urlscan.io logo urlscan.io
SecurityTrails logo

safe.sur.ly Open in urlscan Pro
54.173.41.122  Public Scan

Go To Rescan Add Verdict Report
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Submission: On January 11 via manual from BR — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 27 HTTP transactions. The main IP is 54.173.41.122, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is safe.sur.ly. The Cisco Umbrella rank of the primary domain is 551205.
TLS certificate: Issued by R11 on November 22nd 2024. Valid for: 3 months.
This is the only time safe.sur.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 11 54.173.41.122 14618 (AMAZON-AES)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
1 8 172.67.74.235 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
1 69.10.58.85 19318 (IS-AS-1)
4 142.251.222.2 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
27 9
11    54.173.41.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-41-122.compute-1.amazonaws.com
safe.sur.ly
sur.ly
5    2606:4700:20::681a:bb9 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.sur.ly
1    2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    172.67.74.235 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.sur.ly
img.sur.ly
1    2404:6800:4004:828::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    69.10.58.85 (Philadelphia, United States)

ASN19318 (IS-AS-1, US)
PTR: server1.hugehithosting.com
3x3x3.biz
4    142.251.222.2 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2404:6800:4004:827::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2404:6800:4004:827::2001 (Australia)

ASN15169 (GOOGLE, US)
cca96a28eb164b8ebb3d9a26a3054f58.safeframe.googlesyndication.com
Apex Domain
Subdomains		 Transfer
24 sur.ly
safe.sur.ly — Cisco Umbrella Rank: 551205
cdn.sur.ly — Cisco Umbrella Rank: 253748
img.sur.ly — Cisco Umbrella Rank: 485260
sur.ly — Cisco Umbrella Rank: 200843
78 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
178 KB
1 googlesyndication.com
cca96a28eb164b8ebb3d9a26a3054f58.safeframe.googlesyndication.com
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 3x3x3.biz
3x3x3.biz
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
109 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 332
34 KB
27 7
Domain Requested by
12 cdn.sur.ly safe.sur.ly
cdn.sur.ly
9 sur.ly 4 redirects safe.sur.ly
4 securepubads.g.doubleclick.net www.googletagservices.com
safe.sur.ly
securepubads.g.doubleclick.net
2 safe.sur.ly 1 redirects
1 cca96a28eb164b8ebb3d9a26a3054f58.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.google-analytics.com www.googletagmanager.com
1 3x3x3.biz safe.sur.ly
1 www.googletagmanager.com safe.sur.ly
1 img.sur.ly 1 redirects
1 www.googletagservices.com safe.sur.ly
27 10

This site contains links to these domains. Also see Links.

Domain
sur.ly
Subject Issuer Validity Valid
safe.sur.ly
R11		 2024-11-22 -
2025-02-20		 3 months crt.sh
sur.ly
WE1		 2024-12-01 -
2025-03-01		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.3x3x3.biz
R11		 2024-12-24 -
2025-03-24		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Frame ID: E4938C5558F00B6C01D47B34DE5A2536
Requests: 24 HTTP requests in this frame

Frame: https://3x3x3.biz/link/118
Frame ID: 6C743E4170C19F8F029A18871490F9CA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 74B419C5493BDF9CC3AC781C523C7D45
Requests: 1 HTTP requests in this frame

Frame: https://cca96a28eb164b8ebb3d9a26a3054f58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7EC65BB6F66E2A74E5433BE1DE2E345A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

81 %
HTTPS

56 %
IPv6

7
Domains

10
Subdomains

9
IPs

2
Countries

396 kB
Transfer

1145 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://img.sur.ly/favicons/3/3x3x3.biz.ico HTTP 307
  • https://cdn.sur.ly/img/default_favicon.ico
Request Chain 8
  • https://sur.ly/surly/images/platforms/wp.png HTTP 301
  • https://cdn.sur.ly/surly/images/platforms/wp.png
Request Chain 9
  • https://sur.ly/surly/images/platforms/jml.png HTTP 301
  • https://cdn.sur.ly/surly/images/platforms/jml.png
Request Chain 10
  • https://sur.ly/surly/images/platforms/drpl.png HTTP 301
  • https://cdn.sur.ly/surly/images/platforms/drpl.png
Request Chain 11
  • https://sur.ly/surly/images/platforms/php.png HTTP 301
  • https://cdn.sur.ly/surly/images/platforms/php.png
Request Chain 14
  • https://safe.sur.ly/external?url=3x3x3.biz%2Flink%252F118&forceHttps=0&panel_lang=en HTTP 302
  • https://3x3x3.biz/link/118

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 118
safe.sur.ly/i/https://www.3x3x3.biz/link/ 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
56a4af3249741f109c05dcbce6e1f776bab544453f20d75c4a14baaab30ba07c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 11 Jan 2025 02:16:40 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
vary
Accept-Encoding User-Agent
x-robots-tag
noindex
jquery.min.js
cdn.sur.ly/js/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/js/jquery.min.js
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62a6bbba-16cfb"
age
1212508
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n1RlzOAJVb06WWM8nYhZZol%2Bny%2BlT8O9aChPS%2B4AtTJWp7uT1hDGBl0FOHvMSxZ%2FlRhb3BTCRIbo8MmI7XS3H2As9q8B%2BOedkwWuValUYO0I8L09FAl2wmYsZeieUDUWujVIojS2ZvA%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 29 Dec 2024 07:38:13 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=971&min_rtt=941&rtt_var=139&sent=12&recv=17&lost=0&retrans=0&sent_bytes=5796&recv_bytes=2475&delivery_rate=3984236&cwnd=253&unsent_bytes=0&cid=691daf85cfc322d7&ts=16&x=0"
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
application/javascript
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
900167f91ce0fcc1-NRT
server
cloudflare
device.js
cdn.sur.ly/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/js/device.js
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44427cb2a51e54cca2cb648212f313ce64433ce7454e3df0c386c0156e98e36a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62a6bbba-a2d"
age
1528694
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DYscqa5k1GvwySHKIpTmTjvuuLL6wgWrFviYw9acl12ea8n8z9AjeyJ5hy5Y%2FLiXwwyLVwYkmnCD%2Bg%2FyLmfYmxkTS%2F%2FEzKb%2Brkb5%2FOFiBCmF51qtUN5zmHF5vDkUJiU1X270TgCwqdc%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 18 Jan 2025 21:08:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=989&min_rtt=941&rtt_var=139&sent=52&recv=18&lost=0&retrans=0&sent_bytes=40612&recv_bytes=2475&delivery_rate=3984236&cwnd=253&unsent_bytes=0&cid=691daf85cfc322d7&ts=17&x=0"
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
application/javascript
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
900167f91ce1fcc1-NRT
server
cloudflare
panel.js
cdn.sur.ly/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/js/panel.js
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96df360cabc3764a804e184c41406c405eec510ef54756ac59bc253cf0801d61

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62a6bbba-e5b"
age
1478756
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a2qt5O%2BJxc13jDA2thzOCSWPmrV8ngHz9%2BTw1xjBK%2Bglvs51xQluGAnv2%2BTwl9RHGhaxFb%2BKCGqs0f9a4qnLtOKgHtX2P8KRh2%2FeRcpC7hky25dvuLNn62YX6d6m0QaboFWwCU4IguA%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 18 Jan 2025 23:02:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=971&min_rtt=941&rtt_var=139&sent=9&recv=17&lost=0&retrans=0&sent_bytes=4042&recv_bytes=2475&delivery_rate=3984236&cwnd=253&unsent_bytes=0&cid=691daf85cfc322d7&ts=16&x=0"
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
application/javascript
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
900167f91ce2fcc1-NRT
server
cloudflare
panel.css
cdn.sur.ly/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/css/panel.css
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
965927282408a0c1384214531aeb2070e3ee108f43b370bdba2680e75ad5f533

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"62a6bbba-4026"
age
1029076
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=es5rCSLwTLd%2Bn4quc5r8xj1LToROUBwvbX9Chzg7oHbEgtkXvE60XxMHeNjfpwK2C3QZiCWAa6IjwvFpKxRURFKSVoSxjnIgVA6VcRjwKOAXCUaWjdYZBGRqxVnxX%2FqA6bzfXVGYai0%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 26 Jan 2025 06:04:46 GMT
cf-polished
origSize=16422
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1048&min_rtt=941&rtt_var=78&sent=55&recv=25&lost=0&retrans=0&sent_bytes=41903&recv_bytes=2475&delivery_rate=8295384&cwnd=255&unsent_bytes=0&cid=691daf85cfc322d7&ts=17&x=0"
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
text/css
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
900167f91cdffcc1-NRT
server
cloudflare
desktop.js
cdn.sur.ly/desktop/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/desktop/js/desktop.js
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
687aa3f2e902b02283d9a08521b7d77314cd2c7a1c921006974c8e40382bae08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"62a6bbba-264b"
age
1055476
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3A%2FnDMQUIDV%2B%2BffVtnUdMXNMzg980xOBZUBLtDprkgUBhgAL5QfF4yN6%2Bmvu4sd7b7NNjLPVhhxOpcVDx6ZwGAD7exFOPFlXvrGGVo%2BUmY9GYHI%2BZHq3lohMC0vmEPRw2hxlGqUHkUo%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 24 Jan 2025 03:06:55 GMT
cf-polished
origSize=9803
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1124&min_rtt=941&rtt_var=75&sent=60&recv=31&lost=0&retrans=0&sent_bytes=45025&recv_bytes=2475&delivery_rate=38698564&cwnd=255&unsent_bytes=0&cid=691daf85cfc322d7&ts=17&x=0"
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
application/javascript
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
900167f91ce4fcc1-NRT
server
cloudflare
gpt.js
www.googletagservices.com/tag/js/ 		107 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef63dd401693bf54fdc2f66f9986dbf63a655164ad0def2560c15305744e74e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

content-encoding
br
etag
285 / 20099 / 31089583 / config-hash: 17215036185971154211
x-content-type-options
nosniff
expires
Sat, 11 Jan 2025 02:16:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33867
x-xss-protection
0
server
cafe
favicon_sur.ly_white_32px.png
cdn.sur.ly/ 		660 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/favicon_sur.ly_white_32px.png
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93e1c897dcf175c8d98561fb24cb06aa2d6860fba7a24eb90d4c60cfe5a9e5b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

cf-bgj
imgq:100,h2pri
etag
"62a6bbba-499"
age
867934
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vweQ2two40ZgYzjtVizM2xImR4Rg79cApA1FzByNaRtkjKoyCuFZu%2F7gp6iT8Xe%2FHeO67TV4sXLEj%2BYEV7%2BPaGeYwbG1CK2LHcej9Ml82aIvw9VETkeIwyp0XUM%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 24 Jan 2025 07:26:12 GMT
cf-polished
origFmt=png, origSize=1177
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2305&min_rtt=1148&rtt_var=1112&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4317&recv_bytes=4744&delivery_rate=1038&cwnd=12000&unsent_bytes=0&cid=3fae71f89bef80e3&ts=52&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
image/webp
content-disposition
inline; filename="favicon_sur.webp"
vary
Accept
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
900167f94e02dfd9-NRT
accept-ranges
bytes
content-length
660
server
cloudflare
default_favicon.ico
cdn.sur.ly/img/
Redirect Chain
  • https://img.sur.ly/favicons/3/3x3x3.biz.ico
  • https://cdn.sur.ly/img/default_favicon.ico
726 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/img/default_favicon.ico
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H3
Server
172.67.74.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62a6bbba-2d6"
age
2264
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5R5JCOPeXgralJzScJsMNZF4eJkxb%2FjfvlaKqm6MlwoZO4umenooGowCfaDCpBOXhO6Fni40mFRf2wRkdMp6050aIWnahjNrzh1fegADIAi10Cq8isscjFAAtwI%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 27 Jan 2025 05:05:06 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2118&min_rtt=1148&rtt_var=960&sent=18&recv=13&lost=0&retrans=0&sent_bytes=6791&recv_bytes=5186&delivery_rate=129202&cwnd=12000&unsent_bytes=0&cid=3fae71f89bef80e3&ts=269&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
image/x-icon
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
900167faafbddfd9-NRT
server
cloudflare

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
location
https://cdn.sur.ly/img/default_favicon.ico
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wPhHL1EdsSAwljaqIGFP%2BNzwJoMh3%2FR8RyiM06fETcaW63SvR0%2FLrauO6dhSMCdsqpbEi3D8mYb5dSe5v0btU%2BtvgH%2BENeyXal3lTUUKTRc2nFu%2FPfpA2%2FEMEOE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
900167f95e0adfd9-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2225&min_rtt=1148&rtt_var=995&sent=15&recv=11&lost=0&retrans=0&sent_bytes=5822&recv_bytes=4787&delivery_rate=94020&cwnd=12000&unsent_bytes=0&cid=3fae71f89bef80e3&ts=250&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
wp.png
cdn.sur.ly/surly/images/platforms/
Redirect Chain
  • https://sur.ly/surly/images/platforms/wp.png
  • https://cdn.sur.ly/surly/images/platforms/wp.png
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/surly/images/platforms/wp.png
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H3
Server
172.67.74.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba6393369ae26cdaf4fda3d724db47e6c6a27c1ff94c4f4440f59373891b06c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

cf-bgj
imgq:100,h2pri
etag
"62a6bbba-293a"
age
1391704
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hAPVNyEUj%2FflCv4vfHiwGPZBw28SfTjwe1HWWQ3tMwodfcwKNrKGI45mHdndtDgpWR0ncO6kBupg77VEyS88a1KM%2F6fd%2B7ztkGS8G%2BfW3UIdlXafFgqblhvwHEc%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 18 Jan 2025 18:06:37 GMT
cf-polished
origFmt=png, origSize=10554
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2056&min_rtt=1148&rtt_var=810&sent=28&recv=19&lost=0&retrans=0&sent_bytes=14713&recv_bytes=6680&delivery_rate=114558&cwnd=12000&unsent_bytes=0&cid=3fae71f89bef80e3&ts=395&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
image/webp
content-disposition
inline; filename="wp.webp"
vary
Accept
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
priority
u=2,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
900167fb7885dfd9-NRT
accept-ranges
bytes
content-length
4330
server
cloudflare

Redirect headers

location
https://cdn.sur.ly/surly/images/platforms/wp.png
content-length
185
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
text/html
server
nginx/1.14.2
referrer-policy
origin-when-cross-origin
jml.png
cdn.sur.ly/surly/images/platforms/
Redirect Chain
  • https://sur.ly/surly/images/platforms/jml.png
  • https://cdn.sur.ly/surly/images/platforms/jml.png
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/surly/images/platforms/jml.png
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H3
Server
172.67.74.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df5af72bed6161fd02ece4c963700082b7d86d4ea536b740115da62c4729d62f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

cf-bgj
imgq:100,h2pri
etag
"62a6bbba-296a"
age
1048563
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VQp4pjob7YFF%2B4AL0VkK94x3fUiYabDL%2Bybl1to5nEI7mxWwJEEMcF4TUoKuz5fL0JX4AzJLoAEJex8pyYLkbsMfCQ%2FpJJJDEup7IXdflWSTbyjw4s4PBORS%2BLs%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 18 Jan 2025 00:12:19 GMT
cf-polished
origFmt=png, origSize=10602
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1900&min_rtt=1148&rtt_var=452&sent=33&recv=23&lost=0&retrans=0&sent_bytes=19922&recv_bytes=6852&delivery_rate=920233&cwnd=12000&unsent_bytes=0&cid=3fae71f89bef80e3&ts=396&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
image/webp
content-disposition
inline; filename="jml.webp"
vary
Accept
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
priority
u=2,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
900167fb7886dfd9-NRT
accept-ranges
bytes
content-length
5752
server
cloudflare

Redirect headers

location
https://cdn.sur.ly/surly/images/platforms/jml.png
content-length
185
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
text/html
server
nginx/1.14.2
referrer-policy
origin-when-cross-origin
drpl.png
cdn.sur.ly/surly/images/platforms/
Redirect Chain
  • https://sur.ly/surly/images/platforms/drpl.png
  • https://cdn.sur.ly/surly/images/platforms/drpl.png
5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/surly/images/platforms/drpl.png
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H3
Server
172.67.74.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6dfe71179b148708d299980302200a1ba864d38072d1e96166ec05d11dc217

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

cf-bgj
imgq:100,h2pri
etag
"62a6bbba-1e34"
age
1207681
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ra3DWugJrBeoqBLhqRj4nAx5YtYzFT%2FxphSW4yZ55EN5sMN%2Bo3VKNUJYn1RK%2B7cta%2BrOvINMcZfwsQXhwPiB5D%2BF%2B70KhgXUASPAJ%2FGBSNhc4KR%2F12VuWsWXbcM%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 23 Jan 2025 09:59:45 GMT
cf-polished
origFmt=png, origSize=7732
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2056&min_rtt=1148&rtt_var=810&sent=22&recv=19&lost=0&retrans=0&sent_bytes=8322&recv_bytes=6680&delivery_rate=114558&cwnd=12000&unsent_bytes=0&cid=3fae71f89bef80e3&ts=394&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
image/webp
content-disposition
inline; filename="drpl.webp"
vary
Accept
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
priority
u=2,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
900167fb7883dfd9-NRT
accept-ranges
bytes
content-length
5480
server
cloudflare

Redirect headers

location
https://cdn.sur.ly/surly/images/platforms/drpl.png
content-length
185
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
text/html
server
nginx/1.14.2
referrer-policy
origin-when-cross-origin
php.png
cdn.sur.ly/surly/images/platforms/
Redirect Chain
  • https://sur.ly/surly/images/platforms/php.png
  • https://cdn.sur.ly/surly/images/platforms/php.png
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/surly/images/platforms/php.png
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H3
Server
172.67.74.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec8d075b1f6aa1ac3f7de58d8f47df98b8a91ee8a93d8712579568e66c4b490

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

cf-bgj
imgq:100,h2pri
etag
"62a6bbba-22ac"
age
967074
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PSR%2FGdQdbLQP5Tyh9PwQGjdsjjZHJEPHK4vWC6mimsExvhMGusYBUi9ABGLl08Js6Mw43DnuMkaz%2FTf8KIKl5IAz1JTs0Gv1199hD8BS8IO7Yz4UBvbRfu7myFk%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 26 Jan 2025 05:53:54 GMT
cf-polished
origFmt=png, origSize=8876
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2056&min_rtt=1148&rtt_var=810&sent=33&recv=19&lost=0&retrans=0&sent_bytes=19922&recv_bytes=6680&delivery_rate=114558&cwnd=12000&unsent_bytes=0&cid=3fae71f89bef80e3&ts=396&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
image/webp
content-disposition
inline; filename="php.webp"
vary
Accept
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
priority
u=2,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
900167fb7887dfd9-NRT
accept-ranges
bytes
content-length
5652
server
cloudflare

Redirect headers

location
https://cdn.sur.ly/surly/images/platforms/php.png
content-length
185
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
text/html
server
nginx/1.14.2
referrer-policy
origin-when-cross-origin
js
www.googletagmanager.com/gtag/ 		324 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L04HQHN9RZ
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a3d8653579a1400346f72a0f6b6e4c997ead8ff09f59b97dfb0e438337bd599
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 11 Jan 2025 02:16:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110801
x-xss-protection
0
server
Google Tag Manager
stat.php
sur.ly/ 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sur.ly/stat.php?id=5212&r=25271
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 / PHP/8.3.7
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

content-length
43
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
image/gif
x-powered-by
PHP/8.3.7
server
nginx/1.14.2
referrer-policy
origin-when-cross-origin
118
3x3x3.biz/link/ Frame 6C74
Redirect Chain
  • https://safe.sur.ly/external?url=3x3x3.biz%2Flink%252F118&forceHttps=0&panel_lang=en
  • https://3x3x3.biz/link/118
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3x3x3.biz/link/118
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
69.10.58.85 Philadelphia, United States, ASN19318 (IS-AS-1, US),
Reverse DNS
server1.hugehithosting.com
Software
Apache /
Resource Hash

Request headers

Referer
https://safe.sur.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 11 Jan 2025 02:16:42 GMT
Keep-Alive
timeout=35, max=5000
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=utf-8
date
Sat, 11 Jan 2025 02:16:41 GMT
location
https://3x3x3.biz/link/118
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
stat.php
sur.ly/ 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sur.ly/stat.php?id=5055&r=72150
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 / PHP/8.3.7
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

content-length
43
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
image/gif
x-powered-by
PHP/8.3.7
server
nginx/1.14.2
referrer-policy
origin-when-cross-origin
stat.php
sur.ly/ 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sur.ly/stat.php?id=1888&r=11753
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 / PHP/8.3.7
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

content-length
43
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
image/gif
x-powered-by
PHP/8.3.7
server
nginx/1.14.2
referrer-policy
origin-when-cross-origin
stat.php
sur.ly/ 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sur.ly/stat.php?id=5893&r=25481
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 / PHP/8.3.7
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

content-length
43
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
image/gif
x-powered-by
PHP/8.3.7
server
nginx/1.14.2
referrer-policy
origin-when-cross-origin
stat.php
sur.ly/ 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sur.ly/stat.php?id=9726&r=52024
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 / PHP/8.3.7
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

content-length
43
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
image/gif
x-powered-by
PHP/8.3.7
server
nginx/1.14.2
referrer-policy
origin-when-cross-origin
surly.ttf
cdn.sur.ly/font/ 		2 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/font/surly.ttf
Requested by
Host: cdn.sur.ly
URL: https://cdn.sur.ly/css/panel.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
893f9fbf43e5c59e7f3fde7dc3e3596bca16a8e1e02e0972d456fba3a67cb20a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://safe.sur.ly
Referer
https://cdn.sur.ly/css/panel.css

Response headers

cf-cache-status
HIT
etag
"62a6bbba-988"
age
983697
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3tePr3nxdylpecIPX7e79U4DH28OaDO%2BBXrBbQhZLKa51q4%2BV%2B%2F7064wLWHcH4JO3uq1ZbJlIWxG2n9pin03YfGyLtnIHFzIvHSQGfWuUxzLeCq7f2fSHbTTsgk%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 27 Jan 2025 11:04:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1563&min_rtt=1272&rtt_var=409&sent=13&recv=11&lost=0&retrans=0&sent_bytes=3851&recv_bytes=5553&delivery_rate=9915&cwnd=12000&unsent_bytes=0&cid=34f7fa2420e358e6&ts=15&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
application/octet-stream
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
900167f95847d797-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2440
server
cloudflare
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501070101/ 		498 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501070101/pubads_impl.js?cb=31089583
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.2 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
cafe /
Resource Hash
c4dc43341628ff3f8c6f411ebdbd2dab440e758beb666ad7467c79b1acac38e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

content-encoding
br
etag
273197895018558538
age
36940
x-content-type-options
nosniff
expires
Sat, 10 Jan 2026 16:01:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 10 Jan 2025 16:01:01 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
158307
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202501090101/ 		63 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202501090101/gpt
Requested by
Host: safe.sur.ly
URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.2 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
cafe /
Resource Hash
83fb91b7a817bee2666baef516fc7a7b4c7ed560f6cbd2ad20ac0e2654d30818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
5018452012333894652
age
5817
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 00:39:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 11 Jan 2025 00:39:44 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23289
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202501090101"
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-L04HQHN9RZ&gtm=45je5190v9103726923za200&_p=1736561801168&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1620184382.1736561802&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1736561801&sct=1&seg=0&dl=https%3A%2F%2Fsafe.sur.ly%2Fi%2Fhttps%3A%2F%2Fwww.3x3x3.biz%2Flink%2F118&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1113
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L04HQHN9RZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://safe.sur.ly
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
text/plain
server
Golfe2
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 74B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501070101/pubads_impl.js?cb=31089583
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.2 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safe.sur.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2312
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29517
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jan 2025 01:38:09 GMT
expires
Sat, 11 Jan 2025 02:28:09 GMT
last-modified
Mon, 06 Jan 2025 20:43:01 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		871 B
469 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2316308642692893&correlator=2448627041337217&eid=31086815%2C31089672%2C31089583%2C83321072&output=ldjh&gdfp_req=1&vrg=202501070101&ptt=17&impl=fifs&iu_parts=275405283%2CSurly-Envelope-Catfish-Desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1736561801590&lmt=1736561801&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsafe.sur.ly%2Fi%2Fhttps%3A%2F%2Fwww.3x3x3.biz%2Flink%2F118&vis=1&psz=800x100&msz=0x-1&fws=132&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1736561800989&idt=569&adks=350692623&frm=20&eoidce=1&td=1&egid=35955&tan=0d942769-74f0-4c62-8292-510908a899e0&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501070101/pubads_impl.js?cb=31089583
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.2 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
cafe /
Resource Hash
9b2b92137c4894dc0fcbe58b4f052a35ce5db64498f3ce98d2df35642d1104ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://safe.sur.ly/

Response headers

content-encoding
dcb
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 11 Jan 2025 02:16:41 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://safe.sur.ly
content-length
439
x-xss-protection
0
server
cafe
container.html
cca96a28eb164b8ebb3d9a26a3054f58.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7EC6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cca96a28eb164b8ebb3d9a26a3054f58.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501070101/pubads_impl.js?cb=31089583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safe.sur.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jan 2025 02:16:41 GMT
expires
Sat, 11 Jan 2025 02:16:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery object| device function| Panel object| App function| sendAbuseMessage object| googletag function| receiveMessage function| gtag object| dataLayer object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| google_reactive_ads_global_state object| google_tag_topics_state number| google_unique_id

10 Cookies

Domain/Path Name / Value
sofiahalbofanimeworld.blogspot.com/2021/06 Name: TESTCOOKIESENABLED
Value: 1
safe.sur.ly/ Name: visitor_id
Value: 07d53d2b7acb8091e9b33a2b4a8a1ed3311b57ad
safe.sur.ly/ Name: surl_panel
Value: 1
.sur.ly/ Name: _ga
Value: GA1.1.1620184382.1736561802
.sur.ly/ Name: _ga_L04HQHN9RZ
Value: GS1.1.1736561801.1.0.1736561801.0.0.0
.sur.ly/ Name: __gads
Value: ID=c686f0e9f9e7b0be:T=1736561801:RT=1736561801:S=ALNI_MbeTq1wfLUWa3rHsP_EuXmPBxE9jA
.sur.ly/ Name: __gpi
Value: UID=00000fe427e7f053:T=1736561801:RT=1736561801:S=ALNI_MY6cB_WbRcNE_JChilbBkTqnfrARg
.sur.ly/ Name: __eoi
Value: ID=02d5cd4e17f33210:T=1736561801:RT=1736561801:S=AA-Afja8cDCyTh-O6ydY0vMUl2b2
.doubleclick.net/ Name: IDE
Value: AHWqTUlNHnBENcKkUXZWoyjVsWnhHwQEszZoeBGbH7CS5dZOmP_7K6i3Rrsu2zZxkHc
sofiahalbofanimeworld.blogspot.com/ Name: a
Value: TcWKaRekiHQUZ8kNTZ7trZisfV1mzvJK

8 Console Messages

Source Level URL
Text
security warning URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Message:
Mixed Content: The page at 'https://safe.sur.ly/i/https://www.3x3x3.biz/link/118' was loaded over HTTPS, but requested an insecure element 'http://sur.ly/surly/images/platforms/wp.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Message:
Mixed Content: The page at 'https://safe.sur.ly/i/https://www.3x3x3.biz/link/118' was loaded over HTTPS, but requested an insecure element 'http://sur.ly/surly/images/platforms/jml.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Message:
Mixed Content: The page at 'https://safe.sur.ly/i/https://www.3x3x3.biz/link/118' was loaded over HTTPS, but requested an insecure element 'http://sur.ly/surly/images/platforms/drpl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118
Message:
Mixed Content: The page at 'https://safe.sur.ly/i/https://www.3x3x3.biz/link/118' was loaded over HTTPS, but requested an insecure element 'http://sur.ly/surly/images/platforms/php.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118(Line 472)
Message:
Mixed Content: The page at 'https://safe.sur.ly/i/https://www.3x3x3.biz/link/118' was loaded over HTTPS, but requested an insecure element 'http://sur.ly/surly/images/platforms/wp.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118(Line 472)
Message:
Mixed Content: The page at 'https://safe.sur.ly/i/https://www.3x3x3.biz/link/118' was loaded over HTTPS, but requested an insecure element 'http://sur.ly/surly/images/platforms/jml.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118(Line 472)
Message:
Mixed Content: The page at 'https://safe.sur.ly/i/https://www.3x3x3.biz/link/118' was loaded over HTTPS, but requested an insecure element 'http://sur.ly/surly/images/platforms/drpl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safe.sur.ly/i/https://www.3x3x3.biz/link/118(Line 472)
Message:
Mixed Content: The page at 'https://safe.sur.ly/i/https://www.3x3x3.biz/link/118' was loaded over HTTPS, but requested an insecure element 'http://sur.ly/surly/images/platforms/php.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3x3x3.biz
cca96a28eb164b8ebb3d9a26a3054f58.safeframe.googlesyndication.com
cdn.sur.ly
img.sur.ly
safe.sur.ly
securepubads.g.doubleclick.net
sur.ly
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
142.251.222.2
172.67.74.235
2404:6800:4004:820::2002
2404:6800:4004:827::2001
2404:6800:4004:827::200e
2404:6800:4004:828::2008
2606:4700:20::681a:bb9
54.173.41.122
69.10.58.85
3a3d8653579a1400346f72a0f6b6e4c997ead8ff09f59b97dfb0e438337bd599
44427cb2a51e54cca2cb648212f313ce64433ce7454e3df0c386c0156e98e36a
4b6dfe71179b148708d299980302200a1ba864d38072d1e96166ec05d11dc217
56a4af3249741f109c05dcbce6e1f776bab544453f20d75c4a14baaab30ba07c
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
687aa3f2e902b02283d9a08521b7d77314cd2c7a1c921006974c8e40382bae08
83fb91b7a817bee2666baef516fc7a7b4c7ed560f6cbd2ad20ac0e2654d30818
893f9fbf43e5c59e7f3fde7dc3e3596bca16a8e1e02e0972d456fba3a67cb20a
93e1c897dcf175c8d98561fb24cb06aa2d6860fba7a24eb90d4c60cfe5a9e5b5
965927282408a0c1384214531aeb2070e3ee108f43b370bdba2680e75ad5f533
96df360cabc3764a804e184c41406c405eec510ef54756ac59bc253cf0801d61
9b2b92137c4894dc0fcbe58b4f052a35ce5db64498f3ce98d2df35642d1104ef
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c4dc43341628ff3f8c6f411ebdbd2dab440e758beb666ad7467c79b1acac38e5
cec8d075b1f6aa1ac3f7de58d8f47df98b8a91ee8a93d8712579568e66c4b490
dba6393369ae26cdaf4fda3d724db47e6c6a27c1ff94c4f4440f59373891b06c
df5af72bed6161fd02ece4c963700082b7d86d4ea536b740115da62c4729d62f
ef63dd401693bf54fdc2f66f9986dbf63a655164ad0def2560c15305744e74e8
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729