y5q-4s6.semerudiscovery.com Open in urlscan Pro
46.253.7.156 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://y5q-4s6.semerudiscovery.com/
Submission: On May 31 via api (May 31st 2024, 9:37:37 am UTC) from US — Scanned from DE

Summary HTTP 242 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 27 domains to perform 242 HTTP transactions. The main IP is 46.253.7.156, located in Bulgaria and belongs to SEVENDC, BG. The main domain is y5q-4s6.semerudiscovery.com.
TLS certificate: Issued by R3 on March 18th 2024. Valid for: 3 months.

This is the only time y5q-4s6.semerudiscovery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 26	46.253.7.156 46.253.7.156	216145 (SEVENDC) (SEVENDC)
1	134.195.197.167 134.195.197.167	62563 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
1	134.195.197.62 134.195.197.62	62563 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
11	104.21.235.37 104.21.235.37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10 46	104.21.235.38 104.21.235.38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	38.34.183.209 38.34.183.209	18978 (ENZUINC-) (ENZUINC-)
12	2600:9000:26d... 2600:9000:26da:4800:14:1855:3780:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	198.204.238.227 198.204.238.227	33387 (NOCIX) (NOCIX)
4	2606:4700:303... 2606:4700:3036::6815:30b3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	199.188.104.100 199.188.104.100	54600 (PEG-SV) (PEG-SV)
7	142.4.125.77 142.4.125.77	54600 (PEG-SV) (PEG-SV)
7	156.251.153.28 156.251.153.28	40065 (CNSERVERS) (CNSERVERS)
7	142.4.105.27 142.4.105.27	54600 (PEG-SV) (PEG-SV)
7	198.2.211.80 198.2.211.80	54600 (PEG-SV) (PEG-SV)
7	137.175.92.58 137.175.92.58	54600 (PEG-SV) (PEG-SV)
14	45.136.119.81 45.136.119.81	18978 (ENZUINC-) (ENZUINC-)
4	104.18.3.36 104.18.3.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	137.175.77.135 137.175.77.135	54600 (PEG-SV) (PEG-SV)
7	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	45.136.119.204 45.136.119.204	18978 (ENZUINC-) (ENZUINC-)
7	38.34.183.198 38.34.183.198	18978 (ENZUINC-) (ENZUINC-)
7	198.2.211.136 198.2.211.136	54600 (PEG-SV) (PEG-SV)
8	104.21.234.235 104.21.234.235	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.0.138.187 142.0.138.187	54600 (PEG-SV) (PEG-SV)
4	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.234.186 104.21.234.186	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	66.187.193.94 66.187.193.94	33185 (HIVE-DATA...) (HIVE-DATA-CENTER)
12	46.253.6.155 46.253.6.155	216145 (SEVENDC) (SEVENDC)
1	2606:4700:311... 2606:4700:3110::6812:3638	13335 (CLOUDFLAR...) (CLOUDFLARENET)
242	30

26 46.253.7.156 (Bulgaria) 2 redirects

ASN216145 (SEVENDC, BG)

y5q-4s6.semerudiscovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.195.197.167 (Vancouver, Canada)

ASN62563 (AS-GLOBALTELEHOST, CA)
PTR: 167-197-195-134.clients.gthost.com

x01-49z.discount-micro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.195.197.62 (Vancouver, Canada)

ASN62563 (AS-GLOBALTELEHOST, CA)
PTR: 62-197-195-134.clients.gthost.com

tong--ji.discount-micro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.21.235.37 (None, )

ASN13335 (CLOUDFLARENET, US)

img10.chkaja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img11.chkaja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 104.21.235.38 (None, ) 10 redirects

ASN13335 (CLOUDFLARENET, US)

img.chkaja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img12.chkaja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 38.34.183.209 (Chicago, United States)

ASN18978 (ENZUINC-, US)
PTR: 209.183-34-38.rdns.scalabledns.com

2231tc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:26da:4800:14:1855:3780:93a1 (United States)

ASN16509 (AMAZON-02, US)

pppmmm.tututufafafa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

tupain2.baitu4lliltvmwelqubyqm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 198.204.238.227 (United States)

ASN33387 (NOCIX, US)

pjkbv034cbdft6qwd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::6815:30b3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.3400tupian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 199.188.104.100 (United States)

ASN54600 (PEG-SV, US)
PTR: 7-darossaurca.com

9323tpdy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.4.125.77 (United States)

ASN54600 (PEG-SV, US)

cai75tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 156.251.153.28 (United States)

ASN40065 (CNSERVERS, US)

dgtc1.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.4.105.27 (United States)

ASN54600 (PEG-SV, US)

tp.8122778899.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 198.2.211.80 (United States)

ASN54600 (PEG-SV, US)

6399tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 137.175.92.58 (United States)

ASN54600 (PEG-SV, US)

tp.7859778899.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 45.136.119.81 (Los Angeles, United States)

ASN18978 (ENZUINC-, US)
PTR: 81.119-136-45.rdns.scalabledns.com

8208tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.3.36 (None, )

ASN13335 (CLOUDFLARENET, US)

imagedelivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 137.175.77.135 (United States)

ASN54600 (PEG-SV, US)

9216tp1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

tupain2.baitu4lliltvmwelqubyqm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.136.119.204 (Los Angeles, United States)

ASN18978 (ENZUINC-, US)
PTR: 204.119-136-45.rdns.scalabledns.com

c8932888tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 38.34.183.198 (Chicago, United States)

ASN18978 (ENZUINC-, US)
PTR: 198.183-34-38.rdns.scalabledns.com

1325tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 198.2.211.136 (United States)

ASN54600 (PEG-SV, US)

www.9129666tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.21.234.235 (None, )

ASN13335 (CLOUDFLARENET, US)

z4a.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.0.138.187 (United States)

ASN54600 (PEG-SV, US)

tutu.facaiimage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

img.ooo-17.ltd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.234.186 (None, )

ASN13335 (CLOUDFLARENET, US)

images.weserv.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.187.193.94 (Montreal, Canada)

ASN33185 (HIVE-DATA-CENTER, CA)

ztwyqsgdh.dglietou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 46.253.6.155 (Bulgaria)

ASN216145 (SEVENDC, BG)

s1x3d.mexicorecreation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3110::6812:3638 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bootcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	chkaja.com 10 redirects img10.chkaja.com — Cisco Umbrella Rank: 985503 img.chkaja.com — Cisco Umbrella Rank: 569566 img11.chkaja.com — Cisco Umbrella Rank: 937759 img12.chkaja.com — Cisco Umbrella Rank: 849412	2 MB
26	semerudiscovery.com 2 redirects y5q-4s6.semerudiscovery.com	149 KB
15	baitu4lliltvmwelqubyqm.com tupain2.baitu4lliltvmwelqubyqm.com	2 MB
14	8208tp.com 8208tp.com	371 KB
12	mexicorecreation.com s1x3d.mexicorecreation.com	10 KB
12	tututufafafa.com pppmmm.tututufafafa.com — Cisco Umbrella Rank: 970871	2 MB
8	z4a.net z4a.net — Cisco Umbrella Rank: 509203	99 KB
7	facaiimage.com tutu.facaiimage.com	208 KB
7	9129666tp.com www.9129666tp.com	376 KB
7	1325tp.com 1325tp.com	156 KB
7	c8932888tp.com c8932888tp.com	113 KB
7	9216tp1.com 9216tp1.com	143 KB
7	7859778899.com tp.7859778899.com	201 KB
7	6399tp.com 6399tp.com	301 KB
7	8122778899.com tp.8122778899.com	260 KB
7	dgtc1.top dgtc1.top	410 KB
7	cai75tp.com cai75tp.com	183 KB
7	9323tpdy.com 9323tpdy.com	219 KB
7	pjkbv034cbdft6qwd.com pjkbv034cbdft6qwd.com	224 KB
7	2231tc.com 2231tc.com	264 KB
4	ooo-17.ltd img.ooo-17.ltd	555 KB
4	imagedelivery.net imagedelivery.net — Cisco Umbrella Rank: 18648	561 KB
4	3400tupian.com www.3400tupian.com	283 KB
2	dglietou.com ztwyqsgdh.dglietou.com
2	weserv.nl images.weserv.nl — Cisco Umbrella Rank: 89887	237 KB
2	discount-micro.com x01-49z.discount-micro.com tong--ji.discount-micro.com	3 KB
1	bootcdn.net cdn.bootcdn.net — Cisco Umbrella Rank: 110314	8 KB
242	27

	Domain	Requested by
36	img12.chkaja.com	y5q-4s6.semerudiscovery.com
26	y5q-4s6.semerudiscovery.com	2 redirects y5q-4s6.semerudiscovery.com
15	tupain2.baitu4lliltvmwelqubyqm.com	y5q-4s6.semerudiscovery.com
14	8208tp.com	y5q-4s6.semerudiscovery.com
12	s1x3d.mexicorecreation.com	y5q-4s6.semerudiscovery.com
12	pppmmm.tututufafafa.com	y5q-4s6.semerudiscovery.com
10	img.chkaja.com	10 redirects
8	z4a.net	y5q-4s6.semerudiscovery.com
8	img11.chkaja.com	y5q-4s6.semerudiscovery.com
7	tutu.facaiimage.com	y5q-4s6.semerudiscovery.com
7	www.9129666tp.com	y5q-4s6.semerudiscovery.com
7	1325tp.com	y5q-4s6.semerudiscovery.com
7	c8932888tp.com	y5q-4s6.semerudiscovery.com
7	9216tp1.com	y5q-4s6.semerudiscovery.com
7	tp.7859778899.com	y5q-4s6.semerudiscovery.com
7	6399tp.com	y5q-4s6.semerudiscovery.com
7	tp.8122778899.com	y5q-4s6.semerudiscovery.com
7	dgtc1.top	y5q-4s6.semerudiscovery.com
7	cai75tp.com	y5q-4s6.semerudiscovery.com
7	9323tpdy.com	y5q-4s6.semerudiscovery.com
7	pjkbv034cbdft6qwd.com	y5q-4s6.semerudiscovery.com
7	2231tc.com	y5q-4s6.semerudiscovery.com
4	img.ooo-17.ltd	y5q-4s6.semerudiscovery.com
4	imagedelivery.net	y5q-4s6.semerudiscovery.com
4	www.3400tupian.com	y5q-4s6.semerudiscovery.com
3	img10.chkaja.com	y5q-4s6.semerudiscovery.com
2	ztwyqsgdh.dglietou.com	y5q-4s6.semerudiscovery.com
2	images.weserv.nl	y5q-4s6.semerudiscovery.com
1	cdn.bootcdn.net	x01-49z.discount-micro.com
1	tong--ji.discount-micro.com	y5q-4s6.semerudiscovery.com
1	x01-49z.discount-micro.com	y5q-4s6.semerudiscovery.com
242	31

This site contains links to these domains. Also see Links.

Domain
vo9xia.zai.castingwheels.com

Subject Issuer	Validity	Valid
029gdh.wjburley.com R3	`2024-03-18` - `2024-06-16`	3 months	crt.sh
x01-49z.discount-micro.com R3	`2024-04-15` - `2024-07-14`	3 months	crt.sh
tong--ji.discount-micro.com R3	`2024-04-15` - `2024-07-14`	3 months	crt.sh
chkaja.com E1	`2024-05-02` - `2024-07-31`	3 months	crt.sh
2231tc.com R3	`2024-05-08` - `2024-08-06`	3 months	crt.sh
pppmmm.tututufafafa.com Amazon RSA 2048 M02	`2024-03-29` - `2025-04-28`	a year	crt.sh
baitu4lliltvmwelqubyqm.com GTS CA 1P5	`2024-05-01` - `2024-07-30`	3 months	crt.sh
pjkbv034cbdft6qwd.com Certum Domain Validation CA SHA2	`2023-08-08` - `2024-09-06`	a year	crt.sh
3400tupian.com E1	`2024-05-20` - `2024-08-18`	3 months	crt.sh
9323tpdy.com R3	`2024-05-08` - `2024-08-06`	3 months	crt.sh
cai75tp.com R3	`2024-05-09` - `2024-08-07`	3 months	crt.sh
dgtc1.top R3	`2024-05-19` - `2024-08-17`	3 months	crt.sh
tp.8122778899.com R3	`2024-05-24` - `2024-08-22`	3 months	crt.sh
6399tp.com R3	`2024-05-09` - `2024-08-07`	3 months	crt.sh
tp.7859778899.com R3	`2024-05-24` - `2024-08-22`	3 months	crt.sh
8208tp.com R3	`2024-05-08` - `2024-08-06`	3 months	crt.sh
imagedelivery.net E1	`2024-05-21` - `2024-08-19`	3 months	crt.sh
9216tp1.com R3	`2024-05-23` - `2024-08-21`	3 months	crt.sh
c8932888tp.com R3	`2024-05-08` - `2024-08-06`	3 months	crt.sh
1325tp.com R3	`2024-05-08` - `2024-08-06`	3 months	crt.sh
www.9129666tp.com R3	`2024-05-09` - `2024-08-07`	3 months	crt.sh
z4a.net GTS CA 1P5	`2024-04-24` - `2024-07-23`	3 months	crt.sh
facaiimage.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-23` - `2025-02-22`	a year	crt.sh
ooo-17.ltd GTS CA 1P5	`2024-05-15` - `2024-08-13`	3 months	crt.sh
weserv.nl GTS CA 1P5	`2024-04-11` - `2024-07-10`	3 months	crt.sh
ztwyqsgdh.dglietou.com R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
s1x3d.mexicorecreation.com R3	`2024-05-12` - `2024-08-10`	3 months	crt.sh
cdn.bootcdn.net E1	`2024-04-12` - `2024-07-11`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://y5q-4s6.semerudiscovery.com/
Frame ID: F0468510D1C32636B63B3986ECE88D1C
Requests: 7 HTTP requests in this frame

Frame: https://y5q-4s6.semerudiscovery.com/tb/
Frame ID: DD2B6462DE859E9E924740C3377EA9EA
Requests: 5 HTTP requests in this frame

Frame: https://tong--ji.discount-micro.com:2053/gdh.html
Frame ID: 87B5AD1EDF88F13F3BDE3750DD094D5E
Requests: 1 HTTP requests in this frame

Frame: https://y5q-4s6.semerudiscovery.com/yjjy/
Frame ID: 136240CD356874636724F1DFDB5C306B
Requests: 50 HTTP requests in this frame

Frame: https://ztwyqsgdh.dglietou.com/ambm/dbkj.html
Frame ID: 60062828BA853B7034A818D82D7ACB19
Requests: 1 HTTP requests in this frame

Frame: https://ztwyqsgdh.dglietou.com/ambm/02949.html
Frame ID: 0160DFEBB36DCFBCC0E9E9422E6A6172
Requests: 1 HTTP requests in this frame

Frame: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Frame ID: E6E1DF7771C3EBE02DC69FB026FEB155
Requests: 55 HTTP requests in this frame

Frame: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Frame ID: DCC5925CB755AA537C3C01B9DBFAC136
Requests: 55 HTTP requests in this frame

Frame: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Frame ID: 620FE0121D17F85C0EBB05291E4E42FA
Requests: 54 HTTP requests in this frame

Frame: https://y5q-4s6.semerudiscovery.com/yjjy/sx.htm
Frame ID: 752B111316D6FB7E54910ABE5818D6E6
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

【廣.東.會】致力打造，火热全网！

Page Statistics

242
Requests

86 %
HTTPS

13 %
IPv6

27
Domains

31
Subdomains

30
IPs

5
Countries

11328 kB
Transfer

61320 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vo9xia.zai.castingwheels.com:8443/0149dh/
Title: 下载APP

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://y5q-4s6.semerudiscovery.com/tb HTTP 301
https://y5q-4s6.semerudiscovery.com/tb/

Request Chain 6

https://y5q-4s6.semerudiscovery.com/yjjy HTTP 301
https://y5q-4s6.semerudiscovery.com/yjjy/

Request Chain 17

https://img.chkaja.com/dc5b1de0a2ded0ef.gif HTTP 301
https://img11.chkaja.com/files/20240310/dc5b1de0a2ded0ef.gif

Request Chain 44

https://img.chkaja.com/2294fd311d5ec49d.gif HTTP 301
https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif

Request Chain 49

https://img.chkaja.com/d1dd9b9aeb521df8.gif HTTP 301
https://img12.chkaja.com/files/20240419/d1dd9b9aeb521df8.gif

Request Chain 54

https://img.chkaja.com/dfa5c2b123b097b1.gif HTTP 301
https://img12.chkaja.com/files/20240419/dfa5c2b123b097b1.gif

Request Chain 95

https://img.chkaja.com/2294fd311d5ec49d.gif HTTP 301
https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif

Request Chain 139

https://img.chkaja.com/2294fd311d5ec49d.gif HTTP 301
https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif

Request Chain 171

https://img.chkaja.com/2294fd311d5ec49d.gif HTTP 301
https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif

Request Chain 193

https://img.chkaja.com/2294fd311d5ec49d.gif HTTP 301
https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif

Request Chain 215

https://img.chkaja.com/2294fd311d5ec49d.gif HTTP 301
https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif

Request Chain 236

https://img.chkaja.com/2294fd311d5ec49d.gif HTTP 301
https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif

242 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
y5q-4s6.semerudiscovery.com/ 9 KB
5 KB 373ms
31ms Document
text/html 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to

Full URL

https://y5q-4s6.semerudiscovery.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

e4cc67588b583296adfce78f7999d1395eff290ecf1125a76bcab7f09ada2065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 31 May 2024 09:37:26 GMT
etag: W/"665432b3-25f7"
last-modified: Mon, 27 May 2024 07:13:55 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 style.css
y5q-4s6.semerudiscovery.com/skin/css/ 28 KB
8 KB 38ms
37ms Stylesheet
text/css 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to

Full URL

https://y5q-4s6.semerudiscovery.com/skin/css/style.css

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

5ae9d1a925e5ff73ccb4ddd1e1347d00e065d1efe76942e6820e6213dc761c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 May 2024 14:41:18 GMT
server: nginx
etag: W/"6655ed0e-7024"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 31 May 2024 21:37:26 GMT

GET
H2 200 tbv84f.js Show response
y5q-4s6.semerudiscovery.com/tb/ 1 KB
910 B 38ms
38ms Script
application/javascript 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to

Full URL

https://y5q-4s6.semerudiscovery.com/tb/tbv84f.js

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

f7050848032079339fc54cf1cb0b7f29e94dceccba050bdf0a8fec314554c66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 May 2024 14:40:52 GMT
server: nginx
etag: W/"6655ecf4-472"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 31 May 2024 21:37:26 GMT

GET
H2 200 wenzhangc0sh.js Show response
y5q-4s6.semerudiscovery.com/yjjy/ 2 KB
1 KB 39ms
39ms Script
application/javascript 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/wenzhangc0sh.js

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

789fecee97496327e0a92bba6935a848b6b48abbe5b60296d7de8a5aa0bddc73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 10 Feb 2024 05:23:17 GMT
server: nginx
etag: W/"65c70845-6e0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 31 May 2024 21:37:26 GMT

GET
H2 200 app.js Show response
x01-49z.discount-micro.com/ 12 KB
3 KB 950ms
160ms Script
application/javascript 134.195.197.167
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://x01-49z.discount-micro.com:2053/app.js

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.197.167 Vancouver, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

167-197-195-134.clients.gthost.com

Software

nginx /

Resource Hash

e1ba4eac9df9e93b52b44220699d05f4f099f856f33255483ef6ad6d0b0d5743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 06 May 2024 03:06:51 GMT
server: nginx
etag: W/"6638494b-2e20"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 31 May 2024 21:37:27 GMT

GET
H2

200

/ Show response
y5q-4s6.semerudiscovery.com/tb/ Frame DD2B
Redirect Chain

https://y5q-4s6.semerudiscovery.com/tb
https://y5q-4s6.semerudiscovery.com/tb/

3 KB
1 KB

32ms
32ms

Document
text/html

46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to

Full URL

https://y5q-4s6.semerudiscovery.com/tb/

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/tb/tbv84f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

ab02698820a9b474d1dda26aa8ed7ea10db4f22f980ea62fadce06378f3f3b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 31 May 2024 09:37:26 GMT
etag: W/"6655ecdc-b3a"
last-modified: Tue, 28 May 2024 14:40:28 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

content-length: 162
content-type: text/html
date: Fri, 31 May 2024 09:37:26 GMT
location: https://y5q-4s6.semerudiscovery.com/tb/
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 gdh.html
tong--ji.discount-micro.com/ Frame 87B5 0
0 654ms
160ms Document
text/html 134.195.197.62
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://tong--ji.discount-micro.com:2053/gdh.html

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.197.62 Vancouver, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

62-197-195-134.clients.gthost.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-length: 580
content-type: text/html
date: Fri, 31 May 2024 09:37:27 GMT
etag: "65640bf6-244"
last-modified: Mon, 27 Nov 2023 03:24:38 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H2

200

/ Show response
y5q-4s6.semerudiscovery.com/yjjy/ Frame 1362
Redirect Chain

https://y5q-4s6.semerudiscovery.com/yjjy
https://y5q-4s6.semerudiscovery.com/yjjy/

133 KB
20 KB

33ms
33ms

Document
text/html

46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/wenzhangc0sh.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

b38088991f596027f307e2a5041806cb1df9c991a41d3012bb7ec9d1d9ba84ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 31 May 2024 09:37:26 GMT
etag: W/"66596cae-21386"
last-modified: Fri, 31 May 2024 06:22:38 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

content-length: 162
content-type: text/html
date: Fri, 31 May 2024 09:37:26 GMT
location: https://y5q-4s6.semerudiscovery.com/yjjy/
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 zwz.js Show response
y5q-4s6.semerudiscovery.com/yjjy/images/ Frame DD2B 217 B
430 B 41ms
40ms Script
application/javascript 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/images/zwz.js

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/tb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

a3f5da2f37d48bde32193047c322a054d8fae13e0388c97aa8a76c2a88e82d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/tb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 11 May 2024 01:34:31 GMT
server: nginx
etag: "663ecb27-d9"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 217
expires: Fri, 31 May 2024 21:37:26 GMT

GET
H3 200 cbd6abd603e97465.png
img10.chkaja.com/files/20240109/ Frame DD2B 31 KB
32 KB 85ms
41ms Image
image/png 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img10.chkaja.com/files/20240109/cbd6abd603e97465.png

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/tb/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b74753e038b1e7455a308bc79112beb7615f6b853ae5ffb6bf88e92b81ccc997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5444851
alt-svc: h3=":443"; ma=86400
content-length: 32015
last-modified: Tue, 09 Jan 2024 10:03:31 GMT
server: cloudflare
etag: "659d19f3-7d0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YHb4D0uCx%2FlILsqORaJiJ9MuAXR8YdKGFQysxq3sRUN3Jj5vbhJKiKHdjv21dsAwS5N1wK%2FJNMKXu4iVMjS2YNY%2BUGx6%2Fkzx9hyyYIcIDx0rPs5EdSFS3ganKRfT3LvGyNyn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc3edbae35ea-FRA
priority: u=2,i
expires: Sat, 29 Mar 2025 09:09:55 GMT

GET
H2 200 sty1e.css
y5q-4s6.semerudiscovery.com/yjjy/images/ Frame 1362 2 KB
965 B 34ms
34ms Stylesheet
text/css 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/images/sty1e.css

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

b7efb321f18d47784d0acc92b8b29c7f5444f18874f9d28c4fde985f9d488d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/yjjy/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 06:25:00 GMT
server: nginx
etag: W/"617f883c-618"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 31 May 2024 21:37:26 GMT

GET
H2 200 icon1.png
y5q-4s6.semerudiscovery.com/yjjy/images/ Frame 1362 11 KB
11 KB 35ms
34ms Image
image/png 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/images/icon1.png

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

3e6efe0815c9ea5b4502dd6c714ad9b2d6a191c7ca9b6bb15da50201f744edaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/yjjy/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Nov 2021 23:46:20 GMT
server: nginx
etag: "61831f4c-2c05"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11269
expires: Sun, 30 Jun 2024 09:37:26 GMT

GET
H2 200 icon2.png
y5q-4s6.semerudiscovery.com/yjjy/images/ Frame 1362 11 KB
11 KB 36ms
36ms Image
image/png 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/images/icon2.png

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

6cd8f1af5a0fbf8ad900df3c173f1738929b115a84245b71c945f193d298df2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/yjjy/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Nov 2021 23:46:22 GMT
server: nginx
etag: "61831f4e-2c06"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11270
expires: Sun, 30 Jun 2024 09:37:26 GMT

GET
H2 200 icon3.png
y5q-4s6.semerudiscovery.com/yjjy/images/ Frame 1362 10 KB
10 KB 34ms
34ms Image
image/png 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/images/icon3.png

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

1104e712e03efa5a2d26d91c4a5e9c4520565ab74502e2cec9f8bb95331907c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/yjjy/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Nov 2021 23:46:22 GMT
server: nginx
etag: "61831f4e-2883"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10371
expires: Sun, 30 Jun 2024 09:37:26 GMT

GET
H2 200 icon4.png
y5q-4s6.semerudiscovery.com/yjjy/images/ Frame 1362 11 KB
11 KB 35ms
35ms Image
image/png 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/images/icon4.png

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

9f47cb14e759d2e75e90c421e6f382626c3978cc676b5ec9ff792ae7d09e331a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/yjjy/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Nov 2021 23:46:24 GMT
server: nginx
etag: "61831f50-2a76"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10870
expires: Sun, 30 Jun 2024 09:37:26 GMT

GET
H2 200 icon5.png
y5q-4s6.semerudiscovery.com/yjjy/images/ Frame 1362 11 KB
11 KB 99ms
99ms Image
image/png 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/images/icon5.png

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

dce826e006580a87880617fa0f71161975fcc4d5a9839c868e11613fd5820fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/yjjy/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Nov 2021 23:46:24 GMT
server: nginx
etag: "61831f50-2aae"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10926
expires: Sun, 30 Jun 2024 09:37:26 GMT

GET
H3 200 514c5d90740434a2.gif
img10.chkaja.com/files/20240125/ Frame 1362 16 KB
16 KB 58ms
28ms Image
image/gif 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img10.chkaja.com/files/20240125/514c5d90740434a2.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d580aa056de9feef2e9d5633d1d10d93b78b3185db715865f4bbc2dd0d733fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712422
alt-svc: h3=":443"; ma=86400
content-length: 16323
last-modified: Thu, 25 Jan 2024 03:50:43 GMT
server: cloudflare
etag: "65b1da93-3fc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aUqmhU%2BC65qSzEFe3vuvZ9FVqB%2FSCSHMM9sfX0rdLww7PEYpI%2Bw8WVBf1%2BoRe8LlQ7CS7KiKBG8DiSCsvE%2Fnn7MkcfuHY0iGRW3zu6BdYzlWwuG%2FSTt5irfrE1LMkgVT2vl0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc3edbaf35ea-FRA
priority: u=3,i
expires: Fri, 23 May 2025 03:43:43 GMT

GET
H3 200 03b5328e493b7c8b.png
img10.chkaja.com/files/20240125/ Frame 1362 111 KB
112 KB 155ms
126ms Image
image/png 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img10.chkaja.com/files/20240125/03b5328e493b7c8b.png

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a22354aeb342419133a53eab028575c7572dc21461430c719287aa017db547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5259885
alt-svc: h3=":443"; ma=86400
content-length: 113649
last-modified: Thu, 25 Jan 2024 03:57:19 GMT
server: cloudflare
etag: "65b1dc1f-1bbf1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uBwrAowtzuIW7%2B0dzOK14B9O8ep%2BGK4MaW93RW7z5XkgptDSghcE2GSLkQV965ve2WN09l1ZCd64BPeaLrLOkUP2%2FBMraeB8F%2FhoV%2FkCbAoA6BFO5K6MagY7zBZyQ9c9HnKD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc3edbaa35ea-FRA
priority: u=3,i
expires: Mon, 31 Mar 2025 12:32:41 GMT

GET
H3

200

dc5b1de0a2ded0ef.gif
img11.chkaja.com/files/20240310/ Frame 1362
Redirect Chain

https://img.chkaja.com/dc5b1de0a2ded0ef.gif
https://img11.chkaja.com/files/20240310/dc5b1de0a2ded0ef.gif

23 KB
24 KB

56ms
56ms

Image
image/gif

104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240310/dc5b1de0a2ded0ef.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Server

104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

810363e87aad16acb5b7c1bdeb3b1492759096af3e4c8bff6303d8b9780e9e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 974402
alt-svc: h3=":443"; ma=86400
content-length: 23971
last-modified: Sun, 10 Mar 2024 14:34:07 GMT
server: cloudflare
etag: "65edc4df-5da3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B4GuZ%2FixyjCprJUltfxf1YJiqXgvrDENGmjozjnyKuI7t%2BXOzlzA9SinYhY3l2nzKq8De4cz0LYlZXI4G1uLVR5bVdER7H%2FXhrzcWnqBYu%2FOCloPy5kwwJX5d5n%2FV6OwK8Fz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc43d9d135ea-FRA
priority: u=1,i
expires: Tue, 20 May 2025 02:57:25 GMT

Redirect headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0vUVy5EEtvTe44qhTp7Jl1vTa8L7lRJmOO1fSCttLGFHiM3XL8kIbwXihr2kQTioyjs20%2BcbIwqQHfcBx85oUgIfkD3eXb403A%2BjY9sWu3H4mKTwZ33onxoKAeyypMcIAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://img11.chkaja.com/files/20240310/dc5b1de0a2ded0ef.gif
cf-ray: 88c5fc3eef093664-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i

GET
H2 200 jc.png
y5q-4s6.semerudiscovery.com/yjjy/images/ Frame 1362 14 KB
14 KB 100ms
96ms Image
image/png 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/images/jc.png

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

d1cdacfca4acb6ba851ec84e1bce56863166d935a784ed89a7c381046cd1417f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/yjjy/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 08 Apr 2023 12:12:46 GMT
server: nginx
etag: "64315a3e-3870"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14448
expires: Sun, 30 Jun 2024 09:37:26 GMT

GET
H2 200 zym.js Show response
y5q-4s6.semerudiscovery.com/yjjy/images/ Frame 1362 108 B
321 B 99ms
99ms Script
application/javascript 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/images/zym.js

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

4bfb1722a6a8b3dbb06098c521a99934bcd3c2e6dd65ac68ab040bf9e249a7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/yjjy/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 11 May 2024 01:35:06 GMT
server: nginx
etag: "663ecb4a-6c"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 108
expires: Fri, 31 May 2024 21:37:26 GMT

GET
H/1.1 200
OK 712x45.gif
2231tc.com/tp/ Frame 1362 263 KB
264 KB 1663ms
294ms Image
image/gif 38.34.183.209
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2231tc.com/tp/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.183.209 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 209.183-34-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 823ad4f78bac13f688cb162b2b627bd34418d816c72505e0f3395a73bdf2c419

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 03 Apr 2024 07:18:49 GMT
Server: openresty
ETag: "660d02d9-41d52"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 269650
Expires: Tue, 04 Jun 2024 08:36:49 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/mt2023/ Frame 1362 439 KB
440 KB 242ms
8ms Image
image/gif 2600:9000:26da:4800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm2.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:4800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 02:02:46 GMT
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 200081
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:26 GMT
server: nginx
etag: "65843a32-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 0SCF7FizEX_mO4RxlphpruY9TcLkQCA7dwiCh48Dah1EajnZquVKiQ==
expires: Fri, 28 Jun 2024 02:02:46 GMT

GET
H2 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame 1362 810 KB
811 KB 83ms
23ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 12:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 794566
etag: "658d6b0d-ca80e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v7z4AvwQXNHJWIBCi74TIAnXfMZMNX0y8%2Bs9bmWibp3Z8PwnYmQJOshMntpAbWkeUgc9irQDNfhNvIEgTo1OlsOjZvx8pgW3gx%2FYl5u0JEUx3qf8LDTS6S0cXTlBGEkTjs5%2FIKWOPytXM%2BK2NA%2B1zb2Lt0Nb%2FN6wj9UE83HmX39M"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 88c5fc3f0dac3617-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 02 Jun 2024 22:05:22 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame 1362 223 KB
224 KB 547ms
124ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pjkbv034cbdft6qwd.com/0343.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.204.238.227 , United States, ASN33387 (NOCIX, US),

Reverse DNS

Software

nginx /

Resource Hash

0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame 1362 282 KB
283 KB 92ms
28ms Image
image/gif 2606:4700:3036::6815:30b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:30b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 699867
alt-svc: h3=":443"; ma=86400
content-length: 289258
last-modified: Wed, 31 Jan 2024 16:12:40 GMT
server: cloudflare
etag: "65ba7178-469ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BNXsLKbVRP%2Bt1bNKybiG6nmiVrSPCEByBHFND5DYfc1CC4bFsNMOZ41wV7L5ayzO1qQ4mT%2BU1HLHnq0cqZQYUjjkTNQ5c40PMTlq1RMJsM4301yI2T1hwZ%2FFZoFma3dp2pKAXFQHQOmJXydsAL1dsA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 88c5fc3f1b29bba7-FRA
expires: Sun, 16 Jun 2024 06:42:04 GMT

GET
H2 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame 1362 638 KB
639 KB 116ms
57ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d50464bd958dc1a78ce17291b39dbd05e4b105aed51ba1ab165bf7a000ffa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Tue, 14 May 2024 06:48:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1384557
etag: "66430920-9f882"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wwCo%2FIty4OSPtf1nlnfKQaDGSuinzXZPxsw0z%2B58e%2BDMpMvFoCfybHLUhx4FxkGlouzb2RQFo3PHlTMiXdvPGIr0QRPDW9KVKT%2BEH5RV9EoozAQEQm0MDqrN%2Fl3Vy8ryqJ3JyZKF4iDChRjruabLSBjQWfqlFXwGMtnGv55QeK1L"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 88c5fc3f0dae3617-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 14 Jun 2024 07:56:16 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame 1362 272 KB
272 KB 168ms
131ms Image
image/gif 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5214894
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xig4EhMYL5IftjqjoJL0HDrw4n6kC%2FuT4kb660Xv%2Bg6l8xZ%2FK3x22yvWlCgWj2%2FB7DygZwRtFuYIaDeqnirkxNOclssjER7uigK5jwOglEBDueS%2FGcBwlm470s2z6KlkM1Iy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc3f4c3035ea-FRA
priority: u=3,i
expires: Tue, 01 Apr 2025 01:02:32 GMT

GET
H/1.1 200
OK 960x60.gif
9323tpdy.com/tp/ Frame 1362 219 KB
219 KB 1573ms
323ms Image
image/gif 199.188.104.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tpdy.com/tp/960x60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.188.104.100 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: 7-darossaurca.com
Software: openresty /
Resource Hash: f0a656c454dbf21a9324b8dc1fa67296dc7ecc76fe340d4a4e76ad98310e39e1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 29 May 2024 11:24:47 GMT
Server: openresty
ETag: "6657107f-36bc0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 224192
Expires: Fri, 28 Jun 2024 11:48:06 GMT

GET
H/1.1 200
OK 712x45.gif
cai75tp.com/tp/ Frame 1362 182 KB
183 KB 1439ms
319ms Image
image/gif 142.4.125.77
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cai75tp.com/tp/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.125.77 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: ac6c8e183655f03d1d84dd44f95ed1edb42197d01a8caa0b6e1a339504da3e2f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 22 May 2024 11:35:33 GMT
Server: openresty
ETag: "664dd885-2d8b7"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 186551
Expires: Fri, 21 Jun 2024 13:31:31 GMT

GET
H/1.1 200
OK 59.gif
dgtc1.top/ Frame 1362 410 KB
410 KB 3312ms
759ms Image
image/gif 156.251.153.28
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dgtc1.top/59.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

156.251.153.28 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx/onex /

Resource Hash

0deac220e0d6bd1cc4e5bb5a035958491a9467499b1a093480b1207a26950e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-One-Cache: HIT
Date: Fri, 31 May 2024 09:37:29 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 19 May 2024 10:18:07 GMT
Server: nginx/onex
ETag: "6649d1df-66840"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 419904
Expires: Tue, 25 Jun 2024 10:26:30 GMT

GET
H/1.1 200
OK 7bw50-1.gif
tp.8122778899.com/ Frame 1362 260 KB
260 KB 1601ms
315ms Image
image/gif 142.4.105.27
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.8122778899.com:8122/7bw50-1.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.105.27 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 14bb9e4a3853a947ad6c5dea51a9876ec111e802f89856d2ee3c4d3c5d2a7358

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Mon, 27 May 2024 10:09:42 GMT
Server: openresty
ETag: "66545be6-4107f"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 266367
Expires: Wed, 26 Jun 2024 11:51:20 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame 1362 300 KB
301 KB 1919ms
314ms Image
image/gif 198.2.211.80
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.80 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 307646
Expires: Tue, 28 May 2024 12:53:01 GMT

GET
H/1.1 200
OK 750-50.gif
tp.7859778899.com/ Frame 1362 201 KB
201 KB 1658ms
320ms Image
image/gif 137.175.92.58
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.7859778899.com:7859/750-50.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.92.58 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1c0ba84bc905441a32009cc3e96ca10c87be041e0df6728d14bcd9d9b15c3379

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 29 May 2024 04:54:54 GMT
Server: openresty
ETag: "6656b51e-32209"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 205321
Expires: Fri, 28 Jun 2024 05:15:08 GMT

GET
H/1.1 200
OK 8yustaoza.gif
8208tp.com/tp/ Frame 1362 193 KB
193 KB 1315ms
294ms Image
image/gif 45.136.119.81
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8208tp.com/tp/8yustaoza.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.81 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 81.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 197728
Expires: Sun, 16 Jun 2024 07:49:55 GMT

GET
H3 200 712x45
imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/ Frame 1362 560 KB
561 KB 64ms
38ms Image
image/gif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/712x45

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6827fad733b3b1ae8c84f554c4cdcfafcf5d80f9e81886f587390eac72cbf5a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=18+84 c=19+422 v=2024.3.2 l=573906
date: Fri, 31 May 2024 09:37:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 573906
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cf4eIMro_COxK4V4wILx0bOPfM4ZE98CIV-dmMU-nGDQ"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported", cf-images 299 "original is 5452B smaller"
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 88c5fc401bd75c80-FRA
priority: u=1;i=?0,cf-chb=(782;u=3;i=?0 1953;u=3;i=?0 15722;u=5;i=?0)

GET
H/1.1 200
OK 712x45.gif
9216tp1.com/7780/ Frame 1362 143 KB
143 KB 1735ms
313ms Image
image/gif 137.175.77.135
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp1.com/7780/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.77.135 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: e020ff48023453813f68be22a9af6168bb65d582abf2d9f10af29f6c386f4512

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Thu, 30 May 2024 06:18:17 GMT
Server: openresty
ETag: "66581a29-23c37"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 146487
Expires: Sat, 29 Jun 2024 12:53:58 GMT

GET
H3 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame 1362 665 KB
666 KB 25ms
24ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 779248
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTARbe5pqXtH3aqEetPtWTF9zIOZKAHtJOjBWTmnStL5ktGG7XnYkDqN56SLBfCiwlbV4wl9K3xi8PVddjMLSaEhqJeSQ333Hn3SIM1KmCbTbY7%2FOYCm%2BkTNzmLRh2mmU5KomZXIkiq8ELOzRGnriwBB54jK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 88c5fc3ff8e32bb2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 19:44:40 GMT

GET
H/1.1 200
OK 960x601.gif
8208tp.com/tp/ Frame 1362 177 KB
177 KB 1315ms
293ms Image
image/gif 45.136.119.81
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8208tp.com/tp/960x601.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.81 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 81.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181320
Expires: Sun, 16 Jun 2024 07:49:55 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame 1362 113 KB
113 KB 726ms
301ms Image
image/gif 45.136.119.204
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c8932888tp.com/tp/bht60.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.136.119.204 Los Angeles, United States, ASN18978 (ENZUINC-, US),

Reverse DNS

204.119-136-45.rdns.scalabledns.com

Software

openresty /

Resource Hash

8af87361004935ef41bc109093136833973d05d11065623ae551c528c5080332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:27 GMT
Strict-Transport-Security: max-age=31536000
Via: mycdn
Last-Modified: Fri, 12 Apr 2024 07:06:07 GMT
Server: openresty
ETag: "6618dd5f-1c3bd"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 115645
Expires: Sun, 30 Jun 2024 06:34:39 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame 1362 156 KB
156 KB 2014ms
293ms Image
image/gif 38.34.183.198
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.183.198 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 198.183-34-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 375df959b600f852811683d290fa3cb6e90cedf389ff9cb277b804ff5f68b4dd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 20 Mar 2024 04:31:54 GMT
Server: openresty
ETag: "65fa66ba-26fbf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 159679
Expires: Sun, 09 Jun 2024 09:01:04 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame 1362 375 KB
376 KB 1702ms
319ms Image
image/gif 198.2.211.136
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.136 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 384496
Expires: Fri, 28 Jun 2024 05:15:08 GMT

GET
H3 200 d91749288e0a9242.gif
img12.chkaja.com/files/20240506/ Frame 1362 230 KB
231 KB 34ms
22ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img12.chkaja.com/files/20240506/d91749288e0a9242.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6832d957fd2f331dc3386c51a70abe30b9997811ad77510adf7d37443b0378fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2165555
alt-svc: h3=":443"; ma=86400
content-length: 235778
last-modified: Mon, 06 May 2024 06:42:53 GMT
server: cloudflare
etag: "66387bed-39902"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2X%2FN5OFkimBZqyB5wRnIkP%2BPAI22kuPQ7HhOEMlD6P%2F8nwBPISTo1TJ%2FH6IYLErg%2B45uBgLCc9YkXrdiaU0ngN2k1KxzG%2B5NSHoolFWMPASAla%2BQITyG1uPJsNxsStfD8XN0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085c3664-FRA
priority: u=1,i
expires: Tue, 06 May 2025 08:04:51 GMT

GET
H2 200 kj.js Show response
y5q-4s6.semerudiscovery.com/yjjy/ Frame 1362 5 KB
2 KB 100ms
100ms Script
application/javascript 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/kj.js

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

cd7cb3ce458d2ca2be0afec55619cb1afbbbd2f3437452aa64e7d81207527dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/yjjy/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 23 May 2024 14:23:08 GMT
server: nginx
etag: W/"664f514c-14d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 31 May 2024 21:37:26 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/jnc2023/ Frame 1362 842 KB
844 KB 33ms
7ms Image
image/gif 2600:9000:26da:4800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm2.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:4800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 17:24:31 GMT
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 1613576
x-cache: Hit from cloudfront
content-length: 862690
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:24:07 GMT
server: nginx
etag: "6502fb67-d29e2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: SaTgf7Oqlicy8r9HVjRSRJWOqNbSHU3xAZHpBL0MxvxNE0XhgD71rA==
expires: Tue, 11 Jun 2024 17:24:31 GMT

GET
H3

200

2294fd311d5ec49d.gif
img12.chkaja.com/files/20240516/ Frame 1362
Redirect Chain

https://img.chkaja.com/2294fd311d5ec49d.gif
https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif

556 KB
557 KB

208ms
208ms

Image
image/gif

104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Server

104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d66718b90e0e8cebed28b7e9cd4c708b88caaf98e34f9be14fd92b4ab9f36b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1284510
alt-svc: h3=":443"; ma=86400
content-length: 569582
last-modified: Thu, 16 May 2024 11:35:46 GMT
server: cloudflare
etag: "6645ef92-8b0ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGfqbkLlXMoeLVPWhiqAgHylPs%2BMh%2BOXG1I%2FoxbU3vZ%2FuoQ7xem76AScLR%2B58AeAfDBBReKBQq9qhuxZV1cBibBycASuJX8lUhRC6ayzpZYHJTRprGZcJFzH6%2FKPGom4EQ9P"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc4028763664-FRA
priority: u=3,i
expires: Fri, 16 May 2025 12:48:57 GMT

Redirect headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 577
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SweIFXVMbGuPAGbCOVfgPepJKkVg9TFwv%2BsTlZlnkl%2BuZpQhE7AjlKeM5upKHJIeXhpsyb9Egp2IQFULSPacvbVYd7PAjTMCjcxV8Wn3MrDnCPl1qSIeYUyy3R6kJcfAhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif
cf-ray: 88c5fc3ff8463664-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i

GET
H3 200 0f905071953f834c.gif
img12.chkaja.com/files/20240506/ Frame 1362 359 KB
359 KB 237ms
226ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img12.chkaja.com/files/20240506/0f905071953f834c.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e6b38a0bcf535c14eccaf0f089d860ab7782adf47e1e528a06c6d9a2d9961b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2165555
alt-svc: h3=":443"; ma=86400
content-length: 367120
last-modified: Mon, 06 May 2024 06:42:10 GMT
server: cloudflare
etag: "66387bc2-59a10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmAiNAusnELTwMv1iu2vcY9eUBCqt%2FJjP00osm8oVA4xDXLUBMqI%2FnxLKphigpWB4l45z27GIIau8xv38CSAXkYcE0Z6V5XgFdqTWI0jHYjK9yyP7nhLtdbI5foZIor0Fb36"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085e3664-FRA
priority: u=3,i
expires: Tue, 06 May 2025 08:04:51 GMT

GET
H3 200 36c34c1e4ebef035.gif
img12.chkaja.com/files/20240512/ Frame 1362 248 KB
248 KB 236ms
225ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img12.chkaja.com/files/20240512/36c34c1e4ebef035.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

273e9615acdf6807ffebab2005319a5657a9ea8f779dda6fb440e85113d9a055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1642954
alt-svc: h3=":443"; ma=86400
content-length: 253758
last-modified: Sun, 12 May 2024 08:16:01 GMT
server: cloudflare
etag: "66407ac1-3df3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W39IZKTqUmC2EISWWx1ADYXEWvUfSJTNGWqwfOI72lEWyd2AEOWObEe%2BUtIOF0ft4Jx58pymiAd%2FjcxhR8%2BcOfQ0itlyMm%2FF6b5jFoq996ECOuMAakFcmHW1w%2FpPRnbNY%2F%2B2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085f3664-FRA
priority: u=3,i
expires: Mon, 12 May 2025 09:14:53 GMT

GET
H3 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame 1362 50 KB
50 KB 58ms
28ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125381
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Wed, 29 May 2024 22:47:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2uBhme4X6IUEJJs5xS%2FSSsTpr13R3G%2F0c5X4Lo4Bcgvb%2FpKvOg2Bo8dTupkun2vqaXz7RmwG%2FMZ%2Bpofj3agsInJZFcJENpTEAmKgIXixaT6KFCES0QJ0f79Z"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc402e349b40-FRA
expires: Thu, 29 May 2025 22:47:46 GMT

GET
H2 200 lhgg.gif
tutu.facaiimage.com/ Frame 1362 208 KB
208 KB 901ms
493ms Image
image/gif 142.0.138.187
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tutu.facaiimage.com/lhgg.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

142.0.138.187 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

nginx /

Resource Hash

57ff8cfb8e7f4d360a6f7f514b9cb72f9efe05b3ed4f13a7727b6b1977abccd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 08 Apr 2024 11:03:00 GMT
server: nginx
etag: "6613cee4-33f25"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 212773
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H3

200

d1dd9b9aeb521df8.gif
img12.chkaja.com/files/20240419/ Frame 1362
Redirect Chain

https://img.chkaja.com/d1dd9b9aeb521df8.gif
https://img12.chkaja.com/files/20240419/d1dd9b9aeb521df8.gif

20 KB
20 KB

20ms
20ms

Image
image/gif

104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img12.chkaja.com/files/20240419/d1dd9b9aeb521df8.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Server

104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f00188c3a03746fc0d727c969e034e9e8cfa4804c2c6e168a7471e677fe0134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 31 May 2024 09:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3629914
alt-svc: h3=":443"; ma=86400
content-length: 19985
last-modified: Fri, 19 Apr 2024 08:59:44 GMT
server: cloudflare
etag: "66223280-4e11"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KK2zPRNSgERWJEZNhOnHpeibURzY1A4%2BMc%2F6GTEeVbAC0dQDyqHzbS7zdv6B47x%2FJkz%2B19U9K2JV1X%2BlzIrDTKHWxPZEBiOoAByLoN5czI0vULIaiIvnkYch62vq%2BUsF6700"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc46d92e3664-FRA
priority: u=1,i
expires: Sat, 19 Apr 2025 09:18:54 GMT

Redirect headers

date: Fri, 31 May 2024 09:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oXcvCcAFlGEjrRvQpA2ZgteQf5IFlbgs5wVAH9Zkteq4uyYzs9HceOJxI80H9ZMrdbGZYomdR2JSrX1k61P6jD92%2BpJSmJ05prke3lr%2BfRLtmgKzuI6WdXSLbYR82tk%2FaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://img12.chkaja.com/files/20240419/d1dd9b9aeb521df8.gif
cf-ray: 88c5fc3ff8493664-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i

GET
H3 200 75070.gif
img.ooo-17.ltd/facaile/ Frame 1362 555 KB
555 KB 98ms
59ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ooo-17.ltd/facaile/75070.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1281713
alt-svc: h3=":443"; ma=86400
content-length: 568016
last-modified: Wed, 06 Mar 2024 07:50:29 GMT
server: cloudflare
etag: "65e82045-8aad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e9IyRLksqGFVidLljt3YUI4btT7QaDXrHiwUKvNn0gelhMMUuMhkJEvGhxfYmw9%2FljVSwKz42N2k2xwoXiKs%2Fh3hsOS%2BYDSPYCGA6LOTZBY%2BFuiinvQCk17lzBylfmFoUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 88c5fc4039549bce-FRA
expires: Sat, 15 Jun 2024 11:13:32 GMT

GET
H3 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame 1362 49 KB
49 KB 45ms
19ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1226591
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Fri, 17 May 2024 04:54:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vksrlM%2FIAu%2F7aXS45YEsflWErFdkdBKjTVQ4HdZOouCxuw%2FZ4nWGG3PALAustB87KIVsOuGkI2DoAGKu9Y6H94Xh9DWKXtUleTeyI2HsTOdzBYc2L5c1kdD"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc402e379b40-FRA
expires: Sat, 17 May 2025 04:54:16 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/yh2023/ Frame 1362 452 KB
453 KB 31ms
8ms Image
image/gif 2600:9000:26da:4800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm2.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:4800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7c2e91e0c01dedc90326bb79e88f933ddec44c0404cdb8975500eb206bba4dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 10:04:31 GMT
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 689576
x-cache: Hit from cloudfront
content-length: 463187
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jan 2024 09:55:23 GMT
server: nginx
etag: "65b0de8b-71153"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: XVTTQbs1gnJ9RCt1eqve5cJD3uzG0Rsouj6t6aAXEbkfEDUxuSXqCA==
expires: Sat, 22 Jun 2024 10:04:31 GMT

GET
H3 200 ecfb1b5f92eda01d.gif
img12.chkaja.com/files/20240515/ Frame 1362 247 KB
247 KB 163ms
162ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img12.chkaja.com/files/20240515/ecfb1b5f92eda01d.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 707594
alt-svc: h3=":443"; ma=86400
content-length: 252753
last-modified: Wed, 15 May 2024 10:21:44 GMT
server: cloudflare
etag: "66448cb8-3db51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DtjzDbhcH84PIEVFMTFi%2FQogzZxlBZhf8TWKmt%2BOE6p4lVRsKybv5Ks1VihyDljIzITg0rOPfvqhR94iT5BpFgR9DAy2bBIhS%2B6SIrgkPrKPxmSkOLyuhZCUIVwBMZ7tJ1%2Fl"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc4068cc3664-FRA
priority: u=3,i
expires: Fri, 23 May 2025 05:04:13 GMT

GET
H3

200

dfa5c2b123b097b1.gif
img12.chkaja.com/files/20240419/ Frame 1362
Redirect Chain

https://img.chkaja.com/dfa5c2b123b097b1.gif
https://img12.chkaja.com/files/20240419/dfa5c2b123b097b1.gif

20 KB
20 KB

19ms
19ms

Image
image/gif

104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img12.chkaja.com/files/20240419/dfa5c2b123b097b1.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Server

104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4fd1a97dd68cb6e5197f30d21582e3ae36ae1eb7bed4f6071e3b3ed86408439

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 31 May 2024 09:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3629913
alt-svc: h3=":443"; ma=86400
content-length: 20310
last-modified: Fri, 19 Apr 2024 09:00:27 GMT
server: cloudflare
etag: "662232ab-4f56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9EUr%2Fcgcj4PX1557QG4FiI0g3MSpjH9dbqlTf303moVwfvMHPdz66gSksRxvUyRmPNledNMQfNFrUDyWqSuG8Cfwb9e7z7MKWr8DJiUZnK%2FqGFW0vb5UJqj338qSOYYAsnTA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc4729ab3664-FRA
priority: u=1,i
expires: Sat, 19 Apr 2025 09:18:54 GMT

Redirect headers

date: Fri, 31 May 2024 09:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dISUtKEjsYIIhEdF86iiugmBq1bcA58g1dBmCtfyAI%2FgHa21j5z2HYgv79US8rBrfK1Zb5qeZVBE8XZYyhrfEiwIdGyC60QP7ViVLJbfHgvygkbwM%2BgN5W%2BeGa8w5xztqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://img12.chkaja.com/files/20240419/dfa5c2b123b097b1.gif
cf-ray: 88c5fc4068d03664-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i

GET
H3 200 /
images.weserv.nl/ Frame 1362 103 KB
104 KB 59ms
26ms Image
image/jpeg 104.21.234.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://tk2.xinchangcheng.net:4949/col/152/tbss.jpg

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bce8cc5cbb028384881688fa0dabcba92d9d048662db546f9aacfb29a3c1ea37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-images-api: 5
date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64027
x-cache-status: EXPIRED
x-upstream-response-length: 119837
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400
content-length: 105795
last-modified: Thu, 30 May 2024 15:50:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xS4Ne1lj9navW2OOBCQmBP2Kzi8Qso16a%2BjylWLp64ZdO8SMLVKRxDiiPchtY2Ysfmo1PkAzggIKLQevYciZdHkwACRhJFE7Up5gN3Ut%2Ba8pomurIh94%2B1ImaD1CFJATsSNn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://tk2.xinchangcheng.net:4949/col/152/tbss.jpg>; rel="canonical"
cf-ray: 88c5fc40a8d1085a-FRA
expires: Fri, 30 May 2025 15:50:20 GMT

GET
H3 200 /
images.weserv.nl/ Frame 1362 132 KB
133 KB 37ms
19ms Image
image/jpeg 104.21.234.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://tk2.xinchangcheng.net:4949/col/152/d25.jpg

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dc612f892472122ad31b7d67d40010ce7278d3ce1c11556ab7952a12a776741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-images-api: 5
date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 69306
x-cache-status: MISS
x-upstream-response-length: 159244
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400
content-length: 135514
last-modified: Thu, 30 May 2024 14:22:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g8vUPo63TpjzRerNJEic2wqZxq0IubxnOiVluVC59iCfpU%2Fu25f9nV2gtGvx6qyzvI10Bn9AWJJZkg5DivCO92NWVpxzmv5D11y4KgfVZJiKTRM3PgtjLoveZL8SLJfRpud6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://tk2.xinchangcheng.net:4949/col/152/d25.jpg>; rel="canonical"
cf-ray: 88c5fc40a8d2085a-FRA
expires: Fri, 30 May 2025 14:22:21 GMT

GET
H2 200 style.css
y5q-4s6.semerudiscovery.com/yjjy/images/ Frame 1362 13 KB
3 KB 73ms
71ms Stylesheet
text/css 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/images/style.css

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/images/sty1e.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

0e5657cc2ec3ecac3778320c237fddff1088d196dd598f11cef88d7af6ba9d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/yjjy/images/sty1e.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 07:37:04 GMT
server: nginx
etag: W/"63e9e8a0-33e8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 31 May 2024 21:37:26 GMT

GET
H2 200 logoa.png
y5q-4s6.semerudiscovery.com/yjjy/images/ Frame DD2B 10 KB
10 KB 85ms
85ms Image
image/png 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/images/logoa.png

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/tb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

52b8837323d9374394d291385c18083fd0cc772fe019fea172d2c3176d2ae1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/tb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20 Mar 2024 11:55:58 GMT
server: nginx
etag: "65facece-2869"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10345
expires: Sun, 30 Jun 2024 09:37:26 GMT

GET
H2 200 014952.png
y5q-4s6.semerudiscovery.com/yjjy/images/ Frame DD2B 6 KB
6 KB 86ms
86ms Image
image/png 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/images/014952.png

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/tb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

b3cda4d9143a2f218e20b900543a9f886f6b747a173b28a1f25f96cde0de016b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/tb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 11 May 2024 00:19:42 GMT
server: nginx
etag: "663eb99e-16a4"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5796
expires: Sun, 30 Jun 2024 09:37:26 GMT

GET
H2 200 dbkj.html
ztwyqsgdh.dglietou.com/ambm/ Frame 6006 0
0 381ms
95ms Document
text/html 66.187.193.94
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/dbkj.html

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/tb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.94 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html
date: Fri, 31 May 2024 09:37:27 GMT
etag: W/"63a70a62-af4"
expires: Sun, 30 Jun 2024 09:37:27 GMT
last-modified: Sat, 24 Dec 2022 14:19:14 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 02949.html
ztwyqsgdh.dglietou.com/ambm/ Frame 0160 0
0 287ms
96ms Document
text/html 66.187.193.94
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/02949.html

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/kj.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.94 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html
date: Fri, 31 May 2024 09:37:27 GMT
etag: W/"65f9615a-13b8"
expires: Sun, 30 Jun 2024 09:37:27 GMT
last-modified: Tue, 19 Mar 2024 09:56:42 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 bc.htm Show response
y5q-4s6.semerudiscovery.com/yjjy/ Frame E6E1 10 KB
3 KB 32ms
31ms Document
text/html 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

1c60bab7ab755f653d7ae735436f0beaac5372dedd729534f005872657f2da58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/yjjy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 31 May 2024 09:37:27 GMT
etag: W/"66588ccc-28b9"
last-modified: Thu, 30 May 2024 14:27:24 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 bc.htm Show response
y5q-4s6.semerudiscovery.com/yjjy/ Frame DCC5 10 KB
3 KB 73ms
42ms Document
text/html 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

1c60bab7ab755f653d7ae735436f0beaac5372dedd729534f005872657f2da58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/yjjy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 31 May 2024 09:37:27 GMT
etag: W/"66588ccc-28b9"
last-modified: Thu, 30 May 2024 14:27:24 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 bc.htm Show response
y5q-4s6.semerudiscovery.com/yjjy/ Frame 620F 10 KB
3 KB 116ms
37ms Document
text/html 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

1c60bab7ab755f653d7ae735436f0beaac5372dedd729534f005872657f2da58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/yjjy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 31 May 2024 09:37:27 GMT
etag: W/"66588ccc-28b9"
last-modified: Thu, 30 May 2024 14:27:24 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 sx.htm Show response
y5q-4s6.semerudiscovery.com/yjjy/ Frame 752B 24 KB
6 KB 31ms
31ms Document
text/html 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to

Full URL

https://y5q-4s6.semerudiscovery.com/yjjy/sx.htm

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

4cdf356ad9f1f5001648aeb99e27f0f78109625b2bf83910e387822c1c024186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/yjjy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 31 May 2024 09:37:27 GMT
etag: W/"65c74864-5ed3"
last-modified: Sat, 10 Feb 2024 09:56:52 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H/1.1 200
OK 712x45.gif
2231tc.com/tp/ Frame E6E1 263 KB
0 1270ms
1270ms Image
image/gif 38.34.183.209
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2231tc.com/tp/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.183.209 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 209.183-34-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 823ad4f78bac13f688cb162b2b627bd34418d816c72505e0f3395a73bdf2c419

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 03 Apr 2024 07:18:49 GMT
Server: openresty
ETag: "660d02d9-41d52"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 269650
Expires: Tue, 04 Jun 2024 08:36:49 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame E6E1 223 KB
0 156ms
156ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pjkbv034cbdft6qwd.com/0343.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.204.238.227 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame E6E1 282 KB
0 92ms
28ms Image
image/gif 2606:4700:3036::6815:30b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:30b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 699867
alt-svc: h3=":443"; ma=86400
content-length: 289258
last-modified: Wed, 31 Jan 2024 16:12:40 GMT
server: cloudflare
etag: "65ba7178-469ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BNXsLKbVRP%2Bt1bNKybiG6nmiVrSPCEByBHFND5DYfc1CC4bFsNMOZ41wV7L5ayzO1qQ4mT%2BU1HLHnq0cqZQYUjjkTNQ5c40PMTlq1RMJsM4301yI2T1hwZ%2FFZoFma3dp2pKAXFQHQOmJXydsAL1dsA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 88c5fc3f1b29bba7-FRA
expires: Sun, 16 Jun 2024 06:42:04 GMT

GET
H/1.1 200
OK 712x45.gif
cai75tp.com/tp/ Frame E6E1 182 KB
0 1233ms
1233ms Image
image/gif 142.4.125.77
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cai75tp.com/tp/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.125.77 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: ac6c8e183655f03d1d84dd44f95ed1edb42197d01a8caa0b6e1a339504da3e2f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 22 May 2024 11:35:33 GMT
Server: openresty
ETag: "664dd885-2d8b7"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 186551
Expires: Fri, 21 Jun 2024 13:31:31 GMT

GET
H/1.1 200
OK 7bw50-1.gif
tp.8122778899.com/ Frame E6E1 260 KB
0 1398ms
1398ms Image
image/gif 142.4.105.27
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.8122778899.com:8122/7bw50-1.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.105.27 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 14bb9e4a3853a947ad6c5dea51a9876ec111e802f89856d2ee3c4d3c5d2a7358

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Mon, 27 May 2024 10:09:42 GMT
Server: openresty
ETag: "66545be6-4107f"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 266367
Expires: Wed, 26 Jun 2024 11:51:20 GMT

GET
H/1.1 200
OK 750-50.gif
tp.7859778899.com/ Frame E6E1 201 KB
0 1454ms
1454ms Image
image/gif 137.175.92.58
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.7859778899.com:7859/750-50.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.92.58 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1c0ba84bc905441a32009cc3e96ca10c87be041e0df6728d14bcd9d9b15c3379

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 29 May 2024 04:54:54 GMT
Server: openresty
ETag: "6656b51e-32209"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 205321
Expires: Fri, 28 Jun 2024 05:15:08 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/mt2023/ Frame E6E1 439 KB
0 242ms
8ms Image
image/gif 2600:9000:26da:4800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm2.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:4800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 02:02:46 GMT
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 200081
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:26 GMT
server: nginx
etag: "65843a32-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 0SCF7FizEX_mO4RxlphpruY9TcLkQCA7dwiCh48Dah1EajnZquVKiQ==
expires: Fri, 28 Jun 2024 02:02:46 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/jnc2023/ Frame E6E1 842 KB
0 33ms
7ms Image
image/gif 2600:9000:26da:4800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm2.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:4800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 17:24:31 GMT
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 1613576
x-cache: Hit from cloudfront
content-length: 862690
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:24:07 GMT
server: nginx
etag: "6502fb67-d29e2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: SaTgf7Oqlicy8r9HVjRSRJWOqNbSHU3xAZHpBL0MxvxNE0XhgD71rA==
expires: Tue, 11 Jun 2024 17:24:31 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame E6E1 300 KB
0 1716ms
1716ms Image
image/gif 198.2.211.80
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.80 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 307646
Expires: Tue, 28 May 2024 12:53:01 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/yh2023/ Frame E6E1 452 KB
0 31ms
8ms Image
image/gif 2600:9000:26da:4800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm2.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:4800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7c2e91e0c01dedc90326bb79e88f933ddec44c0404cdb8975500eb206bba4dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 10:04:31 GMT
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 689576
x-cache: Hit from cloudfront
content-length: 463187
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jan 2024 09:55:23 GMT
server: nginx
etag: "65b0de8b-71153"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: XVTTQbs1gnJ9RCt1eqve5cJD3uzG0Rsouj6t6aAXEbkfEDUxuSXqCA==
expires: Sat, 22 Jun 2024 10:04:31 GMT

GET
H/1.1 200
OK 712x45.gif
9216tp1.com/7780/ Frame E6E1 143 KB
0 1532ms
1532ms Image
image/gif 137.175.77.135
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp1.com/7780/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.77.135 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: e020ff48023453813f68be22a9af6168bb65d582abf2d9f10af29f6c386f4512

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Thu, 30 May 2024 06:18:17 GMT
Server: openresty
ETag: "66581a29-23c37"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 146487
Expires: Sat, 29 Jun 2024 12:53:58 GMT

GET
H/1.1 200
OK 960x60.gif
9323tpdy.com/tp/ Frame E6E1 219 KB
0 1361ms
1361ms Image
image/gif 199.188.104.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tpdy.com/tp/960x60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.188.104.100 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: 7-darossaurca.com
Software: openresty /
Resource Hash: f0a656c454dbf21a9324b8dc1fa67296dc7ecc76fe340d4a4e76ad98310e39e1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 29 May 2024 11:24:47 GMT
Server: openresty
ETag: "6657107f-36bc0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 224192
Expires: Fri, 28 Jun 2024 11:48:06 GMT

GET
H2 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame E6E1 638 KB
0 116ms
57ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d50464bd958dc1a78ce17291b39dbd05e4b105aed51ba1ab165bf7a000ffa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Tue, 14 May 2024 06:48:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1384557
etag: "66430920-9f882"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wwCo%2FIty4OSPtf1nlnfKQaDGSuinzXZPxsw0z%2B58e%2BDMpMvFoCfybHLUhx4FxkGlouzb2RQFo3PHlTMiXdvPGIr0QRPDW9KVKT%2BEH5RV9EoozAQEQm0MDqrN%2Fl3Vy8ryqJ3JyZKF4iDChRjruabLSBjQWfqlFXwGMtnGv55QeK1L"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 88c5fc3f0dae3617-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 14 Jun 2024 07:56:16 GMT

GET
H2 200 lhgg.gif
tutu.facaiimage.com/ Frame E6E1 208 KB
0 698ms
698ms Image
image/gif 142.0.138.187
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tutu.facaiimage.com/lhgg.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.0.138.187 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: 57ff8cfb8e7f4d360a6f7f514b9cb72f9efe05b3ed4f13a7727b6b1977abccd7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
last-modified: Mon, 08 Apr 2024 11:03:00 GMT
server: nginx
etag: "6613cee4-33f25"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 212773
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame E6E1 810 KB
0 83ms
23ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 12:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 794566
etag: "658d6b0d-ca80e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v7z4AvwQXNHJWIBCi74TIAnXfMZMNX0y8%2Bs9bmWibp3Z8PwnYmQJOshMntpAbWkeUgc9irQDNfhNvIEgTo1OlsOjZvx8pgW3gx%2FYl5u0JEUx3qf8LDTS6S0cXTlBGEkTjs5%2FIKWOPytXM%2BK2NA%2B1zb2Lt0Nb%2FN6wj9UE83HmX39M"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 88c5fc3f0dac3617-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 02 Jun 2024 22:05:22 GMT

GET
H/1.1 200
OK 59.gif
dgtc1.top/ Frame E6E1 410 KB
0 3107ms
3107ms Image
image/gif 156.251.153.28
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgtc1.top/59.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.251.153.28 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx/onex /
Resource Hash: 0deac220e0d6bd1cc4e5bb5a035958491a9467499b1a093480b1207a26950e49

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-One-Cache: HIT
Date: Fri, 31 May 2024 09:37:29 GMT
Last-Modified: Sun, 19 May 2024 10:18:07 GMT
Server: nginx/onex
ETag: "6649d1df-66840"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 419904
Expires: Tue, 25 Jun 2024 10:26:30 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame E6E1 272 KB
0 1ms
1ms Image
image/gif 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5214894
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xig4EhMYL5IftjqjoJL0HDrw4n6kC%2FuT4kb660Xv%2Bg6l8xZ%2FK3x22yvWlCgWj2%2FB7DygZwRtFuYIaDeqnirkxNOclssjER7uigK5jwOglEBDueS%2FGcBwlm470s2z6KlkM1Iy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc3f4c3035ea-FRA
priority: u=3,i
expires: Tue, 01 Apr 2025 01:02:32 GMT

GET
H/1.1 200
OK 960x601.gif
8208tp.com/tp/ Frame E6E1 177 KB
0 1099ms
1099ms Image
image/gif 45.136.119.81
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8208tp.com/tp/960x601.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.81 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 81.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 181320
Expires: Sun, 16 Jun 2024 07:49:55 GMT

GET
H3 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame E6E1 50 KB
0 58ms
28ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125381
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Wed, 29 May 2024 22:47:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2uBhme4X6IUEJJs5xS%2FSSsTpr13R3G%2F0c5X4Lo4Bcgvb%2FpKvOg2Bo8dTupkun2vqaXz7RmwG%2FMZ%2Bpofj3agsInJZFcJENpTEAmKgIXixaT6KFCES0QJ0f79Z"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc402e349b40-FRA
expires: Thu, 29 May 2025 22:47:46 GMT

GET
H3 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame E6E1 665 KB
0 2ms
2ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 779248
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTARbe5pqXtH3aqEetPtWTF9zIOZKAHtJOjBWTmnStL5ktGG7XnYkDqN56SLBfCiwlbV4wl9K3xi8PVddjMLSaEhqJeSQ333Hn3SIM1KmCbTbY7%2FOYCm%2BkTNzmLRh2mmU5KomZXIkiq8ELOzRGnriwBB54jK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 88c5fc3ff8e32bb2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 19:44:40 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame E6E1 375 KB
0 1484ms
1484ms Image
image/gif 198.2.211.136
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.136 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 384496
Expires: Fri, 28 Jun 2024 05:15:08 GMT

GET
H/1.1 200
OK 8yustaoza.gif
8208tp.com/tp/ Frame E6E1 193 KB
0 1100ms
1100ms Image
image/gif 45.136.119.81
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8208tp.com/tp/8yustaoza.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.81 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 81.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 197728
Expires: Sun, 16 Jun 2024 07:49:55 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame E6E1 113 KB
0 2ms
2ms Image
image/gif 45.136.119.204
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c8932888tp.com/tp/bht60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.204 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 204.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 8af87361004935ef41bc109093136833973d05d11065623ae551c528c5080332

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:27 GMT
Via: mycdn
Last-Modified: Fri, 12 Apr 2024 07:06:07 GMT
Server: openresty
ETag: "6618dd5f-1c3bd"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 115645
Expires: Sun, 30 Jun 2024 06:34:39 GMT

GET
H3 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame E6E1 49 KB
0 45ms
19ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1226591
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Fri, 17 May 2024 04:54:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vksrlM%2FIAu%2F7aXS45YEsflWErFdkdBKjTVQ4HdZOouCxuw%2FZ4nWGG3PALAustB87KIVsOuGkI2DoAGKu9Y6H94Xh9DWKXtUleTeyI2HsTOdzBYc2L5c1kdD"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc402e379b40-FRA
expires: Sat, 17 May 2025 04:54:16 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame E6E1 156 KB
0 585ms
585ms Image
image/gif 38.34.183.198
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.183.198 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 198.183-34-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 375df959b600f852811683d290fa3cb6e90cedf389ff9cb277b804ff5f68b4dd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 20 Mar 2024 04:31:54 GMT
Server: openresty
ETag: "65fa66ba-26fbf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 159679
Expires: Sun, 09 Jun 2024 09:01:04 GMT

GET
H3 200 75070.gif
img.ooo-17.ltd/facaile/ Frame E6E1 555 KB
0 98ms
59ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ooo-17.ltd/facaile/75070.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1281713
alt-svc: h3=":443"; ma=86400
content-length: 568016
last-modified: Wed, 06 Mar 2024 07:50:29 GMT
server: cloudflare
etag: "65e82045-8aad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e9IyRLksqGFVidLljt3YUI4btT7QaDXrHiwUKvNn0gelhMMUuMhkJEvGhxfYmw9%2FljVSwKz42N2k2xwoXiKs%2Fh3hsOS%2BYDSPYCGA6LOTZBY%2BFuiinvQCk17lzBylfmFoUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 88c5fc4039549bce-FRA
expires: Sat, 15 Jun 2024 11:13:32 GMT

GET
H3 200 ecfb1b5f92eda01d.gif
img12.chkaja.com/files/20240515/ Frame E6E1 247 KB
0 38ms
38ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240515/ecfb1b5f92eda01d.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 707594
alt-svc: h3=":443"; ma=86400
content-length: 252753
last-modified: Wed, 15 May 2024 10:21:44 GMT
server: cloudflare
etag: "66448cb8-3db51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DtjzDbhcH84PIEVFMTFi%2FQogzZxlBZhf8TWKmt%2BOE6p4lVRsKybv5Ks1VihyDljIzITg0rOPfvqhR94iT5BpFgR9DAy2bBIhS%2B6SIrgkPrKPxmSkOLyuhZCUIVwBMZ7tJ1%2Fl"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc4068cc3664-FRA
priority: u=3,i
expires: Fri, 23 May 2025 05:04:13 GMT

GET
H3 200 712x45
imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/ Frame E6E1 560 KB
0 64ms
38ms Image
image/gif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/712x45

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6827fad733b3b1ae8c84f554c4cdcfafcf5d80f9e81886f587390eac72cbf5a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=18+84 c=19+422 v=2024.3.2 l=573906
date: Fri, 31 May 2024 09:37:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 573906
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cf4eIMro_COxK4V4wILx0bOPfM4ZE98CIV-dmMU-nGDQ"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported", cf-images 299 "original is 5452B smaller"
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 88c5fc401bd75c80-FRA
priority: u=1;i=?0,cf-chb=(782;u=3;i=?0 1953;u=3;i=?0 15722;u=5;i=?0)

GET
H3 200 d91749288e0a9242.gif
img12.chkaja.com/files/20240506/ Frame E6E1 230 KB
0 3ms
3ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240506/d91749288e0a9242.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6832d957fd2f331dc3386c51a70abe30b9997811ad77510adf7d37443b0378fb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2165555
alt-svc: h3=":443"; ma=86400
content-length: 235778
last-modified: Mon, 06 May 2024 06:42:53 GMT
server: cloudflare
etag: "66387bed-39902"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2X%2FN5OFkimBZqyB5wRnIkP%2BPAI22kuPQ7HhOEMlD6P%2F8nwBPISTo1TJ%2FH6IYLErg%2B45uBgLCc9YkXrdiaU0ngN2k1KxzG%2B5NSHoolFWMPASAla%2BQITyG1uPJsNxsStfD8XN0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085c3664-FRA
priority: u=1,i
expires: Tue, 06 May 2025 08:04:51 GMT

GET
H3

200

2294fd311d5ec49d.gif
img12.chkaja.com/files/20240516/ Frame E6E1
Redirect Chain

https://img.chkaja.com/2294fd311d5ec49d.gif
https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif

556 KB
0

22ms
22ms

Image
image/gif

104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66718b90e0e8cebed28b7e9cd4c708b88caaf98e34f9be14fd92b4ab9f36b42

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1284510
alt-svc: h3=":443"; ma=86400
content-length: 569582
last-modified: Thu, 16 May 2024 11:35:46 GMT
server: cloudflare
etag: "6645ef92-8b0ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGfqbkLlXMoeLVPWhiqAgHylPs%2BMh%2BOXG1I%2FoxbU3vZ%2FuoQ7xem76AScLR%2B58AeAfDBBReKBQq9qhuxZV1cBibBycASuJX8lUhRC6ayzpZYHJTRprGZcJFzH6%2FKPGom4EQ9P"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc4028763664-FRA
priority: u=3,i
expires: Fri, 16 May 2025 12:48:57 GMT

Redirect headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 577
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SweIFXVMbGuPAGbCOVfgPepJKkVg9TFwv%2BsTlZlnkl%2BuZpQhE7AjlKeM5upKHJIeXhpsyb9Egp2IQFULSPacvbVYd7PAjTMCjcxV8Wn3MrDnCPl1qSIeYUyy3R6kJcfAhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif
cf-ray: 88c5fc3ff8463664-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i

GET
H3 200 0f905071953f834c.gif
img12.chkaja.com/files/20240506/ Frame E6E1 359 KB
0 36ms
36ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240506/0f905071953f834c.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e6b38a0bcf535c14eccaf0f089d860ab7782adf47e1e528a06c6d9a2d9961b6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2165555
alt-svc: h3=":443"; ma=86400
content-length: 367120
last-modified: Mon, 06 May 2024 06:42:10 GMT
server: cloudflare
etag: "66387bc2-59a10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmAiNAusnELTwMv1iu2vcY9eUBCqt%2FJjP00osm8oVA4xDXLUBMqI%2FnxLKphigpWB4l45z27GIIau8xv38CSAXkYcE0Z6V5XgFdqTWI0jHYjK9yyP7nhLtdbI5foZIor0Fb36"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085e3664-FRA
priority: u=3,i
expires: Tue, 06 May 2025 08:04:51 GMT

GET
H3 200 36c34c1e4ebef035.gif
img12.chkaja.com/files/20240512/ Frame E6E1 248 KB
0 36ms
36ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240512/36c34c1e4ebef035.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 273e9615acdf6807ffebab2005319a5657a9ea8f779dda6fb440e85113d9a055

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1642954
alt-svc: h3=":443"; ma=86400
content-length: 253758
last-modified: Sun, 12 May 2024 08:16:01 GMT
server: cloudflare
etag: "66407ac1-3df3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W39IZKTqUmC2EISWWx1ADYXEWvUfSJTNGWqwfOI72lEWyd2AEOWObEe%2BUtIOF0ft4Jx58pymiAd%2FjcxhR8%2BcOfQ0itlyMm%2FF6b5jFoq996ECOuMAakFcmHW1w%2FpPRnbNY%2F%2B2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085f3664-FRA
priority: u=3,i
expires: Mon, 12 May 2025 09:14:53 GMT

GET
H2 200 long.gif
s1x3d.mexicorecreation.com/tp/ Frame 752B 843 B
1 KB 120ms
30ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/long.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

379b79374fd85419732e9048da588738ef21b50c15673af1160e98cf44a6fd66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:56 GMT
server: nginx
etag: "626cff00-34b"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 843
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 tu.gif
s1x3d.mexicorecreation.com/tp/ Frame 752B 583 B
789 B 121ms
32ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/tu.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

0fada6383084eea37080722a0b38e8bbb5c22b5e96c5c1a30e7132d501bebbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:19:01 GMT
server: nginx
etag: "626cff05-247"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 583
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 hu.gif
s1x3d.mexicorecreation.com/tp/ Frame 752B 729 B
935 B 91ms
33ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/hu.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

a34f9448e801cbb09648b7f84b23ed4c99f350d45b388f02eb94619405d06dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:54 GMT
server: nginx
etag: "626cfefe-2d9"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 729
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 niu.gif
s1x3d.mexicorecreation.com/tp/ Frame 752B 572 B
778 B 92ms
34ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/niu.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

7aba29366a261480736a289f19748f4c063cb9b1d23440b4ac77f6d797ea070f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:58 GMT
server: nginx
etag: "626cff02-23c"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 572
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 shu.gif
s1x3d.mexicorecreation.com/tp/ Frame 752B 526 B
732 B 93ms
36ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/shu.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

7258ca0727e3213dcc632719b008ae0a03845e123214a881be9cf7d6ba0fa125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:19:00 GMT
server: nginx
etag: "626cff04-20e"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 526
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 zhu.gif
s1x3d.mexicorecreation.com/tp/ Frame 752B 586 B
792 B 95ms
38ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/zhu.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

3021fb252ad35d85b4528031714d988ae09b0b3eb118ccf2426c56f0ba4f84ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:19:03 GMT
server: nginx
etag: "626cff07-24a"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 586
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 gou.gif
s1x3d.mexicorecreation.com/tp/ Frame 752B 603 B
809 B 34ms
32ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/gou.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

5754a557446c93493bac7a65f4b3ec1e9bce67e2da63ffa61a32b174a9cc6671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:52 GMT
server: nginx
etag: "626cfefc-25b"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 603
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 ji.gif
s1x3d.mexicorecreation.com/tp/ Frame 752B 753 B
959 B 35ms
33ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/ji.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

daf6d005b90cef0c3554059480c79555bcb6ec6968ee5392889fdd15dc6eb7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:55 GMT
server: nginx
etag: "626cfeff-2f1"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 753
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 hou.gif
s1x3d.mexicorecreation.com/tp/ Frame 752B 777 B
983 B 36ms
33ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/hou.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

c131eeb45d5ef0c50bbd376d618ac73fc3eb31d9fa0a21398a474748091d48e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:53 GMT
server: nginx
etag: "626cfefd-309"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 777
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 yang.gif
s1x3d.mexicorecreation.com/tp/ Frame 752B 641 B
847 B 38ms
35ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/yang.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

3dd447444516a3a7bb51016f53b9d5e51f5e2630382cd45e7cd7aa4f7d73210e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:19:02 GMT
server: nginx
etag: "626cff06-281"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 641
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 ma.gif
s1x3d.mexicorecreation.com/tp/ Frame 752B 600 B
806 B 39ms
36ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/ma.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

c3e192e3723193ba163c47df28401d03a95b20a26cebc13cad1025f23dc9b0b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:57 GMT
server: nginx
etag: "626cff01-258"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 600
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 she.gif
s1x3d.mexicorecreation.com/tp/ Frame 752B 572 B
778 B 39ms
37ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/she.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

b3c1487a4dc0bb8f182ae99cdbc7ae6d50e78fc4ae12aad752704f47cf482eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:59 GMT
server: nginx
etag: "626cff03-23c"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 572
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H/1.1 200
OK 712x45.gif
2231tc.com/tp/ Frame DCC5 263 KB
0 1265ms
1265ms Image
image/gif 38.34.183.209
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2231tc.com/tp/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.183.209 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 209.183-34-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 823ad4f78bac13f688cb162b2b627bd34418d816c72505e0f3395a73bdf2c419

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 03 Apr 2024 07:18:49 GMT
Server: openresty
ETag: "660d02d9-41d52"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 269650
Expires: Tue, 04 Jun 2024 08:36:49 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame DCC5 223 KB
0 150ms
150ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pjkbv034cbdft6qwd.com/0343.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.204.238.227 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame DCC5 282 KB
0 92ms
28ms Image
image/gif 2606:4700:3036::6815:30b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:30b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 699867
alt-svc: h3=":443"; ma=86400
content-length: 289258
last-modified: Wed, 31 Jan 2024 16:12:40 GMT
server: cloudflare
etag: "65ba7178-469ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BNXsLKbVRP%2Bt1bNKybiG6nmiVrSPCEByBHFND5DYfc1CC4bFsNMOZ41wV7L5ayzO1qQ4mT%2BU1HLHnq0cqZQYUjjkTNQ5c40PMTlq1RMJsM4301yI2T1hwZ%2FFZoFma3dp2pKAXFQHQOmJXydsAL1dsA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 88c5fc3f1b29bba7-FRA
expires: Sun, 16 Jun 2024 06:42:04 GMT

GET
H/1.1 200
OK 712x45.gif
cai75tp.com/tp/ Frame DCC5 182 KB
0 1214ms
1214ms Image
image/gif 142.4.125.77
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cai75tp.com/tp/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.125.77 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: ac6c8e183655f03d1d84dd44f95ed1edb42197d01a8caa0b6e1a339504da3e2f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 22 May 2024 11:35:33 GMT
Server: openresty
ETag: "664dd885-2d8b7"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 186551
Expires: Fri, 21 Jun 2024 13:31:31 GMT

GET
H/1.1 200
OK 7bw50-1.gif
tp.8122778899.com/ Frame DCC5 260 KB
0 1380ms
1380ms Image
image/gif 142.4.105.27
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.8122778899.com:8122/7bw50-1.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.105.27 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 14bb9e4a3853a947ad6c5dea51a9876ec111e802f89856d2ee3c4d3c5d2a7358

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Mon, 27 May 2024 10:09:42 GMT
Server: openresty
ETag: "66545be6-4107f"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 266367
Expires: Wed, 26 Jun 2024 11:51:20 GMT

GET
H/1.1 200
OK 750-50.gif
tp.7859778899.com/ Frame DCC5 201 KB
0 1436ms
1436ms Image
image/gif 137.175.92.58
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.7859778899.com:7859/750-50.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.92.58 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1c0ba84bc905441a32009cc3e96ca10c87be041e0df6728d14bcd9d9b15c3379

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 29 May 2024 04:54:54 GMT
Server: openresty
ETag: "6656b51e-32209"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 205321
Expires: Fri, 28 Jun 2024 05:15:08 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/mt2023/ Frame DCC5 439 KB
0 242ms
8ms Image
image/gif 2600:9000:26da:4800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm2.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:4800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 02:02:46 GMT
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 200081
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:26 GMT
server: nginx
etag: "65843a32-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 0SCF7FizEX_mO4RxlphpruY9TcLkQCA7dwiCh48Dah1EajnZquVKiQ==
expires: Fri, 28 Jun 2024 02:02:46 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/jnc2023/ Frame DCC5 842 KB
0 33ms
7ms Image
image/gif 2600:9000:26da:4800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm2.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:4800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 17:24:31 GMT
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 1613576
x-cache: Hit from cloudfront
content-length: 862690
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:24:07 GMT
server: nginx
etag: "6502fb67-d29e2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: SaTgf7Oqlicy8r9HVjRSRJWOqNbSHU3xAZHpBL0MxvxNE0XhgD71rA==
expires: Tue, 11 Jun 2024 17:24:31 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame DCC5 300 KB
0 1698ms
1698ms Image
image/gif 198.2.211.80
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.80 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 307646
Expires: Tue, 28 May 2024 12:53:01 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/yh2023/ Frame DCC5 452 KB
0 31ms
8ms Image
image/gif 2600:9000:26da:4800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm2.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:4800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7c2e91e0c01dedc90326bb79e88f933ddec44c0404cdb8975500eb206bba4dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 10:04:31 GMT
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 689576
x-cache: Hit from cloudfront
content-length: 463187
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jan 2024 09:55:23 GMT
server: nginx
etag: "65b0de8b-71153"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: XVTTQbs1gnJ9RCt1eqve5cJD3uzG0Rsouj6t6aAXEbkfEDUxuSXqCA==
expires: Sat, 22 Jun 2024 10:04:31 GMT

GET
H/1.1 200
OK 712x45.gif
9216tp1.com/7780/ Frame DCC5 143 KB
0 1514ms
1514ms Image
image/gif 137.175.77.135
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp1.com/7780/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.77.135 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: e020ff48023453813f68be22a9af6168bb65d582abf2d9f10af29f6c386f4512

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Thu, 30 May 2024 06:18:17 GMT
Server: openresty
ETag: "66581a29-23c37"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 146487
Expires: Sat, 29 Jun 2024 12:53:58 GMT

GET
H/1.1 200
OK 960x60.gif
9323tpdy.com/tp/ Frame DCC5 219 KB
0 1343ms
1343ms Image
image/gif 199.188.104.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tpdy.com/tp/960x60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.188.104.100 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: 7-darossaurca.com
Software: openresty /
Resource Hash: f0a656c454dbf21a9324b8dc1fa67296dc7ecc76fe340d4a4e76ad98310e39e1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 29 May 2024 11:24:47 GMT
Server: openresty
ETag: "6657107f-36bc0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 224192
Expires: Fri, 28 Jun 2024 11:48:06 GMT

GET
H2 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame DCC5 638 KB
0 116ms
57ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d50464bd958dc1a78ce17291b39dbd05e4b105aed51ba1ab165bf7a000ffa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Tue, 14 May 2024 06:48:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1384557
etag: "66430920-9f882"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wwCo%2FIty4OSPtf1nlnfKQaDGSuinzXZPxsw0z%2B58e%2BDMpMvFoCfybHLUhx4FxkGlouzb2RQFo3PHlTMiXdvPGIr0QRPDW9KVKT%2BEH5RV9EoozAQEQm0MDqrN%2Fl3Vy8ryqJ3JyZKF4iDChRjruabLSBjQWfqlFXwGMtnGv55QeK1L"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 88c5fc3f0dae3617-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 14 Jun 2024 07:56:16 GMT

GET
H2 200 lhgg.gif
tutu.facaiimage.com/ Frame DCC5 208 KB
0 679ms
679ms Image
image/gif 142.0.138.187
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tutu.facaiimage.com/lhgg.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.0.138.187 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: 57ff8cfb8e7f4d360a6f7f514b9cb72f9efe05b3ed4f13a7727b6b1977abccd7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
last-modified: Mon, 08 Apr 2024 11:03:00 GMT
server: nginx
etag: "6613cee4-33f25"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 212773
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame DCC5 810 KB
0 83ms
23ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 12:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 794566
etag: "658d6b0d-ca80e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v7z4AvwQXNHJWIBCi74TIAnXfMZMNX0y8%2Bs9bmWibp3Z8PwnYmQJOshMntpAbWkeUgc9irQDNfhNvIEgTo1OlsOjZvx8pgW3gx%2FYl5u0JEUx3qf8LDTS6S0cXTlBGEkTjs5%2FIKWOPytXM%2BK2NA%2B1zb2Lt0Nb%2FN6wj9UE83HmX39M"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 88c5fc3f0dac3617-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 02 Jun 2024 22:05:22 GMT

GET
H/1.1 200
OK 59.gif
dgtc1.top/ Frame DCC5 410 KB
0 3088ms
3088ms Image
image/gif 156.251.153.28
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgtc1.top/59.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.251.153.28 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx/onex /
Resource Hash: 0deac220e0d6bd1cc4e5bb5a035958491a9467499b1a093480b1207a26950e49

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-One-Cache: HIT
Date: Fri, 31 May 2024 09:37:29 GMT
Last-Modified: Sun, 19 May 2024 10:18:07 GMT
Server: nginx/onex
ETag: "6649d1df-66840"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 419904
Expires: Tue, 25 Jun 2024 10:26:30 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame DCC5 272 KB
0 1ms
1ms Image
image/gif 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5214894
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xig4EhMYL5IftjqjoJL0HDrw4n6kC%2FuT4kb660Xv%2Bg6l8xZ%2FK3x22yvWlCgWj2%2FB7DygZwRtFuYIaDeqnirkxNOclssjER7uigK5jwOglEBDueS%2FGcBwlm470s2z6KlkM1Iy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc3f4c3035ea-FRA
priority: u=3,i
expires: Tue, 01 Apr 2025 01:02:32 GMT

GET
H/1.1 200
OK 960x601.gif
8208tp.com/tp/ Frame DCC5 177 KB
0 1001ms
1001ms Image
image/gif 45.136.119.81
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8208tp.com/tp/960x601.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.81 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 81.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 181320
Expires: Sun, 16 Jun 2024 07:49:55 GMT

GET
H3 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame DCC5 50 KB
0 58ms
28ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125381
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Wed, 29 May 2024 22:47:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2uBhme4X6IUEJJs5xS%2FSSsTpr13R3G%2F0c5X4Lo4Bcgvb%2FpKvOg2Bo8dTupkun2vqaXz7RmwG%2FMZ%2Bpofj3agsInJZFcJENpTEAmKgIXixaT6KFCES0QJ0f79Z"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc402e349b40-FRA
expires: Thu, 29 May 2025 22:47:46 GMT

GET
H3 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame DCC5 665 KB
0 2ms
2ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 779248
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTARbe5pqXtH3aqEetPtWTF9zIOZKAHtJOjBWTmnStL5ktGG7XnYkDqN56SLBfCiwlbV4wl9K3xi8PVddjMLSaEhqJeSQ333Hn3SIM1KmCbTbY7%2FOYCm%2BkTNzmLRh2mmU5KomZXIkiq8ELOzRGnriwBB54jK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 88c5fc3ff8e32bb2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 19:44:40 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame DCC5 375 KB
0 1387ms
1387ms Image
image/gif 198.2.211.136
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.136 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 384496
Expires: Fri, 28 Jun 2024 05:15:08 GMT

GET
H/1.1 200
OK 8yustaoza.gif
8208tp.com/tp/ Frame DCC5 193 KB
0 1002ms
1002ms Image
image/gif 45.136.119.81
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8208tp.com/tp/8yustaoza.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.81 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 81.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 197728
Expires: Sun, 16 Jun 2024 07:49:55 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame DCC5 113 KB
0 1ms
1ms Image
image/gif 45.136.119.204
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c8932888tp.com/tp/bht60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.204 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 204.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 8af87361004935ef41bc109093136833973d05d11065623ae551c528c5080332

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:27 GMT
Via: mycdn
Last-Modified: Fri, 12 Apr 2024 07:06:07 GMT
Server: openresty
ETag: "6618dd5f-1c3bd"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 115645
Expires: Sun, 30 Jun 2024 06:34:39 GMT

GET
H3 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame DCC5 49 KB
0 45ms
19ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1226591
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Fri, 17 May 2024 04:54:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vksrlM%2FIAu%2F7aXS45YEsflWErFdkdBKjTVQ4HdZOouCxuw%2FZ4nWGG3PALAustB87KIVsOuGkI2DoAGKu9Y6H94Xh9DWKXtUleTeyI2HsTOdzBYc2L5c1kdD"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc402e379b40-FRA
expires: Sat, 17 May 2025 04:54:16 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame DCC5 156 KB
0 585ms
585ms Image
image/gif 38.34.183.198
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.183.198 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 198.183-34-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 375df959b600f852811683d290fa3cb6e90cedf389ff9cb277b804ff5f68b4dd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 20 Mar 2024 04:31:54 GMT
Server: openresty
ETag: "65fa66ba-26fbf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 159679
Expires: Sun, 09 Jun 2024 09:01:04 GMT

GET
H3 200 75070.gif
img.ooo-17.ltd/facaile/ Frame DCC5 555 KB
0 98ms
59ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ooo-17.ltd/facaile/75070.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1281713
alt-svc: h3=":443"; ma=86400
content-length: 568016
last-modified: Wed, 06 Mar 2024 07:50:29 GMT
server: cloudflare
etag: "65e82045-8aad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e9IyRLksqGFVidLljt3YUI4btT7QaDXrHiwUKvNn0gelhMMUuMhkJEvGhxfYmw9%2FljVSwKz42N2k2xwoXiKs%2Fh3hsOS%2BYDSPYCGA6LOTZBY%2BFuiinvQCk17lzBylfmFoUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 88c5fc4039549bce-FRA
expires: Sat, 15 Jun 2024 11:13:32 GMT

GET
H3 200 ecfb1b5f92eda01d.gif
img12.chkaja.com/files/20240515/ Frame DCC5 247 KB
0 28ms
28ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240515/ecfb1b5f92eda01d.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 707594
alt-svc: h3=":443"; ma=86400
content-length: 252753
last-modified: Wed, 15 May 2024 10:21:44 GMT
server: cloudflare
etag: "66448cb8-3db51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DtjzDbhcH84PIEVFMTFi%2FQogzZxlBZhf8TWKmt%2BOE6p4lVRsKybv5Ks1VihyDljIzITg0rOPfvqhR94iT5BpFgR9DAy2bBIhS%2B6SIrgkPrKPxmSkOLyuhZCUIVwBMZ7tJ1%2Fl"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc4068cc3664-FRA
priority: u=3,i
expires: Fri, 23 May 2025 05:04:13 GMT

GET
H3 200 712x45
imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/ Frame DCC5 560 KB
0 64ms
38ms Image
image/gif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/712x45

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6827fad733b3b1ae8c84f554c4cdcfafcf5d80f9e81886f587390eac72cbf5a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=18+84 c=19+422 v=2024.3.2 l=573906
date: Fri, 31 May 2024 09:37:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 573906
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cf4eIMro_COxK4V4wILx0bOPfM4ZE98CIV-dmMU-nGDQ"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported", cf-images 299 "original is 5452B smaller"
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 88c5fc401bd75c80-FRA
priority: u=1;i=?0,cf-chb=(782;u=3;i=?0 1953;u=3;i=?0 15722;u=5;i=?0)

GET
H3 200 d91749288e0a9242.gif
img12.chkaja.com/files/20240506/ Frame DCC5 230 KB
0 3ms
3ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240506/d91749288e0a9242.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6832d957fd2f331dc3386c51a70abe30b9997811ad77510adf7d37443b0378fb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2165555
alt-svc: h3=":443"; ma=86400
content-length: 235778
last-modified: Mon, 06 May 2024 06:42:53 GMT
server: cloudflare
etag: "66387bed-39902"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2X%2FN5OFkimBZqyB5wRnIkP%2BPAI22kuPQ7HhOEMlD6P%2F8nwBPISTo1TJ%2FH6IYLErg%2B45uBgLCc9YkXrdiaU0ngN2k1KxzG%2B5NSHoolFWMPASAla%2BQITyG1uPJsNxsStfD8XN0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085c3664-FRA
priority: u=1,i
expires: Tue, 06 May 2025 08:04:51 GMT

GET
H3

200

2294fd311d5ec49d.gif
img12.chkaja.com/files/20240516/ Frame DCC5
Redirect Chain

https://img.chkaja.com/2294fd311d5ec49d.gif
https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif

556 KB
0

10ms
10ms

Image
image/gif

104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66718b90e0e8cebed28b7e9cd4c708b88caaf98e34f9be14fd92b4ab9f36b42

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1284510
alt-svc: h3=":443"; ma=86400
content-length: 569582
last-modified: Thu, 16 May 2024 11:35:46 GMT
server: cloudflare
etag: "6645ef92-8b0ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGfqbkLlXMoeLVPWhiqAgHylPs%2BMh%2BOXG1I%2FoxbU3vZ%2FuoQ7xem76AScLR%2B58AeAfDBBReKBQq9qhuxZV1cBibBycASuJX8lUhRC6ayzpZYHJTRprGZcJFzH6%2FKPGom4EQ9P"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc4028763664-FRA
priority: u=3,i
expires: Fri, 16 May 2025 12:48:57 GMT

Redirect headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 577
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SweIFXVMbGuPAGbCOVfgPepJKkVg9TFwv%2BsTlZlnkl%2BuZpQhE7AjlKeM5upKHJIeXhpsyb9Egp2IQFULSPacvbVYd7PAjTMCjcxV8Wn3MrDnCPl1qSIeYUyy3R6kJcfAhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif
cf-ray: 88c5fc3ff8463664-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i

GET
H3 200 0f905071953f834c.gif
img12.chkaja.com/files/20240506/ Frame DCC5 359 KB
0 26ms
26ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240506/0f905071953f834c.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e6b38a0bcf535c14eccaf0f089d860ab7782adf47e1e528a06c6d9a2d9961b6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2165555
alt-svc: h3=":443"; ma=86400
content-length: 367120
last-modified: Mon, 06 May 2024 06:42:10 GMT
server: cloudflare
etag: "66387bc2-59a10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmAiNAusnELTwMv1iu2vcY9eUBCqt%2FJjP00osm8oVA4xDXLUBMqI%2FnxLKphigpWB4l45z27GIIau8xv38CSAXkYcE0Z6V5XgFdqTWI0jHYjK9yyP7nhLtdbI5foZIor0Fb36"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085e3664-FRA
priority: u=3,i
expires: Tue, 06 May 2025 08:04:51 GMT

GET
H3 200 36c34c1e4ebef035.gif
img12.chkaja.com/files/20240512/ Frame DCC5 248 KB
0 26ms
26ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240512/36c34c1e4ebef035.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 273e9615acdf6807ffebab2005319a5657a9ea8f779dda6fb440e85113d9a055

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1642954
alt-svc: h3=":443"; ma=86400
content-length: 253758
last-modified: Sun, 12 May 2024 08:16:01 GMT
server: cloudflare
etag: "66407ac1-3df3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W39IZKTqUmC2EISWWx1ADYXEWvUfSJTNGWqwfOI72lEWyd2AEOWObEe%2BUtIOF0ft4Jx58pymiAd%2FjcxhR8%2BcOfQ0itlyMm%2FF6b5jFoq996ECOuMAakFcmHW1w%2FpPRnbNY%2F%2B2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085f3664-FRA
priority: u=3,i
expires: Mon, 12 May 2025 09:14:53 GMT

GET
H/1.1 200
OK 712x45.gif
2231tc.com/tp/ Frame 620F 263 KB
0 1262ms
1262ms Image
image/gif 38.34.183.209
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2231tc.com/tp/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.183.209 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 209.183-34-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 823ad4f78bac13f688cb162b2b627bd34418d816c72505e0f3395a73bdf2c419

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 03 Apr 2024 07:18:49 GMT
Server: openresty
ETag: "660d02d9-41d52"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 269650
Expires: Tue, 04 Jun 2024 08:36:49 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame 620F 223 KB
0 162ms
162ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pjkbv034cbdft6qwd.com/0343.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.204.238.227 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame 620F 282 KB
0 92ms
28ms Image
image/gif 2606:4700:3036::6815:30b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:30b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 699867
alt-svc: h3=":443"; ma=86400
content-length: 289258
last-modified: Wed, 31 Jan 2024 16:12:40 GMT
server: cloudflare
etag: "65ba7178-469ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BNXsLKbVRP%2Bt1bNKybiG6nmiVrSPCEByBHFND5DYfc1CC4bFsNMOZ41wV7L5ayzO1qQ4mT%2BU1HLHnq0cqZQYUjjkTNQ5c40PMTlq1RMJsM4301yI2T1hwZ%2FFZoFma3dp2pKAXFQHQOmJXydsAL1dsA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 88c5fc3f1b29bba7-FRA
expires: Sun, 16 Jun 2024 06:42:04 GMT

GET
H/1.1 200
OK 712x45.gif
cai75tp.com/tp/ Frame 620F 182 KB
0 1095ms
1095ms Image
image/gif 142.4.125.77
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cai75tp.com/tp/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.125.77 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: ac6c8e183655f03d1d84dd44f95ed1edb42197d01a8caa0b6e1a339504da3e2f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 22 May 2024 11:35:33 GMT
Server: openresty
ETag: "664dd885-2d8b7"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 186551
Expires: Fri, 21 Jun 2024 13:31:31 GMT

GET
H/1.1 200
OK 7bw50-1.gif
tp.8122778899.com/ Frame 620F 260 KB
0 1260ms
1260ms Image
image/gif 142.4.105.27
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.8122778899.com:8122/7bw50-1.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.105.27 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 14bb9e4a3853a947ad6c5dea51a9876ec111e802f89856d2ee3c4d3c5d2a7358

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Mon, 27 May 2024 10:09:42 GMT
Server: openresty
ETag: "66545be6-4107f"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 266367
Expires: Wed, 26 Jun 2024 11:51:20 GMT

GET
H/1.1 200
OK 750-50.gif
tp.7859778899.com/ Frame 620F 201 KB
0 1317ms
1317ms Image
image/gif 137.175.92.58
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.7859778899.com:7859/750-50.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.92.58 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1c0ba84bc905441a32009cc3e96ca10c87be041e0df6728d14bcd9d9b15c3379

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 29 May 2024 04:54:54 GMT
Server: openresty
ETag: "6656b51e-32209"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 205321
Expires: Fri, 28 Jun 2024 05:15:08 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/mt2023/ Frame 620F 439 KB
0 242ms
8ms Image
image/gif 2600:9000:26da:4800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm2.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:4800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 02:02:46 GMT
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 200081
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:26 GMT
server: nginx
etag: "65843a32-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 0SCF7FizEX_mO4RxlphpruY9TcLkQCA7dwiCh48Dah1EajnZquVKiQ==
expires: Fri, 28 Jun 2024 02:02:46 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/jnc2023/ Frame 620F 842 KB
0 33ms
7ms Image
image/gif 2600:9000:26da:4800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm2.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:4800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 17:24:31 GMT
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 1613576
x-cache: Hit from cloudfront
content-length: 862690
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:24:07 GMT
server: nginx
etag: "6502fb67-d29e2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: SaTgf7Oqlicy8r9HVjRSRJWOqNbSHU3xAZHpBL0MxvxNE0XhgD71rA==
expires: Tue, 11 Jun 2024 17:24:31 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame 620F 300 KB
0 1579ms
1579ms Image
image/gif 198.2.211.80
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.80 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 307646
Expires: Tue, 28 May 2024 12:53:01 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/yh2023/ Frame 620F 452 KB
0 31ms
8ms Image
image/gif 2600:9000:26da:4800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm2.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:4800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7c2e91e0c01dedc90326bb79e88f933ddec44c0404cdb8975500eb206bba4dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 10:04:31 GMT
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 689576
x-cache: Hit from cloudfront
content-length: 463187
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jan 2024 09:55:23 GMT
server: nginx
etag: "65b0de8b-71153"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: XVTTQbs1gnJ9RCt1eqve5cJD3uzG0Rsouj6t6aAXEbkfEDUxuSXqCA==
expires: Sat, 22 Jun 2024 10:04:31 GMT

GET
H/1.1 200
OK 712x45.gif
9216tp1.com/7780/ Frame 620F 143 KB
0 1394ms
1394ms Image
image/gif 137.175.77.135
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp1.com/7780/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.77.135 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: e020ff48023453813f68be22a9af6168bb65d582abf2d9f10af29f6c386f4512

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Thu, 30 May 2024 06:18:17 GMT
Server: openresty
ETag: "66581a29-23c37"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 146487
Expires: Sat, 29 Jun 2024 12:53:58 GMT

GET
H/1.1 200
OK 960x60.gif
9323tpdy.com/tp/ Frame 620F 219 KB
0 1223ms
1223ms Image
image/gif 199.188.104.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tpdy.com/tp/960x60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.188.104.100 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: 7-darossaurca.com
Software: openresty /
Resource Hash: f0a656c454dbf21a9324b8dc1fa67296dc7ecc76fe340d4a4e76ad98310e39e1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 29 May 2024 11:24:47 GMT
Server: openresty
ETag: "6657107f-36bc0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 224192
Expires: Fri, 28 Jun 2024 11:48:06 GMT

GET
H2 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame 620F 638 KB
0 116ms
57ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d50464bd958dc1a78ce17291b39dbd05e4b105aed51ba1ab165bf7a000ffa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Tue, 14 May 2024 06:48:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1384557
etag: "66430920-9f882"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wwCo%2FIty4OSPtf1nlnfKQaDGSuinzXZPxsw0z%2B58e%2BDMpMvFoCfybHLUhx4FxkGlouzb2RQFo3PHlTMiXdvPGIr0QRPDW9KVKT%2BEH5RV9EoozAQEQm0MDqrN%2Fl3Vy8ryqJ3JyZKF4iDChRjruabLSBjQWfqlFXwGMtnGv55QeK1L"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 88c5fc3f0dae3617-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 14 Jun 2024 07:56:16 GMT

GET
H2 200 lhgg.gif
tutu.facaiimage.com/ Frame 620F 208 KB
0 562ms
562ms Image
image/gif 142.0.138.187
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tutu.facaiimage.com/lhgg.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.0.138.187 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: 57ff8cfb8e7f4d360a6f7f514b9cb72f9efe05b3ed4f13a7727b6b1977abccd7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
last-modified: Mon, 08 Apr 2024 11:03:00 GMT
server: nginx
etag: "6613cee4-33f25"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 212773
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H2 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame 620F 810 KB
0 83ms
23ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 12:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 794566
etag: "658d6b0d-ca80e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v7z4AvwQXNHJWIBCi74TIAnXfMZMNX0y8%2Bs9bmWibp3Z8PwnYmQJOshMntpAbWkeUgc9irQDNfhNvIEgTo1OlsOjZvx8pgW3gx%2FYl5u0JEUx3qf8LDTS6S0cXTlBGEkTjs5%2FIKWOPytXM%2BK2NA%2B1zb2Lt0Nb%2FN6wj9UE83HmX39M"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 88c5fc3f0dac3617-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 02 Jun 2024 22:05:22 GMT

GET
H/1.1 200
OK 59.gif
dgtc1.top/ Frame 620F 410 KB
0 2968ms
2968ms Image
image/gif 156.251.153.28
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgtc1.top/59.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.251.153.28 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx/onex /
Resource Hash: 0deac220e0d6bd1cc4e5bb5a035958491a9467499b1a093480b1207a26950e49

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-One-Cache: HIT
Date: Fri, 31 May 2024 09:37:29 GMT
Last-Modified: Sun, 19 May 2024 10:18:07 GMT
Server: nginx/onex
ETag: "6649d1df-66840"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 419904
Expires: Tue, 25 Jun 2024 10:26:30 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame 620F 272 KB
0 16ms
16ms Image
image/gif 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5214894
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xig4EhMYL5IftjqjoJL0HDrw4n6kC%2FuT4kb660Xv%2Bg6l8xZ%2FK3x22yvWlCgWj2%2FB7DygZwRtFuYIaDeqnirkxNOclssjER7uigK5jwOglEBDueS%2FGcBwlm470s2z6KlkM1Iy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc3f4c3035ea-FRA
priority: u=3,i
expires: Tue, 01 Apr 2025 01:02:32 GMT

GET
H/1.1 200
OK 960x601.gif
8208tp.com/tp/ Frame 620F 177 KB
0 919ms
919ms Image
image/gif 45.136.119.81
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8208tp.com/tp/960x601.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.81 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 81.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 181320
Expires: Sun, 16 Jun 2024 07:49:55 GMT

GET
H3 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame 620F 50 KB
0 58ms
28ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125381
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Wed, 29 May 2024 22:47:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2uBhme4X6IUEJJs5xS%2FSSsTpr13R3G%2F0c5X4Lo4Bcgvb%2FpKvOg2Bo8dTupkun2vqaXz7RmwG%2FMZ%2Bpofj3agsInJZFcJENpTEAmKgIXixaT6KFCES0QJ0f79Z"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc402e349b40-FRA
expires: Thu, 29 May 2025 22:47:46 GMT

GET
H3 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame 620F 665 KB
0 17ms
17ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 779248
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTARbe5pqXtH3aqEetPtWTF9zIOZKAHtJOjBWTmnStL5ktGG7XnYkDqN56SLBfCiwlbV4wl9K3xi8PVddjMLSaEhqJeSQ333Hn3SIM1KmCbTbY7%2FOYCm%2BkTNzmLRh2mmU5KomZXIkiq8ELOzRGnriwBB54jK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 88c5fc3ff8e32bb2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 19:44:40 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame 620F 375 KB
0 1305ms
1305ms Image
image/gif 198.2.211.136
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.136 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 384496
Expires: Fri, 28 Jun 2024 05:15:08 GMT

GET
H/1.1 200
OK 8yustaoza.gif
8208tp.com/tp/ Frame 620F 193 KB
0 920ms
920ms Image
image/gif 45.136.119.81
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8208tp.com/tp/8yustaoza.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.81 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 81.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 197728
Expires: Sun, 16 Jun 2024 07:49:55 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame 620F 113 KB
0 0ms
0ms Image
image/gif 45.136.119.204
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c8932888tp.com/tp/bht60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.204 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 204.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 8af87361004935ef41bc109093136833973d05d11065623ae551c528c5080332

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:27 GMT
Via: mycdn
Last-Modified: Fri, 12 Apr 2024 07:06:07 GMT
Server: openresty
ETag: "6618dd5f-1c3bd"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 115645
Expires: Sun, 30 Jun 2024 06:34:39 GMT

GET
H3 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame 620F 49 KB
0 45ms
19ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1226591
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Fri, 17 May 2024 04:54:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vksrlM%2FIAu%2F7aXS45YEsflWErFdkdBKjTVQ4HdZOouCxuw%2FZ4nWGG3PALAustB87KIVsOuGkI2DoAGKu9Y6H94Xh9DWKXtUleTeyI2HsTOdzBYc2L5c1kdD"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc402e379b40-FRA
expires: Sat, 17 May 2025 04:54:16 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame 620F 156 KB
0 585ms
585ms Image
image/gif 38.34.183.198
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.183.198 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 198.183-34-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 375df959b600f852811683d290fa3cb6e90cedf389ff9cb277b804ff5f68b4dd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 20 Mar 2024 04:31:54 GMT
Server: openresty
ETag: "65fa66ba-26fbf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 159679
Expires: Sun, 09 Jun 2024 09:01:04 GMT

GET
H3 200 75070.gif
img.ooo-17.ltd/facaile/ Frame 620F 555 KB
0 98ms
59ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ooo-17.ltd/facaile/75070.gif

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1281713
alt-svc: h3=":443"; ma=86400
content-length: 568016
last-modified: Wed, 06 Mar 2024 07:50:29 GMT
server: cloudflare
etag: "65e82045-8aad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e9IyRLksqGFVidLljt3YUI4btT7QaDXrHiwUKvNn0gelhMMUuMhkJEvGhxfYmw9%2FljVSwKz42N2k2xwoXiKs%2Fh3hsOS%2BYDSPYCGA6LOTZBY%2BFuiinvQCk17lzBylfmFoUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 88c5fc4039549bce-FRA
expires: Sat, 15 Jun 2024 11:13:32 GMT

GET
H3 200 ecfb1b5f92eda01d.gif
img12.chkaja.com/files/20240515/ Frame 620F 247 KB
0 17ms
17ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240515/ecfb1b5f92eda01d.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 707594
alt-svc: h3=":443"; ma=86400
content-length: 252753
last-modified: Wed, 15 May 2024 10:21:44 GMT
server: cloudflare
etag: "66448cb8-3db51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DtjzDbhcH84PIEVFMTFi%2FQogzZxlBZhf8TWKmt%2BOE6p4lVRsKybv5Ks1VihyDljIzITg0rOPfvqhR94iT5BpFgR9DAy2bBIhS%2B6SIrgkPrKPxmSkOLyuhZCUIVwBMZ7tJ1%2Fl"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc4068cc3664-FRA
priority: u=3,i
expires: Fri, 23 May 2025 05:04:13 GMT

GET
H3 200 712x45
imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/ Frame 620F 560 KB
0 64ms
38ms Image
image/gif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/712x45

Requested by

Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6827fad733b3b1ae8c84f554c4cdcfafcf5d80f9e81886f587390eac72cbf5a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=18+84 c=19+422 v=2024.3.2 l=573906
date: Fri, 31 May 2024 09:37:27 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 573906
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cf4eIMro_COxK4V4wILx0bOPfM4ZE98CIV-dmMU-nGDQ"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported", cf-images 299 "original is 5452B smaller"
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 88c5fc401bd75c80-FRA
priority: u=1;i=?0,cf-chb=(782;u=3;i=?0 1953;u=3;i=?0 15722;u=5;i=?0)

GET
H3 200 d91749288e0a9242.gif
img12.chkaja.com/files/20240506/ Frame 620F 230 KB
0 18ms
18ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240506/d91749288e0a9242.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6832d957fd2f331dc3386c51a70abe30b9997811ad77510adf7d37443b0378fb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2165555
alt-svc: h3=":443"; ma=86400
content-length: 235778
last-modified: Mon, 06 May 2024 06:42:53 GMT
server: cloudflare
etag: "66387bed-39902"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2X%2FN5OFkimBZqyB5wRnIkP%2BPAI22kuPQ7HhOEMlD6P%2F8nwBPISTo1TJ%2FH6IYLErg%2B45uBgLCc9YkXrdiaU0ngN2k1KxzG%2B5NSHoolFWMPASAla%2BQITyG1uPJsNxsStfD8XN0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085c3664-FRA
priority: u=1,i
expires: Tue, 06 May 2025 08:04:51 GMT

GET
H3

200

2294fd311d5ec49d.gif
img12.chkaja.com/files/20240516/ Frame 620F
Redirect Chain

https://img.chkaja.com/2294fd311d5ec49d.gif
https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif

556 KB
0

1ms
1ms

Image
image/gif

104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66718b90e0e8cebed28b7e9cd4c708b88caaf98e34f9be14fd92b4ab9f36b42

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1284510
alt-svc: h3=":443"; ma=86400
content-length: 569582
last-modified: Thu, 16 May 2024 11:35:46 GMT
server: cloudflare
etag: "6645ef92-8b0ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGfqbkLlXMoeLVPWhiqAgHylPs%2BMh%2BOXG1I%2FoxbU3vZ%2FuoQ7xem76AScLR%2B58AeAfDBBReKBQq9qhuxZV1cBibBycASuJX8lUhRC6ayzpZYHJTRprGZcJFzH6%2FKPGom4EQ9P"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc4028763664-FRA
priority: u=3,i
expires: Fri, 16 May 2025 12:48:57 GMT

Redirect headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 577
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SweIFXVMbGuPAGbCOVfgPepJKkVg9TFwv%2BsTlZlnkl%2BuZpQhE7AjlKeM5upKHJIeXhpsyb9Egp2IQFULSPacvbVYd7PAjTMCjcxV8Wn3MrDnCPl1qSIeYUyy3R6kJcfAhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif
cf-ray: 88c5fc3ff8463664-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i

GET
H3 200 0f905071953f834c.gif
img12.chkaja.com/files/20240506/ Frame 620F 359 KB
0 18ms
18ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240506/0f905071953f834c.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e6b38a0bcf535c14eccaf0f089d860ab7782adf47e1e528a06c6d9a2d9961b6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2165555
alt-svc: h3=":443"; ma=86400
content-length: 367120
last-modified: Mon, 06 May 2024 06:42:10 GMT
server: cloudflare
etag: "66387bc2-59a10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmAiNAusnELTwMv1iu2vcY9eUBCqt%2FJjP00osm8oVA4xDXLUBMqI%2FnxLKphigpWB4l45z27GIIau8xv38CSAXkYcE0Z6V5XgFdqTWI0jHYjK9yyP7nhLtdbI5foZIor0Fb36"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085e3664-FRA
priority: u=3,i
expires: Tue, 06 May 2025 08:04:51 GMT

GET
H3 200 36c34c1e4ebef035.gif
img12.chkaja.com/files/20240512/ Frame 620F 248 KB
0 19ms
19ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240512/36c34c1e4ebef035.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 273e9615acdf6807ffebab2005319a5657a9ea8f779dda6fb440e85113d9a055

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1642954
alt-svc: h3=":443"; ma=86400
content-length: 253758
last-modified: Sun, 12 May 2024 08:16:01 GMT
server: cloudflare
etag: "66407ac1-3df3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W39IZKTqUmC2EISWWx1ADYXEWvUfSJTNGWqwfOI72lEWyd2AEOWObEe%2BUtIOF0ft4Jx58pymiAd%2FjcxhR8%2BcOfQ0itlyMm%2FF6b5jFoq996ECOuMAakFcmHW1w%2FpPRnbNY%2F%2B2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085f3664-FRA
priority: u=3,i
expires: Mon, 12 May 2025 09:14:53 GMT

GET
H/1.1 200
OK 712x45.gif
2231tc.com/tp/ Frame E6E1 263 KB
0 1242ms
1242ms Image
image/gif 38.34.183.209
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2231tc.com/tp/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.183.209 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 209.183-34-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 823ad4f78bac13f688cb162b2b627bd34418d816c72505e0f3395a73bdf2c419

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 03 Apr 2024 07:18:49 GMT
Server: openresty
ETag: "660d02d9-41d52"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 269650
Expires: Tue, 04 Jun 2024 08:36:49 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame E6E1 300 KB
0 225ms
225ms Image
image/gif 198.2.211.80
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.80 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 307646
Expires: Tue, 28 May 2024 12:53:01 GMT

GET
H/1.1 200
OK 712x45.gif
cai75tp.com/tp/ Frame E6E1 182 KB
0 3ms
3ms Image
image/gif 142.4.125.77
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cai75tp.com/tp/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.125.77 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: ac6c8e183655f03d1d84dd44f95ed1edb42197d01a8caa0b6e1a339504da3e2f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 22 May 2024 11:35:33 GMT
Server: openresty
ETag: "664dd885-2d8b7"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 186551
Expires: Fri, 21 Jun 2024 13:31:31 GMT

GET
H/1.1 200
OK 59.gif
dgtc1.top/ Frame E6E1 410 KB
0 1447ms
1447ms Image
image/gif 156.251.153.28
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgtc1.top/59.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.251.153.28 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx/onex /
Resource Hash: 0deac220e0d6bd1cc4e5bb5a035958491a9467499b1a093480b1207a26950e49

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-One-Cache: HIT
Date: Fri, 31 May 2024 09:37:29 GMT
Last-Modified: Sun, 19 May 2024 10:18:07 GMT
Server: nginx/onex
ETag: "6649d1df-66840"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 419904
Expires: Tue, 25 Jun 2024 10:26:30 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame E6E1 375 KB
0 2ms
2ms Image
image/gif 198.2.211.136
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.136 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 384496
Expires: Fri, 28 Jun 2024 05:15:08 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame E6E1 156 KB
0 1692ms
1692ms Image
image/gif 38.34.183.198
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.183.198 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 198.183-34-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 375df959b600f852811683d290fa3cb6e90cedf389ff9cb277b804ff5f68b4dd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 20 Mar 2024 04:31:54 GMT
Server: openresty
ETag: "65fa66ba-26fbf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 159679
Expires: Sun, 09 Jun 2024 09:01:04 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame E6E1 223 KB
0 1ms
1ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pjkbv034cbdft6qwd.com/0343.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.204.238.227 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H/1.1 200
OK 7bw50-1.gif
tp.8122778899.com/ Frame E6E1 260 KB
0 2ms
2ms Image
image/gif 142.4.105.27
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.8122778899.com:8122/7bw50-1.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.105.27 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 14bb9e4a3853a947ad6c5dea51a9876ec111e802f89856d2ee3c4d3c5d2a7358

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Mon, 27 May 2024 10:09:42 GMT
Server: openresty
ETag: "66545be6-4107f"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 266367
Expires: Wed, 26 Jun 2024 11:51:20 GMT

GET
H/1.1 200
OK 750-50.gif
tp.7859778899.com/ Frame E6E1 201 KB
0 4ms
4ms Image
image/gif 137.175.92.58
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.7859778899.com:7859/750-50.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.92.58 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1c0ba84bc905441a32009cc3e96ca10c87be041e0df6728d14bcd9d9b15c3379

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 29 May 2024 04:54:54 GMT
Server: openresty
ETag: "6656b51e-32209"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 205321
Expires: Fri, 28 Jun 2024 05:15:08 GMT

GET
H/1.1 200
OK 712x45.gif
9216tp1.com/7780/ Frame E6E1 143 KB
0 9ms
9ms Image
image/gif 137.175.77.135
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp1.com/7780/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.77.135 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: e020ff48023453813f68be22a9af6168bb65d582abf2d9f10af29f6c386f4512

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Thu, 30 May 2024 06:18:17 GMT
Server: openresty
ETag: "66581a29-23c37"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 146487
Expires: Sat, 29 Jun 2024 12:53:58 GMT

GET
H/1.1 200
OK 960x60.gif
9323tpdy.com/tp/ Frame E6E1 219 KB
0 10ms
10ms Image
image/gif 199.188.104.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tpdy.com/tp/960x60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.188.104.100 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: 7-darossaurca.com
Software: openresty /
Resource Hash: f0a656c454dbf21a9324b8dc1fa67296dc7ecc76fe340d4a4e76ad98310e39e1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 29 May 2024 11:24:47 GMT
Server: openresty
ETag: "6657107f-36bc0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 224192
Expires: Fri, 28 Jun 2024 11:48:06 GMT

GET
H2 200 lhgg.gif
tutu.facaiimage.com/ Frame E6E1 208 KB
0 12ms
12ms Image
image/gif 142.0.138.187
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tutu.facaiimage.com/lhgg.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.0.138.187 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: 57ff8cfb8e7f4d360a6f7f514b9cb72f9efe05b3ed4f13a7727b6b1977abccd7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
last-modified: Mon, 08 Apr 2024 11:03:00 GMT
server: nginx
etag: "6613cee4-33f25"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 212773
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame E6E1 272 KB
0 3ms
3ms Image
image/gif 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5214894
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xig4EhMYL5IftjqjoJL0HDrw4n6kC%2FuT4kb660Xv%2Bg6l8xZ%2FK3x22yvWlCgWj2%2FB7DygZwRtFuYIaDeqnirkxNOclssjER7uigK5jwOglEBDueS%2FGcBwlm470s2z6KlkM1Iy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc3f4c3035ea-FRA
priority: u=3,i
expires: Tue, 01 Apr 2025 01:02:32 GMT

GET
H/1.1 200
OK 960x601.gif
8208tp.com/tp/ Frame E6E1 177 KB
0 5ms
5ms Image
image/gif 45.136.119.81
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8208tp.com/tp/960x601.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.81 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 81.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 181320
Expires: Sun, 16 Jun 2024 07:49:55 GMT

GET
H3 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame E6E1 665 KB
0 5ms
5ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 779248
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTARbe5pqXtH3aqEetPtWTF9zIOZKAHtJOjBWTmnStL5ktGG7XnYkDqN56SLBfCiwlbV4wl9K3xi8PVddjMLSaEhqJeSQ333Hn3SIM1KmCbTbY7%2FOYCm%2BkTNzmLRh2mmU5KomZXIkiq8ELOzRGnriwBB54jK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 88c5fc3ff8e32bb2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 19:44:40 GMT

GET
H/1.1 200
OK 8yustaoza.gif
8208tp.com/tp/ Frame E6E1 193 KB
0 4ms
3ms Image
image/gif 45.136.119.81
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8208tp.com/tp/8yustaoza.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.81 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 81.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 197728
Expires: Sun, 16 Jun 2024 07:49:55 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame E6E1 113 KB
0 4ms
4ms Image
image/gif 45.136.119.204
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c8932888tp.com/tp/bht60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.204 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 204.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 8af87361004935ef41bc109093136833973d05d11065623ae551c528c5080332

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:27 GMT
Via: mycdn
Last-Modified: Fri, 12 Apr 2024 07:06:07 GMT
Server: openresty
ETag: "6618dd5f-1c3bd"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 115645
Expires: Sun, 30 Jun 2024 06:34:39 GMT

GET
H3 200 ecfb1b5f92eda01d.gif
img12.chkaja.com/files/20240515/ Frame E6E1 247 KB
0 39ms
39ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240515/ecfb1b5f92eda01d.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 707594
alt-svc: h3=":443"; ma=86400
content-length: 252753
last-modified: Wed, 15 May 2024 10:21:44 GMT
server: cloudflare
etag: "66448cb8-3db51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DtjzDbhcH84PIEVFMTFi%2FQogzZxlBZhf8TWKmt%2BOE6p4lVRsKybv5Ks1VihyDljIzITg0rOPfvqhR94iT5BpFgR9DAy2bBIhS%2B6SIrgkPrKPxmSkOLyuhZCUIVwBMZ7tJ1%2Fl"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc4068cc3664-FRA
priority: u=3,i
expires: Fri, 23 May 2025 05:04:13 GMT

GET
H3 200 d91749288e0a9242.gif
img12.chkaja.com/files/20240506/ Frame E6E1 230 KB
0 5ms
5ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240506/d91749288e0a9242.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6832d957fd2f331dc3386c51a70abe30b9997811ad77510adf7d37443b0378fb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2165555
alt-svc: h3=":443"; ma=86400
content-length: 235778
last-modified: Mon, 06 May 2024 06:42:53 GMT
server: cloudflare
etag: "66387bed-39902"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2X%2FN5OFkimBZqyB5wRnIkP%2BPAI22kuPQ7HhOEMlD6P%2F8nwBPISTo1TJ%2FH6IYLErg%2B45uBgLCc9YkXrdiaU0ngN2k1KxzG%2B5NSHoolFWMPASAla%2BQITyG1uPJsNxsStfD8XN0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085c3664-FRA
priority: u=1,i
expires: Tue, 06 May 2025 08:04:51 GMT

GET
H3

200

2294fd311d5ec49d.gif
img12.chkaja.com/files/20240516/ Frame E6E1
Redirect Chain

https://img.chkaja.com/2294fd311d5ec49d.gif
https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif

556 KB
0

25ms
25ms

Image
image/gif

104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66718b90e0e8cebed28b7e9cd4c708b88caaf98e34f9be14fd92b4ab9f36b42

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1284510
alt-svc: h3=":443"; ma=86400
content-length: 569582
last-modified: Thu, 16 May 2024 11:35:46 GMT
server: cloudflare
etag: "6645ef92-8b0ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGfqbkLlXMoeLVPWhiqAgHylPs%2BMh%2BOXG1I%2FoxbU3vZ%2FuoQ7xem76AScLR%2B58AeAfDBBReKBQq9qhuxZV1cBibBycASuJX8lUhRC6ayzpZYHJTRprGZcJFzH6%2FKPGom4EQ9P"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc4028763664-FRA
priority: u=3,i
expires: Fri, 16 May 2025 12:48:57 GMT

Redirect headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 577
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SweIFXVMbGuPAGbCOVfgPepJKkVg9TFwv%2BsTlZlnkl%2BuZpQhE7AjlKeM5upKHJIeXhpsyb9Egp2IQFULSPacvbVYd7PAjTMCjcxV8Wn3MrDnCPl1qSIeYUyy3R6kJcfAhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif
cf-ray: 88c5fc3ff8463664-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i

GET
H3 200 0f905071953f834c.gif
img12.chkaja.com/files/20240506/ Frame E6E1 359 KB
0 37ms
37ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240506/0f905071953f834c.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e6b38a0bcf535c14eccaf0f089d860ab7782adf47e1e528a06c6d9a2d9961b6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2165555
alt-svc: h3=":443"; ma=86400
content-length: 367120
last-modified: Mon, 06 May 2024 06:42:10 GMT
server: cloudflare
etag: "66387bc2-59a10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmAiNAusnELTwMv1iu2vcY9eUBCqt%2FJjP00osm8oVA4xDXLUBMqI%2FnxLKphigpWB4l45z27GIIau8xv38CSAXkYcE0Z6V5XgFdqTWI0jHYjK9yyP7nhLtdbI5foZIor0Fb36"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085e3664-FRA
priority: u=3,i
expires: Tue, 06 May 2025 08:04:51 GMT

GET
H3 200 36c34c1e4ebef035.gif
img12.chkaja.com/files/20240512/ Frame E6E1 248 KB
0 34ms
34ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240512/36c34c1e4ebef035.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 273e9615acdf6807ffebab2005319a5657a9ea8f779dda6fb440e85113d9a055

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1642954
alt-svc: h3=":443"; ma=86400
content-length: 253758
last-modified: Sun, 12 May 2024 08:16:01 GMT
server: cloudflare
etag: "66407ac1-3df3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W39IZKTqUmC2EISWWx1ADYXEWvUfSJTNGWqwfOI72lEWyd2AEOWObEe%2BUtIOF0ft4Jx58pymiAd%2FjcxhR8%2BcOfQ0itlyMm%2FF6b5jFoq996ECOuMAakFcmHW1w%2FpPRnbNY%2F%2B2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085f3664-FRA
priority: u=3,i
expires: Mon, 12 May 2025 09:14:53 GMT

GET
H/1.1 200
OK 712x45.gif
2231tc.com/tp/ Frame DCC5 263 KB
0 1143ms
1143ms Image
image/gif 38.34.183.209
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2231tc.com/tp/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.183.209 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 209.183-34-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 823ad4f78bac13f688cb162b2b627bd34418d816c72505e0f3395a73bdf2c419

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 03 Apr 2024 07:18:49 GMT
Server: openresty
ETag: "660d02d9-41d52"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 269650
Expires: Tue, 04 Jun 2024 08:36:49 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame DCC5 300 KB
0 225ms
225ms Image
image/gif 198.2.211.80
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.80 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 307646
Expires: Tue, 28 May 2024 12:53:01 GMT

GET
H/1.1 200
OK 712x45.gif
cai75tp.com/tp/ Frame DCC5 182 KB
0 5ms
5ms Image
image/gif 142.4.125.77
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cai75tp.com/tp/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.125.77 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: ac6c8e183655f03d1d84dd44f95ed1edb42197d01a8caa0b6e1a339504da3e2f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 22 May 2024 11:35:33 GMT
Server: openresty
ETag: "664dd885-2d8b7"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 186551
Expires: Fri, 21 Jun 2024 13:31:31 GMT

GET
H/1.1 200
OK 59.gif
dgtc1.top/ Frame DCC5 410 KB
0 1447ms
1447ms Image
image/gif 156.251.153.28
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgtc1.top/59.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.251.153.28 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx/onex /
Resource Hash: 0deac220e0d6bd1cc4e5bb5a035958491a9467499b1a093480b1207a26950e49

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-One-Cache: HIT
Date: Fri, 31 May 2024 09:37:29 GMT
Last-Modified: Sun, 19 May 2024 10:18:07 GMT
Server: nginx/onex
ETag: "6649d1df-66840"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 419904
Expires: Tue, 25 Jun 2024 10:26:30 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame DCC5 375 KB
0 1ms
1ms Image
image/gif 198.2.211.136
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.136 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 384496
Expires: Fri, 28 Jun 2024 05:15:08 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame DCC5 156 KB
0 1693ms
1693ms Image
image/gif 38.34.183.198
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.183.198 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 198.183-34-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 375df959b600f852811683d290fa3cb6e90cedf389ff9cb277b804ff5f68b4dd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 20 Mar 2024 04:31:54 GMT
Server: openresty
ETag: "65fa66ba-26fbf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 159679
Expires: Sun, 09 Jun 2024 09:01:04 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame DCC5 223 KB
0 143ms
143ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pjkbv034cbdft6qwd.com/0343.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.204.238.227 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H/1.1 200
OK 7bw50-1.gif
tp.8122778899.com/ Frame DCC5 260 KB
0 1ms
1ms Image
image/gif 142.4.105.27
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.8122778899.com:8122/7bw50-1.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.105.27 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 14bb9e4a3853a947ad6c5dea51a9876ec111e802f89856d2ee3c4d3c5d2a7358

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Mon, 27 May 2024 10:09:42 GMT
Server: openresty
ETag: "66545be6-4107f"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 266367
Expires: Wed, 26 Jun 2024 11:51:20 GMT

GET
H/1.1 200
OK 750-50.gif
tp.7859778899.com/ Frame DCC5 201 KB
0 1ms
1ms Image
image/gif 137.175.92.58
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.7859778899.com:7859/750-50.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.92.58 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1c0ba84bc905441a32009cc3e96ca10c87be041e0df6728d14bcd9d9b15c3379

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 29 May 2024 04:54:54 GMT
Server: openresty
ETag: "6656b51e-32209"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 205321
Expires: Fri, 28 Jun 2024 05:15:08 GMT

GET
H/1.1 200
OK 712x45.gif
9216tp1.com/7780/ Frame DCC5 143 KB
0 5ms
5ms Image
image/gif 137.175.77.135
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp1.com/7780/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.77.135 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: e020ff48023453813f68be22a9af6168bb65d582abf2d9f10af29f6c386f4512

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Thu, 30 May 2024 06:18:17 GMT
Server: openresty
ETag: "66581a29-23c37"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 146487
Expires: Sat, 29 Jun 2024 12:53:58 GMT

GET
H/1.1 200
OK 960x60.gif
9323tpdy.com/tp/ Frame DCC5 219 KB
0 6ms
6ms Image
image/gif 199.188.104.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tpdy.com/tp/960x60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.188.104.100 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: 7-darossaurca.com
Software: openresty /
Resource Hash: f0a656c454dbf21a9324b8dc1fa67296dc7ecc76fe340d4a4e76ad98310e39e1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 29 May 2024 11:24:47 GMT
Server: openresty
ETag: "6657107f-36bc0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 224192
Expires: Fri, 28 Jun 2024 11:48:06 GMT

GET
H2 200 lhgg.gif
tutu.facaiimage.com/ Frame DCC5 208 KB
0 7ms
7ms Image
image/gif 142.0.138.187
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tutu.facaiimage.com/lhgg.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.0.138.187 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: 57ff8cfb8e7f4d360a6f7f514b9cb72f9efe05b3ed4f13a7727b6b1977abccd7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
last-modified: Mon, 08 Apr 2024 11:03:00 GMT
server: nginx
etag: "6613cee4-33f25"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 212773
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame DCC5 272 KB
0 2ms
2ms Image
image/gif 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5214894
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xig4EhMYL5IftjqjoJL0HDrw4n6kC%2FuT4kb660Xv%2Bg6l8xZ%2FK3x22yvWlCgWj2%2FB7DygZwRtFuYIaDeqnirkxNOclssjER7uigK5jwOglEBDueS%2FGcBwlm470s2z6KlkM1Iy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc3f4c3035ea-FRA
priority: u=3,i
expires: Tue, 01 Apr 2025 01:02:32 GMT

GET
H/1.1 200
OK 960x601.gif
8208tp.com/tp/ Frame DCC5 177 KB
0 6ms
5ms Image
image/gif 45.136.119.81
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8208tp.com/tp/960x601.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.81 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 81.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 181320
Expires: Sun, 16 Jun 2024 07:49:55 GMT

GET
H3 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame DCC5 665 KB
0 1ms
1ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 779248
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTARbe5pqXtH3aqEetPtWTF9zIOZKAHtJOjBWTmnStL5ktGG7XnYkDqN56SLBfCiwlbV4wl9K3xi8PVddjMLSaEhqJeSQ333Hn3SIM1KmCbTbY7%2FOYCm%2BkTNzmLRh2mmU5KomZXIkiq8ELOzRGnriwBB54jK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 88c5fc3ff8e32bb2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 19:44:40 GMT

GET
H/1.1 200
OK 8yustaoza.gif
8208tp.com/tp/ Frame DCC5 193 KB
0 4ms
4ms Image
image/gif 45.136.119.81
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8208tp.com/tp/8yustaoza.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.81 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 81.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 197728
Expires: Sun, 16 Jun 2024 07:49:55 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame DCC5 113 KB
0 2ms
2ms Image
image/gif 45.136.119.204
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c8932888tp.com/tp/bht60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.204 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 204.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 8af87361004935ef41bc109093136833973d05d11065623ae551c528c5080332

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:27 GMT
Via: mycdn
Last-Modified: Fri, 12 Apr 2024 07:06:07 GMT
Server: openresty
ETag: "6618dd5f-1c3bd"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 115645
Expires: Sun, 30 Jun 2024 06:34:39 GMT

GET
H3 200 ecfb1b5f92eda01d.gif
img12.chkaja.com/files/20240515/ Frame DCC5 247 KB
0 27ms
27ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240515/ecfb1b5f92eda01d.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 707594
alt-svc: h3=":443"; ma=86400
content-length: 252753
last-modified: Wed, 15 May 2024 10:21:44 GMT
server: cloudflare
etag: "66448cb8-3db51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DtjzDbhcH84PIEVFMTFi%2FQogzZxlBZhf8TWKmt%2BOE6p4lVRsKybv5Ks1VihyDljIzITg0rOPfvqhR94iT5BpFgR9DAy2bBIhS%2B6SIrgkPrKPxmSkOLyuhZCUIVwBMZ7tJ1%2Fl"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc4068cc3664-FRA
priority: u=3,i
expires: Fri, 23 May 2025 05:04:13 GMT

GET
H3 200 d91749288e0a9242.gif
img12.chkaja.com/files/20240506/ Frame DCC5 230 KB
0 2ms
2ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240506/d91749288e0a9242.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6832d957fd2f331dc3386c51a70abe30b9997811ad77510adf7d37443b0378fb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2165555
alt-svc: h3=":443"; ma=86400
content-length: 235778
last-modified: Mon, 06 May 2024 06:42:53 GMT
server: cloudflare
etag: "66387bed-39902"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2X%2FN5OFkimBZqyB5wRnIkP%2BPAI22kuPQ7HhOEMlD6P%2F8nwBPISTo1TJ%2FH6IYLErg%2B45uBgLCc9YkXrdiaU0ngN2k1KxzG%2B5NSHoolFWMPASAla%2BQITyG1uPJsNxsStfD8XN0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085c3664-FRA
priority: u=1,i
expires: Tue, 06 May 2025 08:04:51 GMT

GET
H3

200

2294fd311d5ec49d.gif
img12.chkaja.com/files/20240516/ Frame DCC5
Redirect Chain

https://img.chkaja.com/2294fd311d5ec49d.gif
https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif

556 KB
0

13ms
13ms

Image
image/gif

104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66718b90e0e8cebed28b7e9cd4c708b88caaf98e34f9be14fd92b4ab9f36b42

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1284510
alt-svc: h3=":443"; ma=86400
content-length: 569582
last-modified: Thu, 16 May 2024 11:35:46 GMT
server: cloudflare
etag: "6645ef92-8b0ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGfqbkLlXMoeLVPWhiqAgHylPs%2BMh%2BOXG1I%2FoxbU3vZ%2FuoQ7xem76AScLR%2B58AeAfDBBReKBQq9qhuxZV1cBibBycASuJX8lUhRC6ayzpZYHJTRprGZcJFzH6%2FKPGom4EQ9P"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc4028763664-FRA
priority: u=3,i
expires: Fri, 16 May 2025 12:48:57 GMT

Redirect headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 577
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SweIFXVMbGuPAGbCOVfgPepJKkVg9TFwv%2BsTlZlnkl%2BuZpQhE7AjlKeM5upKHJIeXhpsyb9Egp2IQFULSPacvbVYd7PAjTMCjcxV8Wn3MrDnCPl1qSIeYUyy3R6kJcfAhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif
cf-ray: 88c5fc3ff8463664-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i

GET
H3 200 0f905071953f834c.gif
img12.chkaja.com/files/20240506/ Frame DCC5 359 KB
0 26ms
26ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240506/0f905071953f834c.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e6b38a0bcf535c14eccaf0f089d860ab7782adf47e1e528a06c6d9a2d9961b6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2165555
alt-svc: h3=":443"; ma=86400
content-length: 367120
last-modified: Mon, 06 May 2024 06:42:10 GMT
server: cloudflare
etag: "66387bc2-59a10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmAiNAusnELTwMv1iu2vcY9eUBCqt%2FJjP00osm8oVA4xDXLUBMqI%2FnxLKphigpWB4l45z27GIIau8xv38CSAXkYcE0Z6V5XgFdqTWI0jHYjK9yyP7nhLtdbI5foZIor0Fb36"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085e3664-FRA
priority: u=3,i
expires: Tue, 06 May 2025 08:04:51 GMT

GET
H3 200 36c34c1e4ebef035.gif
img12.chkaja.com/files/20240512/ Frame DCC5 248 KB
0 25ms
25ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240512/36c34c1e4ebef035.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 273e9615acdf6807ffebab2005319a5657a9ea8f779dda6fb440e85113d9a055

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1642954
alt-svc: h3=":443"; ma=86400
content-length: 253758
last-modified: Sun, 12 May 2024 08:16:01 GMT
server: cloudflare
etag: "66407ac1-3df3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W39IZKTqUmC2EISWWx1ADYXEWvUfSJTNGWqwfOI72lEWyd2AEOWObEe%2BUtIOF0ft4Jx58pymiAd%2FjcxhR8%2BcOfQ0itlyMm%2FF6b5jFoq996ECOuMAakFcmHW1w%2FpPRnbNY%2F%2B2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085f3664-FRA
priority: u=3,i
expires: Mon, 12 May 2025 09:14:53 GMT

GET
H/1.1 200
OK 712x45.gif
2231tc.com/tp/ Frame 620F 263 KB
0 1061ms
1061ms Image
image/gif 38.34.183.209
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2231tc.com/tp/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.183.209 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 209.183-34-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 823ad4f78bac13f688cb162b2b627bd34418d816c72505e0f3395a73bdf2c419

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 03 Apr 2024 07:18:49 GMT
Server: openresty
ETag: "660d02d9-41d52"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 269650
Expires: Tue, 04 Jun 2024 08:36:49 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame 620F 300 KB
0 226ms
226ms Image
image/gif 198.2.211.80
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.80 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 307646
Expires: Tue, 28 May 2024 12:53:01 GMT

GET
H/1.1 200
OK 712x45.gif
cai75tp.com/tp/ Frame 620F 182 KB
0 1ms
1ms Image
image/gif 142.4.125.77
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cai75tp.com/tp/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.125.77 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: ac6c8e183655f03d1d84dd44f95ed1edb42197d01a8caa0b6e1a339504da3e2f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 22 May 2024 11:35:33 GMT
Server: openresty
ETag: "664dd885-2d8b7"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 186551
Expires: Fri, 21 Jun 2024 13:31:31 GMT

GET
H/1.1 200
OK 59.gif
dgtc1.top/ Frame 620F 410 KB
0 1448ms
1448ms Image
image/gif 156.251.153.28
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgtc1.top/59.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.251.153.28 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx/onex /
Resource Hash: 0deac220e0d6bd1cc4e5bb5a035958491a9467499b1a093480b1207a26950e49

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-One-Cache: HIT
Date: Fri, 31 May 2024 09:37:29 GMT
Last-Modified: Sun, 19 May 2024 10:18:07 GMT
Server: nginx/onex
ETag: "6649d1df-66840"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 419904
Expires: Tue, 25 Jun 2024 10:26:30 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame 620F 375 KB
0 0ms
0ms Image
image/gif 198.2.211.136
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.136 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 384496
Expires: Fri, 28 Jun 2024 05:15:08 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame 620F 156 KB
0 1553ms
1553ms Image
image/gif 38.34.183.198
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.34.183.198 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 198.183-34-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 375df959b600f852811683d290fa3cb6e90cedf389ff9cb277b804ff5f68b4dd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 20 Mar 2024 04:31:54 GMT
Server: openresty
ETag: "65fa66ba-26fbf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 159679
Expires: Sun, 09 Jun 2024 09:01:04 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame 620F 223 KB
0 30ms
30ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pjkbv034cbdft6qwd.com/0343.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.204.238.227 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H/1.1 200
OK 7bw50-1.gif
tp.8122778899.com/ Frame 620F 260 KB
0 0ms
0ms Image
image/gif 142.4.105.27
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.8122778899.com:8122/7bw50-1.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.105.27 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 14bb9e4a3853a947ad6c5dea51a9876ec111e802f89856d2ee3c4d3c5d2a7358

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Mon, 27 May 2024 10:09:42 GMT
Server: openresty
ETag: "66545be6-4107f"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 266367
Expires: Wed, 26 Jun 2024 11:51:20 GMT

GET
H/1.1 200
OK 750-50.gif
tp.7859778899.com/ Frame 620F 201 KB
0 8ms
8ms Image
image/gif 137.175.92.58
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.7859778899.com:7859/750-50.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.92.58 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1c0ba84bc905441a32009cc3e96ca10c87be041e0df6728d14bcd9d9b15c3379

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 29 May 2024 04:54:54 GMT
Server: openresty
ETag: "6656b51e-32209"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 205321
Expires: Fri, 28 Jun 2024 05:15:08 GMT

GET
H/1.1 200
OK 712x45.gif
9216tp1.com/7780/ Frame 620F 143 KB
0 1ms
1ms Image
image/gif 137.175.77.135
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp1.com/7780/712x45.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.77.135 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: e020ff48023453813f68be22a9af6168bb65d582abf2d9f10af29f6c386f4512

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Thu, 30 May 2024 06:18:17 GMT
Server: openresty
ETag: "66581a29-23c37"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 146487
Expires: Sat, 29 Jun 2024 12:53:58 GMT

GET
H/1.1 200
OK 960x60.gif
9323tpdy.com/tp/ Frame 620F 219 KB
0 2ms
2ms Image
image/gif 199.188.104.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tpdy.com/tp/960x60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.188.104.100 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: 7-darossaurca.com
Software: openresty /
Resource Hash: f0a656c454dbf21a9324b8dc1fa67296dc7ecc76fe340d4a4e76ad98310e39e1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Wed, 29 May 2024 11:24:47 GMT
Server: openresty
ETag: "6657107f-36bc0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 224192
Expires: Fri, 28 Jun 2024 11:48:06 GMT

GET
H2 200 lhgg.gif
tutu.facaiimage.com/ Frame 620F 208 KB
0 3ms
3ms Image
image/gif 142.0.138.187
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tutu.facaiimage.com/lhgg.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.0.138.187 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: nginx /
Resource Hash: 57ff8cfb8e7f4d360a6f7f514b9cb72f9efe05b3ed4f13a7727b6b1977abccd7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
last-modified: Mon, 08 Apr 2024 11:03:00 GMT
server: nginx
etag: "6613cee4-33f25"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 212773
expires: Sun, 30 Jun 2024 09:37:27 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame 620F 272 KB
0 18ms
18ms Image
image/gif 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5214894
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xig4EhMYL5IftjqjoJL0HDrw4n6kC%2FuT4kb660Xv%2Bg6l8xZ%2FK3x22yvWlCgWj2%2FB7DygZwRtFuYIaDeqnirkxNOclssjER7uigK5jwOglEBDueS%2FGcBwlm470s2z6KlkM1Iy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc3f4c3035ea-FRA
priority: u=3,i
expires: Tue, 01 Apr 2025 01:02:32 GMT

GET
H/1.1 200
OK 960x601.gif
8208tp.com/tp/ Frame 620F 177 KB
0 7ms
7ms Image
image/gif 45.136.119.81
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8208tp.com/tp/960x601.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.81 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 81.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 181320
Expires: Sun, 16 Jun 2024 07:49:55 GMT

GET
H3 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame 620F 665 KB
0 19ms
19ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 779248
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTARbe5pqXtH3aqEetPtWTF9zIOZKAHtJOjBWTmnStL5ktGG7XnYkDqN56SLBfCiwlbV4wl9K3xi8PVddjMLSaEhqJeSQ333Hn3SIM1KmCbTbY7%2FOYCm%2BkTNzmLRh2mmU5KomZXIkiq8ELOzRGnriwBB54jK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 88c5fc3ff8e32bb2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 19:44:40 GMT

GET
H/1.1 200
OK 8yustaoza.gif
8208tp.com/tp/ Frame 620F 193 KB
0 2ms
2ms Image
image/gif 45.136.119.81
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8208tp.com/tp/8yustaoza.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.81 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 81.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:28 GMT
Via: mycdn
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 197728
Expires: Sun, 16 Jun 2024 07:49:55 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame 620F 113 KB
0 4ms
4ms Image
image/gif 45.136.119.204
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c8932888tp.com/tp/bht60.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.136.119.204 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 204.119-136-45.rdns.scalabledns.com
Software: openresty /
Resource Hash: 8af87361004935ef41bc109093136833973d05d11065623ae551c528c5080332

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 09:37:27 GMT
Via: mycdn
Last-Modified: Fri, 12 Apr 2024 07:06:07 GMT
Server: openresty
ETag: "6618dd5f-1c3bd"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 115645
Expires: Sun, 30 Jun 2024 06:34:39 GMT

GET
H3 200 ecfb1b5f92eda01d.gif
img12.chkaja.com/files/20240515/ Frame 620F 247 KB
0 19ms
19ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240515/ecfb1b5f92eda01d.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 707594
alt-svc: h3=":443"; ma=86400
content-length: 252753
last-modified: Wed, 15 May 2024 10:21:44 GMT
server: cloudflare
etag: "66448cb8-3db51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DtjzDbhcH84PIEVFMTFi%2FQogzZxlBZhf8TWKmt%2BOE6p4lVRsKybv5Ks1VihyDljIzITg0rOPfvqhR94iT5BpFgR9DAy2bBIhS%2B6SIrgkPrKPxmSkOLyuhZCUIVwBMZ7tJ1%2Fl"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc4068cc3664-FRA
priority: u=3,i
expires: Fri, 23 May 2025 05:04:13 GMT

GET
H3

200

2294fd311d5ec49d.gif
img12.chkaja.com/files/20240516/ Frame 620F
Redirect Chain

https://img.chkaja.com/2294fd311d5ec49d.gif
https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif

556 KB
0

1ms
1ms

Image
image/gif

104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66718b90e0e8cebed28b7e9cd4c708b88caaf98e34f9be14fd92b4ab9f36b42

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://y5q-4s6.semerudiscovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1284510
alt-svc: h3=":443"; ma=86400
content-length: 569582
last-modified: Thu, 16 May 2024 11:35:46 GMT
server: cloudflare
etag: "6645ef92-8b0ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGfqbkLlXMoeLVPWhiqAgHylPs%2BMh%2BOXG1I%2FoxbU3vZ%2FuoQ7xem76AScLR%2B58AeAfDBBReKBQq9qhuxZV1cBibBycASuJX8lUhRC6ayzpZYHJTRprGZcJFzH6%2FKPGom4EQ9P"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc4028763664-FRA
priority: u=3,i
expires: Fri, 16 May 2025 12:48:57 GMT

Redirect headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 577
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SweIFXVMbGuPAGbCOVfgPepJKkVg9TFwv%2BsTlZlnkl%2BuZpQhE7AjlKeM5upKHJIeXhpsyb9Egp2IQFULSPacvbVYd7PAjTMCjcxV8Wn3MrDnCPl1qSIeYUyy3R6kJcfAhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://img12.chkaja.com/files/20240516/2294fd311d5ec49d.gif
cf-ray: 88c5fc3ff8463664-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i

GET
H3 200 0f905071953f834c.gif
img12.chkaja.com/files/20240506/ Frame 620F 359 KB
0 22ms
22ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240506/0f905071953f834c.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e6b38a0bcf535c14eccaf0f089d860ab7782adf47e1e528a06c6d9a2d9961b6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2165555
alt-svc: h3=":443"; ma=86400
content-length: 367120
last-modified: Mon, 06 May 2024 06:42:10 GMT
server: cloudflare
etag: "66387bc2-59a10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmAiNAusnELTwMv1iu2vcY9eUBCqt%2FJjP00osm8oVA4xDXLUBMqI%2FnxLKphigpWB4l45z27GIIau8xv38CSAXkYcE0Z6V5XgFdqTWI0jHYjK9yyP7nhLtdbI5foZIor0Fb36"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085e3664-FRA
priority: u=3,i
expires: Tue, 06 May 2025 08:04:51 GMT

GET
H3 200 36c34c1e4ebef035.gif
img12.chkaja.com/files/20240512/ Frame 620F 248 KB
0 23ms
23ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img12.chkaja.com/files/20240512/36c34c1e4ebef035.gif
Requested by: Host: y5q-4s6.semerudiscovery.com
URL: https://y5q-4s6.semerudiscovery.com/yjjy/bc.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 273e9615acdf6807ffebab2005319a5657a9ea8f779dda6fb440e85113d9a055

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1642954
alt-svc: h3=":443"; ma=86400
content-length: 253758
last-modified: Sun, 12 May 2024 08:16:01 GMT
server: cloudflare
etag: "66407ac1-3df3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W39IZKTqUmC2EISWWx1ADYXEWvUfSJTNGWqwfOI72lEWyd2AEOWObEe%2BUtIOF0ft4Jx58pymiAd%2FjcxhR8%2BcOfQ0itlyMm%2FF6b5jFoq996ECOuMAakFcmHW1w%2FpPRnbNY%2F%2B2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c5fc40085f3664-FRA
priority: u=3,i
expires: Mon, 12 May 2025 09:14:53 GMT

GET
H2 200 qrcode.min.js Show response
cdn.bootcdn.net/ajax/libs/qrcodejs/1.0.0/ 19 KB
8 KB 851ms
348ms Script
text/javascript 2606:4700:3110::6812:3638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bootcdn.net/ajax/libs/qrcodejs/1.0.0/qrcode.min.js
Requested by: Host: x01-49z.discount-micro.com
URL: https://x01-49z.discount-micro.com:2053/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:3638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 31 May 2024 09:37:28 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 88c5fc48ccf5c287-VIE
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodifed-Since, X-CSRF-TOKEN, X-Requested-With,token
expires: 0

GET
H2 200 favicon.ico
y5q-4s6.semerudiscovery.com/ 4 KB
4 KB 30ms
30ms Other
image/x-icon 46.253.7.156
SEVENDC

General

Check archive.org

Show headers Download Go to

Full URL

https://y5q-4s6.semerudiscovery.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.7.156 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

15ef4efb4ab43fa39fda5ad4a1b44381278da9d3cced7652fef6520e37535d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://y5q-4s6.semerudiscovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 09:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Nov 2021 15:07:54 GMT
server: nginx
etag: "618d31ca-10be"
content-type: image/x-icon
accept-ranges: bytes
content-length: 4286

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hm.baidu.com/	1970-01-21 06:35:08	Name: HMACCOUNT_BFESS Value: BE0212AE868359CA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://x01-49z.discount-micro.com:2053/app.js(Line 45) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.bootcdn.net/ajax/libs/qrcodejs/1.0.0/qrcode.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://x01-49z.discount-micro.com:2053/app.js(Line 45) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.bootcdn.net/ajax/libs/qrcodejs/1.0.0/qrcode.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://y5q-4s6.semerudiscovery.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://y5q-4s6.semerudiscovery.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1325tp.com
2231tc.com
6399tp.com
8208tp.com
9216tp1.com
9323tpdy.com
c8932888tp.com
cai75tp.com
cdn.bootcdn.net
dgtc1.top
imagedelivery.net
images.weserv.nl
img.chkaja.com
img.ooo-17.ltd
img10.chkaja.com
img11.chkaja.com
img12.chkaja.com
pjkbv034cbdft6qwd.com
pppmmm.tututufafafa.com
s1x3d.mexicorecreation.com
tong--ji.discount-micro.com
tp.7859778899.com
tp.8122778899.com
tupain2.baitu4lliltvmwelqubyqm.com
tutu.facaiimage.com
www.3400tupian.com
www.9129666tp.com
x01-49z.discount-micro.com
y5q-4s6.semerudiscovery.com
z4a.net
ztwyqsgdh.dglietou.com
104.18.3.36
104.21.234.186
104.21.234.235
104.21.235.37
104.21.235.38
134.195.197.167
134.195.197.62
137.175.77.135
137.175.92.58
142.0.138.187
142.4.105.27
142.4.125.77
156.251.153.28
188.114.96.3
188.114.97.3
198.2.211.136
198.2.211.80
198.204.238.227
199.188.104.100
2600:9000:26da:4800:14:1855:3780:93a1
2606:4700:3036::6815:30b3
2606:4700:3110::6812:3638
2a06:98c1:3121::3
38.34.183.198
38.34.183.209
45.136.119.204
45.136.119.81
46.253.6.155
46.253.7.156
66.187.193.94
079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f
0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74
0dc612f892472122ad31b7d67d40010ce7278d3ce1c11556ab7952a12a776741
0deac220e0d6bd1cc4e5bb5a035958491a9467499b1a093480b1207a26950e49
0e5657cc2ec3ecac3778320c237fddff1088d196dd598f11cef88d7af6ba9d02
0f00188c3a03746fc0d727c969e034e9e8cfa4804c2c6e168a7471e677fe0134
0fada6383084eea37080722a0b38e8bbb5c22b5e96c5c1a30e7132d501bebbfe
1104e712e03efa5a2d26d91c4a5e9c4520565ab74502e2cec9f8bb95331907c1
14bb9e4a3853a947ad6c5dea51a9876ec111e802f89856d2ee3c4d3c5d2a7358
15ef4efb4ab43fa39fda5ad4a1b44381278da9d3cced7652fef6520e37535d88
1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df
1c0ba84bc905441a32009cc3e96ca10c87be041e0df6728d14bcd9d9b15c3379
1c60bab7ab755f653d7ae735436f0beaac5372dedd729534f005872657f2da58
273e9615acdf6807ffebab2005319a5657a9ea8f779dda6fb440e85113d9a055
2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a
3021fb252ad35d85b4528031714d988ae09b0b3eb118ccf2426c56f0ba4f84ca
375df959b600f852811683d290fa3cb6e90cedf389ff9cb277b804ff5f68b4dd
379b79374fd85419732e9048da588738ef21b50c15673af1160e98cf44a6fd66
3dd447444516a3a7bb51016f53b9d5e51f5e2630382cd45e7cd7aa4f7d73210e
3e6efe0815c9ea5b4502dd6c714ad9b2d6a191c7ca9b6bb15da50201f744edaf
4bfb1722a6a8b3dbb06098c521a99934bcd3c2e6dd65ac68ab040bf9e249a7ed
4cdf356ad9f1f5001648aeb99e27f0f78109625b2bf83910e387822c1c024186
52b8837323d9374394d291385c18083fd0cc772fe019fea172d2c3176d2ae1fd
5754a557446c93493bac7a65f4b3ec1e9bce67e2da63ffa61a32b174a9cc6671
57ff8cfb8e7f4d360a6f7f514b9cb72f9efe05b3ed4f13a7727b6b1977abccd7
5ae9d1a925e5ff73ccb4ddd1e1347d00e065d1efe76942e6820e6213dc761c5c
5e6b38a0bcf535c14eccaf0f089d860ab7782adf47e1e528a06c6d9a2d9961b6
66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e
6827fad733b3b1ae8c84f554c4cdcfafcf5d80f9e81886f587390eac72cbf5a3
6832d957fd2f331dc3386c51a70abe30b9997811ad77510adf7d37443b0378fb
6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11
6cd8f1af5a0fbf8ad900df3c173f1738929b115a84245b71c945f193d298df2f
7258ca0727e3213dcc632719b008ae0a03845e123214a881be9cf7d6ba0fa125
789fecee97496327e0a92bba6935a848b6b48abbe5b60296d7de8a5aa0bddc73
7aba29366a261480736a289f19748f4c063cb9b1d23440b4ac77f6d797ea070f
7c2e91e0c01dedc90326bb79e88f933ddec44c0404cdb8975500eb206bba4dc5
810363e87aad16acb5b7c1bdeb3b1492759096af3e4c8bff6303d8b9780e9e25
823ad4f78bac13f688cb162b2b627bd34418d816c72505e0f3395a73bdf2c419
8af87361004935ef41bc109093136833973d05d11065623ae551c528c5080332
9f47cb14e759d2e75e90c421e6f382626c3978cc676b5ec9ff792ae7d09e331a
a34f9448e801cbb09648b7f84b23ed4c99f350d45b388f02eb94619405d06dd9
a3f5da2f37d48bde32193047c322a054d8fae13e0388c97aa8a76c2a88e82d1a
a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef
ab02698820a9b474d1dda26aa8ed7ea10db4f22f980ea62fadce06378f3f3b2e
ac6c8e183655f03d1d84dd44f95ed1edb42197d01a8caa0b6e1a339504da3e2f
ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a
b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8
b38088991f596027f307e2a5041806cb1df9c991a41d3012bb7ec9d1d9ba84ff
b3c1487a4dc0bb8f182ae99cdbc7ae6d50e78fc4ae12aad752704f47cf482eae
b3cda4d9143a2f218e20b900543a9f886f6b747a173b28a1f25f96cde0de016b
b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d
b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409
b74753e038b1e7455a308bc79112beb7615f6b853ae5ffb6bf88e92b81ccc997
b7efb321f18d47784d0acc92b8b29c7f5444f18874f9d28c4fde985f9d488d7a
bce8cc5cbb028384881688fa0dabcba92d9d048662db546f9aacfb29a3c1ea37
c131eeb45d5ef0c50bbd376d618ac73fc3eb31d9fa0a21398a474748091d48e1
c3e192e3723193ba163c47df28401d03a95b20a26cebc13cad1025f23dc9b0b5
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
cd7cb3ce458d2ca2be0afec55619cb1afbbbd2f3437452aa64e7d81207527dcd
d1cdacfca4acb6ba851ec84e1bce56863166d935a784ed89a7c381046cd1417f
d580aa056de9feef2e9d5633d1d10d93b78b3185db715865f4bbc2dd0d733fa6
d66718b90e0e8cebed28b7e9cd4c708b88caaf98e34f9be14fd92b4ab9f36b42
d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5
d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558
d7a22354aeb342419133a53eab028575c7572dc21461430c719287aa017db547
daf6d005b90cef0c3554059480c79555bcb6ec6968ee5392889fdd15dc6eb7a2
dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd
dce826e006580a87880617fa0f71161975fcc4d5a9839c868e11613fd5820fc7
e020ff48023453813f68be22a9af6168bb65d582abf2d9f10af29f6c386f4512
e1ba4eac9df9e93b52b44220699d05f4f099f856f33255483ef6ad6d0b0d5743
e4cc67588b583296adfce78f7999d1395eff290ecf1125a76bcab7f09ada2065
e4fd1a97dd68cb6e5197f30d21582e3ae36ae1eb7bed4f6071e3b3ed86408439
f0a656c454dbf21a9324b8dc1fa67296dc7ecc76fe340d4a4e76ad98310e39e1
f1d50464bd958dc1a78ce17291b39dbd05e4b105aed51ba1ab165bf7a000ffa5
f7050848032079339fc54cf1cb0b7f29e94dceccba050bdf0a8fec314554c66f
faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

y5q-4s6.semerudiscovery.com Open in urlscan Pro 46.253.7.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

242 Requests

86 %HTTPS

13 %IPv6

27 Domains

31 Subdomains

30 IPs

5 Countries

11328 kBTransfer

61320 kBSize

1 Cookies

1 Outgoing links

Redirected requests

242 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

y5q-4s6.semerudiscovery.com Open in urlscan Pro
46.253.7.156 Public Scan

Screenshot
Live screenshot

Full Image

242
Requests

86 %
HTTPS

13 %
IPv6

27
Domains

31
Subdomains

30
IPs

5
Countries

11328 kB
Transfer

61320 kB
Size

1
Cookies

242 HTTP transactions
0 data transactions