
Full URL
https://cdn.sur.ly/domain-redesign/assets/fonts/Inter-600.latin.woff2
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ace5d2bafabbd79a9809990f1b2e8ebe0220aabd99db937399e2c2a95231c05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sur.ly
Referer
https://sur.ly/

Response headers

cf-cache-status
HIT
etag
"62cebb5b-e43c"
age
1522344
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=23FsIroR4j1C%2BhUBtuuedlcAtSLPZbmneLgeKh7hfuwc9rAVaNYoDMvUQSYYkEK6IN5qBXCFC8EIAVQkDcHMzVfrw3BxvL1rSmOd0hz5YuEB45tPc9EoqGOUb9HtmiitSfvw0bth%2BEo%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 30 Dec 2024 21:51:38 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7297&min_rtt=7199&rtt_var=1562&sent=24&recv=13&lost=0&retrans=0&sent_bytes=16343&recv_bytes=5388&delivery_rate=86464&cwnd=12000&unsent_bytes=0&cid=c1fcf98cf1b6fa11&ts=45&x=1", cfExtPri, cfHdrFlush;dur=1
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
application/octet-stream
last-modified
Wed, 13 Jul 2022 12:32:27 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
901932677dee189d-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
58428
server
cloudflare
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501030301/
433 KB
145 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501030301/show_ads_impl_fy2021.js?bust=31089638
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
52fdb5e94ae1b021342c42734503ff7e543d3f1c4d37806f3455465e103e0be7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
br
etag
16674577540766110636
age
3816
x-content-type-options
nosniff
expires
Mon, 27 Jan 2025 22:30:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 13 Jan 2025 22:30:49 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
148034
x-xss-protection
0
server
cafe
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-L04HQHN9RZ&gtm=45je51d0h2v9103726923za200&_p=1736811265123&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=467026928.1736811265&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1736811265&sct=1&seg=0&dl=https%3A%2F%2Fsur.ly%2Fi%2Fsofiahalbofanimeworld.blogspot.com.atlaq.com%2F&dt=sofiahalbofanimeworld.blogspot.com.atlaq.com%20-%20sofiahalbof%20anime%20world%20-%20Sofiahalbof%20Anime%20World%20Blogspot%20Com%20Atlaq&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=411
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L04HQHN9RZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://sur.ly
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
text/plain
server
Golfe2
appendUserdata
api.sur.ly/api/hits2/ Frame
0
0
Preflight
General
Full URL
https://api.sur.ly/api/hits2/appendUserdata?clientId=desktop-68198594bcde893492bacb76e614f12800034c31&pageviewId=desktop-302e3034373539323030203137333638313132363520313633383438303338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sur.ly
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://sur.ly
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
901932685ec9189d-EWR
content-length
0
content-type
text/plain charset=UTF-8; charset=utf-8
date
Mon, 13 Jan 2025 23:34:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=3,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ck2SkAiWb%2F5ybgX86Te2q2D7%2BYy95AULVg8mHLgsrLOkqIw5%2Ba8TZSKnHHd%2F9DroYFB3ZDUXULNsvxCpIzWrhTdyUA8OfPSewZid2SGSL%2B7J%2BaqRqRharEG0p7IDskGUlMVeh7aDdGw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=8381&min_rtt=7171&rtt_var=656&sent=173&recv=72&lost=0&retrans=0&sent_bytes=187358&recv_bytes=10086&delivery_rate=15974&cwnd=84000&unsent_bytes=0&cid=c1fcf98cf1b6fa11&ts=173&x=1" cfExtPri cfHdrFlush;dur=0
appendUserdata
api.sur.ly/api/hits2/
16 B
703 B
Fetch
General
Full URL
https://api.sur.ly/api/hits2/appendUserdata?clientId=desktop-68198594bcde893492bacb76e614f12800034c31&pageviewId=desktop-302e3034373539323030203137333638313132363520313633383438303338
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://sur.ly/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u6oPMAh0VEMyP2ms3lCkWJZbeepJxRWowk3XPJU9hYTgxV1OvrS1WG8BZM4Bj2rqsb5qTrAvRCF%2BWDgCLQWQbk%2FkW%2B24DFUnwQ5xXzT6LHZEszC0yEFdJp3KZggHkncxELQfG4een00%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
901932687ee8189d-EWR
access-control-allow-origin
https://sur.ly
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8325&min_rtt=7171&rtt_var=711&sent=178&recv=76&lost=0&retrans=0&sent_bytes=188873&recv_bytes=11159&delivery_rate=44733&cwnd=84000&unsent_bytes=0&cid=c1fcf98cf1b6fa11&ts=216&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
appendUserdata
api.sur.ly/api/hits2/
16 B
701 B
Fetch
General
Full URL
https://api.sur.ly/api/hits2/appendUserdata?clientId=desktop-68198594bcde893492bacb76e614f12800034c31&pageviewId=desktop-302e3034373539323030203137333638313132363520313633383438303338
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://sur.ly/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0TiqDuuqnu90mp16LY5ogLZlvYD9jzB7VGPfWFBvc27OSVedmDSUA3eGjUEL2RT6UouCgInGvqb%2FnzGXQZXiKnS844GoOhd%2Bt%2FwH2lRlI5JgcQJjyUMRmOoVB5QGKqTeU9RuRZMSl6o%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
901932689f01189d-EWR
access-control-allow-origin
https://sur.ly
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8419&min_rtt=7171&rtt_var=720&sent=179&recv=77&lost=0&retrans=0&sent_bytes=189599&recv_bytes=11204&delivery_rate=28028&cwnd=84000&unsent_bytes=0&cid=c1fcf98cf1b6fa11&ts=227&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 13 Jan 2025 23:34:25 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
appendUserdata
api.sur.ly/api/hits2/ Frame
0
0
Preflight
General
Full URL
https://api.sur.ly/api/hits2/appendUserdata?clientId=desktop-68198594bcde893492bacb76e614f12800034c31&pageviewId=desktop-302e3034373539323030203137333638313132363520313633383438303338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sur.ly
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://sur.ly
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
901932685ecb189d-EWR
content-length
0
content-type
text/plain charset=UTF-8; charset=utf-8
date
Mon, 13 Jan 2025 23:34:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=3,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wprpg7wJowAe5e3PVq2yma8FRi99rJ8UcBuHiud0FKLS7GyGqSip8PmVVEPaI0yKrji8mZU3OOUqbmQk8C0RWCGOGJP6eg6CtO8w5j3kQO1KQM1P%2B2h%2FSMO00mCdIyOX3bVQn3V%2FBU4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=8251&min_rtt=7171&rtt_var=751&sent=176&recv=74&lost=0&retrans=0&sent_bytes=188131&recv_bytes=10660&delivery_rate=31327&cwnd=84000&unsent_bytes=0&cid=c1fcf98cf1b6fa11&ts=188&x=1" cfExtPri cfHdrFlush;dur=0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20250109/r20190131/ Frame 8D11
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20250109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501030301/show_ads_impl_fy2021.js?bust=31089638
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sur.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
37017
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4144
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 Jan 2025 13:17:28 GMT
etag
7793694970870604198
expires
Mon, 27 Jan 2025 13:17:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E988
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950914822071007&output=html&h=90&slotname=6717816972&adk=2014116802&adf=4272225274&pi=t.ma~as.6717816972&w=970&abgtt=9&lmt=1736811265&rafmt=12&format=970x90&url=https%3A%2F%2Fsur.ly%2Fi%2Fsofiahalbofanimeworld.blogspot.com.atlaq.com%2F%23google_vignette&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1736811265198&bpp=1&bdt=103&idt=137&shv=r20250109&mjsv=m202501030301&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=678195193384&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95350245%2C31089638&oid=2&pvsid=2118316233298154&tmod=1293167019&uas=0&nvt=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=155
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501030301/show_ads_impl_fy2021.js?bust=31089638
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sur.ly/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
407
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 Jan 2025 23:34:25 GMT
expires
Mon, 13 Jan 2025 23:34:25 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F8B6
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950914822071007&output=html&h=600&slotname=6312823995&adk=339616942&adf=3076450515&pi=t.ma~as.6312823995&w=300&abgtt=9&lmt=1736811265&format=300x600&url=https%3A%2F%2Fsur.ly%2Fi%2Fsofiahalbofanimeworld.blogspot.com.atlaq.com%2F%23google_vignette&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1736811265200&bpp=1&bdt=105&idt=279&shv=r20250109&mjsv=m202501030301&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=970x90&correlator=678195193384&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95350245%2C31089638&oid=2&pvsid=2118316233298154&tmod=1293167019&uas=0&nvt=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=289
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501030301/show_ads_impl_fy2021.js?bust=31089638
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sur.ly/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
53474
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 Jan 2025 23:34:26 GMT
expires
Mon, 13 Jan 2025 23:34:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 509D
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950914822071007&output=html&adk=1812271804&adf=3025194257&abgtt=9&lmt=1736811265&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsur.ly%2Fi%2Fsofiahalbofanimeworld.blogspot.com.atlaq.com%2F%23google_vignette&pra=7&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.2&aiapmi=0.33938&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1736811265200&bpp=3&bdt=106&idt=301&shv=r20250109&mjsv=m202501030301&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=970x90%2C300x600&nras=1&correlator=678195193384&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95350245%2C31089638&oid=2&pvsid=2118316233298154&tmod=1293167019&uas=0&nvt=1&fsapi=1&fc=896&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=306
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501030301/show_ads_impl_fy2021.js?bust=31089638
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sur.ly/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
58134
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 Jan 2025 23:34:26 GMT
expires
Mon, 13 Jan 2025 23:34:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501030301/
177 KB
59 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501030301/reactive_library_fy2021.js?bust=31089638
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501030301/show_ads_impl_fy2021.js?bust=31089638
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7971b3c5158ec54a3c2fbd6454ded2ef01c8921dc0467b0a1b138ac4bfe8a0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
br
etag
13646921704917397377
age
45308
x-content-type-options
nosniff
expires
Mon, 27 Jan 2025 10:59:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 13 Jan 2025 10:59:18 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
60488
x-xss-protection
0
server
cafe
ca-pub-5950914822071007
fundingchoicesmessages.google.com/i/
193 KB
63 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-5950914822071007?href=https%3A%2F%2Fsur.ly%2Fi%2Fsofiahalbofanimeworld.blogspot.com.atlaq.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501030301/show_ads_impl_fy2021.js?bust=31089638
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56d3ee23bb73c47fe6090221c065070a2e90b826242da28e58e6f3b98931ec79
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CjJw0K_oeNta53UuX-IIhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 13 Jan 2025 23:34:26 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII0JBiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOB2GjteVYXIE76d561BIgNFS6xOgOxY9ElVk8gVu25xGoOxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wtQMzw9QorBxAL8XA0HZu2h01gxr3JUxmVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTA0MDY30DEzjCwwA0MhKPQ"
content-security-policy
script-src 'report-sample' 'nonce-CjJw0K_oeNta53UuX-IIhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxVowMMIDC4pM15zHPL_1OJ0nZ2Wcvpr_hPMnyE5kAE1TtouPr2VhwgNMLOMkoBbUZQcKZvCtQmTEBTqqloFBtc_0WPPEL0lG3doqDFYD2CSlhAfx7LH8vp2VRBF29o-v5vvfNwjtg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVowMMIDC4pM15zHPL_1OJ0nZ2Wcvpr_hPMnyE5kAE1TtouPr2VhwgNMLOMkoBbUZQcKZvCtQmTEBTqqloFBtc_0WPPEL0lG3doqDFYD2CSlhAfx7LH8vp2VRBF29o-v5vvfNwjtg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.QgA-Uk4VVUI.es5.O/d=1/rs=AJlcJMwGWY_r-R1eWxQD47s3GvxJwNeQkg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mab0bKX-7aGtcRDHoGYCKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://sur.ly/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 13 Jan 2025 23:34:26 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsIUD8of4y6w8gZvh6hZUDiIV4OJqOTdvDJnBh8qPTjEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDI1MDQ0EjPwCy-wAAA9aQq1Q"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mab0bKX-7aGtcRDHoGYCKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://sur.ly
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVUgyes3fYnjv7fsR4qTJMt015G3sCJWClBwE0-AO1DElbdDA0JlDck6Gk_m7ohTbfPKwGcBK-M7HbKcWsRUs9oB4eK5OhHgLxCkdPyTJxAwEJjuR-18f4N1AoZzuHK0wMhx0u6Hw==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVUgyes3fYnjv7fsR4qTJMt015G3sCJWClBwE0-AO1DElbdDA0JlDck6Gk_m7ohTbfPKwGcBK-M7HbKcWsRUs9oB4eK5OhHgLxCkdPyTJxAwEJjuR-18f4N1AoZzuHK0wMhx0u6Hw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM2ODExMjY2LDQwMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zdXIubHkvaS9zb2ZpYWhhbGJvZmFuaW1ld29ybGQuYmxvZ3Nwb3QuY29tLmF0bGFxLmNvbS8iLG51bGwsW1s4LCJRZ0EtVWs0VlZVSSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.QgA-Uk4VVUI.es5.O/d=1/rs=AJlcJMwGWY_r-R1eWxQD47s3GvxJwNeQkg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aad13faba60792743b62f0a44c7b00a147a395db0afc717ffcff367f78265281
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tjCAHGVwTFAXKjvmBoZ1DA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 13 Jan 2025 23:34:26 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04HYaO15VhcgTvp3nrUEiA0VLrE6A7Fj0SVWTyBW7bnEag7E99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrC1AzPD1CisHEAvxcDQdm7aHTeDD7ynnGZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDQwNjfQMTOMLDACjtkXg"
content-security-policy
script-src 'report-sample' 'nonce-tjCAHGVwTFAXKjvmBoZ1DA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20250109/r20190131/ Frame 9D8F
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20250109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501030301/show_ads_impl_fy2021.js?bust=31089638
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sur.ly/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
37017
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4144
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 Jan 2025 13:17:28 GMT
etag
7793694970870604198
expires
Mon, 27 Jan 2025 13:17:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxXpzWwaKVo0yM4SIwY82kNa_B8ANWn6qhknwC5KOgfL_Upf0xPSnIAxEG3o4gHIcqxhukWq9WMfq4ahPj-q9SalQJ-ukqbrx98NeTYE_bKpo41eXx4U4piUbEqcoMQOfvPzimUkAw==
fundingchoicesmessages.google.com/f/
10 KB
4 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXpzWwaKVo0yM4SIwY82kNa_B8ANWn6qhknwC5KOgfL_Upf0xPSnIAxEG3o4gHIcqxhukWq9WMfq4ahPj-q9SalQJ-ukqbrx98NeTYE_bKpo41eXx4U4piUbEqcoMQOfvPzimUkAw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM2ODExMjY2LDQ1MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vc3VyLmx5L2kvc29maWFoYWxib2ZhbmltZXdvcmxkLmJsb2dzcG90LmNvbS5hdGxhcS5jb20vIixudWxsLFtbOCwiUWdBLVVrNFZWVUkiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.QgA-Uk4VVUI.es5.O/d=1/rs=AJlcJMwGWY_r-R1eWxQD47s3GvxJwNeQkg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0eff6a5a49582d48f9c86dcca3f0d038b7e9410b7e2f9b58fd7a98bee2d5fd16
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vx4mUM13hySR62AHGcUK0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 13 Jan 2025 23:34:26 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw1JBikPj6kkkLiJ3SZ7CGAHHrzXOs04HYaO15VhcgTvp3nrUEiA0VLrE6A7Fj0SVWTyBW7bnEag7E99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrC1AzPD1CisHENuxXmN1A2IhHo6mY9P2sAmc-NT6klFJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDI1MDQ0EjPwDS-wAAAr8tH_A"
content-security-policy
script-src 'report-sample' 'nonce-vx4mUM13hySR62AHGcUK0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
appendUserdata
api.sur.ly/api/hits2/ Frame
0
0
Preflight
General
Full URL
https://api.sur.ly/api/hits2/appendUserdata?clientId=desktop-68198594bcde893492bacb76e614f12800034c31&pageviewId=desktop-302e3034373539323030203137333638313132363520313633383438303338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sur.ly
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://sur.ly
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
901932704f0f189d-EWR
content-length
0
content-type
text/plain charset=UTF-8; charset=utf-8
date
Mon, 13 Jan 2025 23:34:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=3,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tUAbgY88HmpN1ft3XPnwGwKvlRhloReJxLgRutUW6H3IJkLu63Vs4QatewAehr0%2Ftz5YGEgusHgenQn%2BInYUiz9ZmPUQlkEo2uDVM41ChY1iHE7RXfL7appwj02bDMVT9ht1flyGA9w%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=8538&min_rtt=7171&rtt_var=779&sent=181&recv=79&lost=0&retrans=0&sent_bytes=190348&recv_bytes=11653&delivery_rate=77215&cwnd=84000&unsent_bytes=0&cid=c1fcf98cf1b6fa11&ts=1454&x=1" cfExtPri cfHdrFlush;dur=0
adsenhit
sur.ly/notify/
16 B
16 B
Image
General
Full URL
https://sur.ly/notify/adsenhit?domain=sofiahalbofanimeworld.blogspot.com.atlaq.com&is_ads_hidden=0&viewport_height=1200&ads_top_coord=532&device=1&r=21489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/

Response headers

access-control-allow-origin
http://sur.ly
content-encoding
gzip
date
Mon, 13 Jan 2025 23:34:26 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
server
nginx/1.14.2
appendUserdata
api.sur.ly/api/hits2/
16 B
703 B
Fetch
General
Full URL
https://api.sur.ly/api/hits2/appendUserdata?clientId=desktop-68198594bcde893492bacb76e614f12800034c31&pageviewId=desktop-302e3034373539323030203137333638313132363520313633383438303338
Requested by
Host: sur.ly
URL: https://sur.ly/i/sofiahalbofanimeworld.blogspot.com.atlaq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://sur.ly/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ABhaxO39M7VvEb8lTQq%2FRsqsD8St8GZuauA3Z2AIVGEOuN%2BMcrohJLdFm9XEJo3iqwfOfrzZ8AM71DciKJYzjudmc8ccm%2Btp1BdUZ1qJLDs9JnVFPOVtTM7kLww0B1V%2Fnb%2BWLDghVu0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
901932707f44189d-EWR
access-control-allow-origin
https://sur.ly
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8382&min_rtt=7171&rtt_var=896&sent=184&recv=81&lost=0&retrans=0&sent_bytes=191112&recv_bytes=12241&delivery_rate=27595&cwnd=84000&unsent_bytes=0&cid=c1fcf98cf1b6fa11&ts=1490&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 13 Jan 2025 23:34:26 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
sodar
ep1.adtrafficquality.google/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20250109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501030301/show_ads_impl_fy2021.js?bust=31089638
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
709119e3718222a6b68246c24a7d1c4ca8539def08d179c28da7532509fbdb8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13155
date
Mon, 13 Jan 2025 23:34:26 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon-32x32.png
cdn.sur.ly/
660 B
1 KB
Other
General
Full URL
https://cdn.sur.ly/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93e1c897dcf175c8d98561fb24cb06aa2d6860fba7a24eb90d4c60cfe5a9e5b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

cf-bgj
imgq:100,h2pri
etag
"62a6bbba-499"
age
1607437
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=odc1BVFUbt7ELKJRINk3gmIj1GdoLVVOzvb9XdsIJN8hOELj8pu7dbq%2Fid9Jmmst30uPnfQyQMSTLW80C3v7bUPPw0Llh%2BoLevV1%2F5YgTniKN27Q1BfsBdaIv64952cmThniGmpEUec%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 18 Jan 2025 17:40:57 GMT
cf-polished
origFmt=png, origSize=1177
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7908&min_rtt=7372&rtt_var=317&sent=318&recv=97&lost=0&retrans=0&sent_bytes=345692&recv_bytes=13901&delivery_rate=117628&cwnd=165600&unsent_bytes=0&cid=fe4c25d0c94e3747&ts=1425&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 13 Jan 2025 23:34:26 GMT
content-type
image/webp
content-disposition
inline; filename="favicon-32x32.webp"
vary
Accept
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
priority
u=1,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
901932705cea7c94-EWR
accept-ranges
bytes
content-length
660
server
cloudflare
sodar2.js
ep2.adtrafficquality.google/sodar/
18 KB
7 KB
Script
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202501030301/show_ads_impl_fy2021.js?bust=31089638
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 13 Jan 2025 23:34:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 13 Jan 2025 23:34:26 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 6F8F
0
0
Document
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sur.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1302
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 13 Jan 2025 23:12:44 GMT
expires
Tue, 14 Jan 2025 00:02:44 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9376
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Xk5JZZUecPd5kK2rCXxaiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sur.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Xk5JZZUecPd5kK2rCXxaiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 13 Jan 2025 23:34:26 GMT
expires
Mon, 13 Jan 2025 23:34:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
ad-
fundingchoicesmessages.google.com/f/AGSKWxXMehnmZuLI7VeaEQOHxzunJX4bl68nhE8MAl8xDzVw1uObM0IAhYHvg5Bn_FWuOV762sZahKybSl8g2YBIypczGvVv2yWqfsTKG9eQbsFDfzpELaDJTJbe4VxlkU48pI76-1W34RDoV9L_ItY0fKPd-DEsz...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXMehnmZuLI7VeaEQOHxzunJX4bl68nhE8MAl8xDzVw1uObM0IAhYHvg5Bn_FWuOV762sZahKybSl8g2YBIypczGvVv2yWqfsTKG9eQbsFDfzpELaDJTJbe4VxlkU48pI76-1W34RDoV9L_ItY0fKPd-DEsz7Pixjx0j3Cx0KOzz3eppyhCCl3GiiE7/_/adv_left_/processads./wwe_ads./supernorthroomad.-ads/ad-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.QgA-Uk4VVUI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwGWY_r-R1eWxQD47s3GvxJwNeQkg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8ce0c223a07bd2d21b2ee5ec34b42015116e533f4686b23cae259d12cef198d0
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-9yThSkyoEMvPgd2tg9WVPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 13 Jan 2025 23:34:27 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04HYaO15VhcgTvp3nrUEiA0VLrE6A7Fj0SVWTyBW7bnEag7E99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrC1AzPD1CisHEAtxczQfm7aHTeDBqeeOShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRqYGhoZGegam8QUGAE9CRVc"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-9yThSkyoEMvPgd2tg9WVPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
osd.js
pagead2.googlesyndication.com/pagead/
61 B
76 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.QgA-Uk4VVUI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwGWY_r-R1eWxQD47s3GvxJwNeQkg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
br
etag
16023549773543154165
age
1021
x-content-type-options
nosniff
expires
Tue, 14 Jan 2025 00:17:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 13 Jan 2025 23:17:26 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
51
x-xss-protection
0
server
cafe
AGSKWxVowMMIDC4pM15zHPL_1OJ0nZ2Wcvpr_hPMnyE5kAE1TtouPr2VhwgNMLOMkoBbUZQcKZvCtQmTEBTqqloFBtc_0WPPEL0lG3doqDFYD2CSlhAfx7LH8vp2VRBF29o-v5vvfNwjtg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVowMMIDC4pM15zHPL_1OJ0nZ2Wcvpr_hPMnyE5kAE1TtouPr2VhwgNMLOMkoBbUZQcKZvCtQmTEBTqqloFBtc_0WPPEL0lG3doqDFYD2CSlhAfx7LH8vp2VRBF29o-v5vvfNwjtg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.QgA-Uk4VVUI.es5.O/d=1/rs=AJlcJMwGWY_r-R1eWxQD47s3GvxJwNeQkg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PXnWEkbUMuszeDWrIBiihw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://sur.ly/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 13 Jan 2025 23:34:27 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJuj-di0PWwCO5ZPtFNyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGpgaGhkZ6BmbxBQYAp4op-Q"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PXnWEkbUMuszeDWrIBiihw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://sur.ly
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVowMMIDC4pM15zHPL_1OJ0nZ2Wcvpr_hPMnyE5kAE1TtouPr2VhwgNMLOMkoBbUZQcKZvCtQmTEBTqqloFBtc_0WPPEL0lG3doqDFYD2CSlhAfx7LH8vp2VRBF29o-v5vvfNwjtg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVowMMIDC4pM15zHPL_1OJ0nZ2Wcvpr_hPMnyE5kAE1TtouPr2VhwgNMLOMkoBbUZQcKZvCtQmTEBTqqloFBtc_0WPPEL0lG3doqDFYD2CSlhAfx7LH8vp2VRBF29o-v5vvfNwjtg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.QgA-Uk4VVUI.es5.O/d=1/rs=AJlcJMwGWY_r-R1eWxQD47s3GvxJwNeQkg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2HK69d1bvYvEIld6piLMAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://sur.ly/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 13 Jan 2025 23:34:27 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJuj-di0PWwCG7Y9dFdyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGpgaGhkZ6BmbxBQYAvwgqUQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2HK69d1bvYvEIld6piLMAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://sur.ly
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVowMMIDC4pM15zHPL_1OJ0nZ2Wcvpr_hPMnyE5kAE1TtouPr2VhwgNMLOMkoBbUZQcKZvCtQmTEBTqqloFBtc_0WPPEL0lG3doqDFYD2CSlhAfx7LH8vp2VRBF29o-v5vvfNwjtg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVowMMIDC4pM15zHPL_1OJ0nZ2Wcvpr_hPMnyE5kAE1TtouPr2VhwgNMLOMkoBbUZQcKZvCtQmTEBTqqloFBtc_0WPPEL0lG3doqDFYD2CSlhAfx7LH8vp2VRBF29o-v5vvfNwjtg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.QgA-Uk4VVUI.es5.O/d=1/rs=AJlcJMwGWY_r-R1eWxQD47s3GvxJwNeQkg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jMs0MptA_Ogtt2xUDP8TYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://sur.ly/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 13 Jan 2025 23:34:27 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJuj-di0PWwCHf8eBiu5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjUwNDQyM9A7P4AgMA0dUqjA"
content-security-policy
script-src 'report-sample' 'nonce-jMs0MptA_Ogtt2xUDP8TYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://sur.ly
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVowMMIDC4pM15zHPL_1OJ0nZ2Wcvpr_hPMnyE5kAE1TtouPr2VhwgNMLOMkoBbUZQcKZvCtQmTEBTqqloFBtc_0WPPEL0lG3doqDFYD2CSlhAfx7LH8vp2VRBF29o-v5vvfNwjtg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVowMMIDC4pM15zHPL_1OJ0nZ2Wcvpr_hPMnyE5kAE1TtouPr2VhwgNMLOMkoBbUZQcKZvCtQmTEBTqqloFBtc_0WPPEL0lG3doqDFYD2CSlhAfx7LH8vp2VRBF29o-v5vvfNwjtg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.QgA-Uk4VVUI.es5.O/d=1/rs=AJlcJMwGWY_r-R1eWxQD47s3GvxJwNeQkg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9k01xMGr1B5Mi7fzsAHgeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://sur.ly/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 13 Jan 2025 23:34:27 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJuj-di0PWwCE2b3hyi5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjUwNDQyM9A7P4AgMAn2Up3A"
content-security-policy
script-src 'report-sample' 'nonce-9k01xMGr1B5Mi7fzsAHgeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://sur.ly
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVcsB730BWPvbKEqp_36CK7GPQRTqtTHs3WtF448a9_J-IqyKUYQJxw3DPGF4q3U3NZLeY7N0miXEGa2MukvID8z_uhLfFZ5VwZAHyLGLFiakNTqdj54RmSqrpq4p7GSwcb2Smq_g==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVcsB730BWPvbKEqp_36CK7GPQRTqtTHs3WtF448a9_J-IqyKUYQJxw3DPGF4q3U3NZLeY7N0miXEGa2MukvID8z_uhLfFZ5VwZAHyLGLFiakNTqdj54RmSqrpq4p7GSwcb2Smq_g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM2ODExMjY3LDE1NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zdXIubHkvaS9zb2ZpYWhhbGJvZmFuaW1ld29ybGQuYmxvZ3Nwb3QuY29tLmF0bGFxLmNvbS8iLG51bGwsW1s4LCJRZ0EtVWs0VlZVSSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.QgA-Uk4VVUI.es5.O/d=1/rs=AJlcJMwGWY_r-R1eWxQD47s3GvxJwNeQkg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
97d08649be4446c2eb2910c708c064532b63f54613c24a83a900b4564de9de31
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-c-47fBu4fYKzrHiCMgrrLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sur.ly/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 13 Jan 2025 23:34:27 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04HYaO15VhcgTvp3nrUEiA0VLrE6A7Fj0SVWTyBW7bnEag7E99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrC1AzPD1CisHEAtxczQfm7aHTWDDywXhShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRqYGhoZGegam8QUGAEV8RRg"
content-security-policy
script-src 'report-sample' 'nonce-c-47fBu4fYKzrHiCMgrrLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxW7v90-hIy6M08r8gpJWbQaNzG-PgJuhwRkA4afxxgtDJNYajh6szvSwEVKda04Vkmw6u7Aebwl27pK-9hIpEZLJ1ebNm7Hqr9IdcUiUib8fvqFofSGapSbCdDRtQWIn11DUjzqOA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW7v90-hIy6M08r8gpJWbQaNzG-PgJuhwRkA4afxxgtDJNYajh6szvSwEVKda04Vkmw6u7Aebwl27pK-9hIpEZLJ1ebNm7Hqr9IdcUiUib8fvqFofSGapSbCdDRtQWIn11DUjzqOA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.QgA-Uk4VVUI.es5.O/d=1/rs=AJlcJMwGWY_r-R1eWxQD47s3GvxJwNeQkg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SvMh-2c2Lzc5EZAbvlCO9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://sur.ly/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 13 Jan 2025 23:34:27 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJuj-di0PWwCE1pWZyq5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjUwNDQyM9A7P4AgMAqLQp-w"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SvMh-2c2Lzc5EZAbvlCO9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://sur.ly
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVowMMIDC4pM15zHPL_1OJ0nZ2Wcvpr_hPMnyE5kAE1TtouPr2VhwgNMLOMkoBbUZQcKZvCtQmTEBTqqloFBtc_0WPPEL0lG3doqDFYD2CSlhAfx7LH8vp2VRBF29o-v5vvfNwjtg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVowMMIDC4pM15zHPL_1OJ0nZ2Wcvpr_hPMnyE5kAE1TtouPr2VhwgNMLOMkoBbUZQcKZvCtQmTEBTqqloFBtc_0WPPEL0lG3doqDFYD2CSlhAfx7LH8vp2VRBF29o-v5vvfNwjtg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.QgA-Uk4VVUI.es5.O/d=1/rs=AJlcJMwGWY_r-R1eWxQD47s3GvxJwNeQkg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-r3a2qDnJ-FZNmPhgmt8YEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://sur.ly/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 13 Jan 2025 23:34:27 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJuj-di0PWwCE-bPz1JyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGpgaGhkZ6BmbxBQYAqWcqAg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-r3a2qDnJ-FZNmPhgmt8YEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://sur.ly
content-length
0
x-xss-protection
0
server
ESF
sodar
ep1.adtrafficquality.google/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20250109&jk=2118316233298154&bg=!BwSlBEvNAAYsEuUeDBI7ADQBe5WfOJdmo1Pz3K-FM9yo7in0SLma2N-JQcZqDyqmz30S_1h6T7gmv7GTZ7Uu4--T3lrGAgAAAEJSAAAAA2gBB34ANtBup17Jqt-sg6i8j9mjDuGpQ6MDMP6Jjck0VZZmxVAf5PAETp7ZjcHEtD5COwdBomi6_t0d35kCn1XOg2lHLG9OTfo7W7p6mNhtR5NLw_5x1YQq60xGAtk7rQS8zq3qjHYQQnAzv_dUTtC49RM5pagRAZ0Jaker7eOjZq2iv_egfs2UVJKZABGXHn_2y1hNwJVZEPfxuqA0W0C-X9mPPxZN4gxwksJ_g6HTRa4lfuWSXi0oBTcIoLke7s_JN5XPzwfanL6gH3MJLdJ6Dd3sqSDR_E1e8_einTJEaq8YDVCf4QtNfvY4CuQP8o3K8IalLFmsYNchlm4C9v-GG8QUlKd47NjE96tnVPb1EmsQZeBZoXm_oYQHr6-nkuuf3LUq7DC5uz77IxHGhiMCkc8G_t4IlrUC-HxcYJg6qOumebFmD0MVnoEdmFFmV4veXkvehoTx67P_EpfJ-s_R58P4WLSQ7bYl9haQuOf31sAh_GMTVKhZWR7g5LtQfGfvYNeTJZdwvJaCVB93frGm2qUYnOwa_wujycYfnozOkT3Xbtp9XS7v41jO2J5-tu3Pw0eRwgTQPkv58BQqh8fBkOGMjfb73y1bES34aJlXYNt6wv6g7G2cFEhPvC9H3hm_ueUJ0Gfld6shNyhzINR27kDlZ0o1z22feoY-aPyWejkyj81NBETpQNP6nRPNPRP4T6kyL8fh_Cq3GyJ6lzNwce2YguLbjWbHp6RULsOaIaI1jVeLCJEn-Qn3Y9Ehu1_N4r5eEx6yKcu4b8fEK0c0X_cl_jAHf6XR2vqsdDdgZzYVZ9EnHLWL-6WrP6PZxIY8l35EluvGeBrcXj_4WBAZS92cNg5ZKYNZWrvWwlB72VNeBH36cvGh6r1ooJPbf_GoNOcvyH-9qO7qPcsTqSM5Nnb_zrjq49Iv2ahKzNkOIgro9SiAh1IGlHiZAFWDx0Y20lEUlTzQtTPOFOLQ

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| adsbygoogle number| adsEnabled number| isShowAds string| domain number| device function| visible function| gtag object| dataLayer object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| ProgressBar function| am4internal_webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime object| am4core object| am4charts function| am4themes_animated object| googletag object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZTgyNzMwZDU1NDBiYTRlZWxvYWRlcl9qcw== string| ZTgyNzMwZDU1NDBiYTRlZWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| GoogleGcLKhOms boolean| 2a334a37-d94b-4d1c-956b-f1b13849ded9 object| google_image_requests

11 Cookies

Domain/Path Name / Value
.sur.ly/ Name: cid
Value: desktop-68198594bcde893492bacb76e614f12800034c31
.sur.ly/ Name: _ga_L04HQHN9RZ
Value: GS1.1.1736811265.1.0.1736811265.0.0.0
.sur.ly/ Name: _ga
Value: GA1.1.467026928.1736811265
.sur.ly/ Name: __gads
Value: ID=be8e202f545f0ef6:T=1736811265:RT=1736811265:S=ALNI_MbLft1FZfqibTVc0SabukGOjHvgtg
.sur.ly/ Name: __gpi
Value: UID=00000f1678410ce2:T=1736811265:RT=1736811265:S=ALNI_MYQXlGs7c7v_VMD6OFlB4ylQHT-sw
.sur.ly/ Name: __eoi
Value: ID=ed2073f19ffa8db7:T=1736811265:RT=1736811265:S=AA-AfjbMzOFCmnrmuYmfDhpZequ6
.doubleclick.net/ Name: IDE
Value: AHWqTUndZdjtPhwsPFgiGr8go6lUPC4wBfqE5IJ6cvu0FUhytHeIdACVGN4zIx2eK6o
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.sur.ly/ Name: FCNEC
Value: %5B%5B%22AKsRol9aShuCl1V5Nj2IGQZacWM3V7YLzhDsU7AaK9_dIYyqadjQtrde_Xp7-YIP9OR6473MAc4jt9XqPSLRmFvtltK_FtX6ICgJg0b78GMXlU0_1bN_dh2fYIPN4Y4D30vmPByf4RYSBYnsHEN0esSlafUdgMqkYg%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.sur.ly
cdn.sur.ly
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
img.sur.ly
pagead2.googlesyndication.com
sur.ly
www.google-analytics.com
www.google.com
www.googletagmanager.com
ep1.adtrafficquality.google
2606:4700:20::681a:bb9
2607:f8b0:4004:c08::8b
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c09::9a
2607:f8b0:4004:c17::61
2607:f8b0:4004:c19::9b
2607:f8b0:4004:c1f::8a
2607:f8b0:4004:c1f::93
2607:f8b0:4004:c21::84
54.173.41.122
0c794c0768ca9c39219affc5f1ea02d2fc9e8b3edd0e9fecfe57bad5d75199b5
0d332757182b0c7d8f2dd3995f7f4408919be6347365c9286fe6373a1f3ea8c3
0eff6a5a49582d48f9c86dcca3f0d038b7e9410b7e2f9b58fd7a98bee2d5fd16
1b8e5e4883253f6092854b614cdf658e7fa2de83d96368dc07d56c13cdbca78c
1e2a0392e3651a72d0a08eb84cab94bcda49b7dfaa2bb2c611ad740486787279
29aff61b5eb83f9f13a1561477ee6dfe9d28b6dc339d932316aa2b0074846268
2d8f43936d8ca1d305bda2bdefe0a0268cad14656a6e57b85d445bceea3638bb
3cb2b70e11b1ed6b4514e166404220493d254ab16981d9ccedda545ad0531221
3f5298022f15cbea6d9027e3de92f6ec334c8d6db422b8e345799380f559b0d0
4610121f526b23bbb4f396472a2b941b031e8896224bc886fe373db7663cebac
481fad2b1e22d63b5cf83ab609aa8b3734b3ef821b0336b3623cba14c00112b7
52fdb5e94ae1b021342c42734503ff7e543d3f1c4d37806f3455465e103e0be7
56d3ee23bb73c47fe6090221c065070a2e90b826242da28e58e6f3b98931ec79
57717466cdeb139822b43edab7a92f7ae2904b7ee53886f574de134fa868023b
5b3178d347f70283e2d0fdc4e9a37c3ba6ff1d8274b1f617429f3dfaa7c3ca0e
6ace5d2bafabbd79a9809990f1b2e8ebe0220aabd99db937399e2c2a95231c05
709119e3718222a6b68246c24a7d1c4ca8539def08d179c28da7532509fbdb8b
759e30acbc78774603067a4f321753dca7869b5ea9adc2817b735ddc72217c55
7a44ce80a8e7d52076f35848ad7eac0d438a6984cb253ed87034e7e8f09d1d81
8bde8d9d61d7f6e35ded664c14ce35ee1b78e7b8c84c355d80a4f5d6ba960587
8c2595f99856bcab7779d35d4205d329965eab68fe9d7f4018365541a3c0cb44
8ce0c223a07bd2d21b2ee5ec34b42015116e533f4686b23cae259d12cef198d0
93e1c897dcf175c8d98561fb24cb06aa2d6860fba7a24eb90d4c60cfe5a9e5b5
97d08649be4446c2eb2910c708c064532b63f54613c24a83a900b4564de9de31
aad13faba60792743b62f0a44c7b00a147a395db0afc717ffcff367f78265281
afb22e345370f60cd21a98ddca2fb639b8f5ce25a73f400100e6ce29945cef58
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5cbf15d528ab032b709fae196584ebc6472be01d310595d072d91832baef99f
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d7971b3c5158ec54a3c2fbd6454ded2ef01c8921dc0467b0a1b138ac4bfe8a0b
e04e04fdb931b09d5d86a166c1d61fa025cf84f2cf0848b0372ba06fc1c3627d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9bc1853b5192bfa5b9a9272ab7b23e00d33e01cb0534332df600af222851d20
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99