z54y-6yqs.semerudiscovery.com Open in urlscan Pro
66.187.193.68 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://z54y-6yqs.semerudiscovery.com/
Submission: On April 01 via api (April 1st 2024, 9:04:13 am UTC) from US — Scanned from US

Summary HTTP 257 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 28 domains to perform 257 HTTP transactions. The main IP is 66.187.193.68, located in Montreal, Canada and belongs to HIVE-DATA-CENTER, CA. The main domain is z54y-6yqs.semerudiscovery.com.
TLS certificate: Issued by R3 on March 18th 2024. Valid for: 3 months.

This is the only time z54y-6yqs.semerudiscovery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 24	66.187.193.68 66.187.193.68	33185 (HIVE-DATA...) (HIVE-DATA-CENTER)
1	134.195.197.167 134.195.197.167	62563 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
1	134.195.197.62 134.195.197.62	62563 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
6	104.21.235.38 104.21.235.38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	66.187.192.172 66.187.192.172	33185 (HIVE-DATA...) (HIVE-DATA-CENTER)
2 10	104.21.235.37 104.21.235.37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	192.74.227.226 192.74.227.226	54600 (PEG-SV) (PEG-SV)
21	2600:9000:220... 2600:9000:2209:d800:14:1855:3780:93a1	16509 (AMAZON-02) (AMAZON-02)
21	172.67.156.5 172.67.156.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	198.204.238.227 198.204.238.227	33387 (NOCIX) (NOCIX)
6	172.67.155.86 172.67.155.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	192.74.232.140 192.74.232.140	54600 (PEG-SV) (PEG-SV)
7	198.2.204.100 198.2.204.100	54600 (PEG-SV) (PEG-SV)
7	149.104.32.243 149.104.32.243	40065 (CNSERVERS) (CNSERVERS)
7	107.148.194.12 107.148.194.12	54600 (PEG-SV) (PEG-SV)
8	38.145.218.136 38.145.218.136	18978 (ENZUINC-) (ENZUINC-)
7	142.4.127.78 142.4.127.78	54600 (PEG-SV) (PEG-SV)
14	198.2.195.83 198.2.195.83	54600 (PEG-SV) (PEG-SV)
7	104.18.2.36 104.18.2.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	107.148.195.241 107.148.195.241	54600 (PEG-SV) (PEG-SV)
7	137.175.69.133 137.175.69.133	54600 (PEG-SV) (PEG-SV)
7	198.2.209.177 198.2.209.177	54600 (PEG-SV) (PEG-SV)
7	192.74.245.123 192.74.245.123	54600 (PEG-SV) (PEG-SV)
2	2606:4700:303... 2606:4700:3038::6815:eaea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	199.180.100.129 199.180.100.129	54600 (PEG-SV) (PEG-SV)
7	172.67.178.87 172.67.178.87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	172.67.199.210 172.67.199.210	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.234.187 104.21.234.187	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	104.21.234.235 104.21.234.235	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	46.253.6.155 46.253.6.155	216145 (SEVENDC) (SEVENDC)
257	31

24 66.187.193.68 (Montreal, Canada) 2 redirects

ASN33185 (HIVE-DATA-CENTER, CA)

z54y-6yqs.semerudiscovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.195.197.167 (Vancouver, Canada)

ASN62563 (AS-GLOBALTELEHOST, CA)
PTR: 167-197-195-134.clients.gthost.com

x01-49z.discount-micro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.195.197.62 (Vancouver, Canada)

ASN62563 (AS-GLOBALTELEHOST, CA)
PTR: 62-197-195-134.clients.gthost.com

tong--ji.discount-micro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.21.235.38 (None, )

ASN13335 (CLOUDFLARENET, US)

img10.chkaja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.187.192.172 (Montreal, Canada)

ASN33185 (HIVE-DATA-CENTER, CA)
PTR: ip.172.192.187.66.hivedatacenter.com

ztwyqsgdh.dglietou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.21.235.37 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

img.chkaja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img11.chkaja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.74.227.226 (United States)

ASN54600 (PEG-SV, US)

9831tc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:2209:d800:14:1855:3780:93a1 (United States)

ASN16509 (AMAZON-02, US)

pppmmm.tututufafafa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.67.156.5 (United States)

ASN13335 (CLOUDFLARENET, US)

tupain2.baitu4lliltvmwelqubyqm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 198.204.238.227 (United States)

ASN33387 (NOCIX, US)

pjkbv034cbdft6qwd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.155.86 (United States)

ASN13335 (CLOUDFLARENET, US)

www.3400tupian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.74.232.140 (United States)

ASN54600 (PEG-SV, US)

9323tp.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 198.2.204.100 (United States)

ASN54600 (PEG-SV, US)

c7575tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 149.104.32.243 (United States)

ASN40065 (CNSERVERS, US)

www.gggttt888.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 107.148.194.12 (United States)

ASN54600 (PEG-SV, US)

www.8122888tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 38.145.218.136 (Chicago, United States)

ASN18978 (ENZUINC-, US)
PTR: 136.218-145-38.rdns.scalabledns.com

6399tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.4.127.78 (United States)

ASN54600 (PEG-SV, US)

www.7859888tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 198.2.195.83 (United States)

ASN54600 (PEG-SV, US)

5698tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.2.36 (None, )

ASN13335 (CLOUDFLARENET, US)

imagedelivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 107.148.195.241 (United States)

ASN54600 (PEG-SV, US)

9216tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 137.175.69.133 (United States)

ASN54600 (PEG-SV, US)

c8932888tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 198.2.209.177 (United States)

ASN54600 (PEG-SV, US)

www.9129666tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.74.245.123 (United States)

ASN54600 (PEG-SV, US)

1325tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:eaea (United States)

ASN13335 (CLOUDFLARENET, US)

z4a.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.180.100.129 (United States)

ASN54600 (PEG-SV, US)

tutu.facaiimage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.178.87 (United States)

ASN13335 (CLOUDFLARENET, US)

img.ooo-09.ltd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.199.210 (United States)

ASN13335 (CLOUDFLARENET, US)

v.tu05v46466.ltd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.234.187 (None, )

ASN13335 (CLOUDFLARENET, US)

images.weserv.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.21.234.235 (None, )

ASN13335 (CLOUDFLARENET, US)

z4a.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 46.253.6.155 (Bulgaria)

ASN216145 (SEVENDC, BG)

s1x3d.mexicorecreation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	semerudiscovery.com 2 redirects z54y-6yqs.semerudiscovery.com	145 KB
21	baitu4lliltvmwelqubyqm.com tupain2.baitu4lliltvmwelqubyqm.com	15 MB
21	tututufafafa.com pppmmm.tututufafafa.com — Cisco Umbrella Rank: 826377	12 MB
16	chkaja.com 2 redirects img10.chkaja.com — Cisco Umbrella Rank: 932399 img.chkaja.com — Cisco Umbrella Rank: 527721 img11.chkaja.com — Cisco Umbrella Rank: 610547	2 MB
14	z4a.net z4a.net — Cisco Umbrella Rank: 538186	695 KB
14	5698tp.com 5698tp.com	3 MB
12	mexicorecreation.com s1x3d.mexicorecreation.com	10 KB
8	6399tp.com 6399tp.com	2 MB
8	9831tc.com 9831tc.com	2 MB
7	tu05v46466.ltd v.tu05v46466.ltd	2 MB
7	ooo-09.ltd img.ooo-09.ltd	4 MB
7	1325tp.com 1325tp.com	1 MB
7	9129666tp.com www.9129666tp.com	3 MB
7	c8932888tp.com c8932888tp.com	3 MB
7	9216tp.com 9216tp.com	2 MB
7	imagedelivery.net imagedelivery.net — Cisco Umbrella Rank: 20137	4 MB
7	7859888tp.com www.7859888tp.com	1 MB
7	8122888tp.com www.8122888tp.com	1 MB
7	gggttt888.com www.gggttt888.com	2 MB
7	c7575tp.com c7575tp.com	1 MB
7	9323tp.cc 9323tp.cc	1 MB
7	pjkbv034cbdft6qwd.com pjkbv034cbdft6qwd.com	2 MB
6	facaiimage.com tutu.facaiimage.com	102 KB
6	3400tupian.com www.3400tupian.com	2 MB
2	weserv.nl images.weserv.nl — Cisco Umbrella Rank: 100620	207 KB
2	dglietou.com ztwyqsgdh.dglietou.com
2	discount-micro.com x01-49z.discount-micro.com tong--ji.discount-micro.com	4 KB
0	aliyuncs.com Failed oss118.oss-accelerate.aliyuncs.com Failed
257	28

	Domain	Requested by
24	z54y-6yqs.semerudiscovery.com	2 redirects z54y-6yqs.semerudiscovery.com
21	tupain2.baitu4lliltvmwelqubyqm.com	z54y-6yqs.semerudiscovery.com
21	pppmmm.tututufafafa.com	z54y-6yqs.semerudiscovery.com
14	z4a.net	z54y-6yqs.semerudiscovery.com
14	5698tp.com	z54y-6yqs.semerudiscovery.com
12	s1x3d.mexicorecreation.com	z54y-6yqs.semerudiscovery.com
8	6399tp.com	z54y-6yqs.semerudiscovery.com
8	9831tc.com	z54y-6yqs.semerudiscovery.com
8	img11.chkaja.com	z54y-6yqs.semerudiscovery.com
7	v.tu05v46466.ltd	z54y-6yqs.semerudiscovery.com
7	img.ooo-09.ltd	z54y-6yqs.semerudiscovery.com
7	1325tp.com	z54y-6yqs.semerudiscovery.com
7	www.9129666tp.com	z54y-6yqs.semerudiscovery.com
7	c8932888tp.com	z54y-6yqs.semerudiscovery.com
7	9216tp.com	z54y-6yqs.semerudiscovery.com
7	imagedelivery.net	z54y-6yqs.semerudiscovery.com
7	www.7859888tp.com	z54y-6yqs.semerudiscovery.com
7	www.8122888tp.com	z54y-6yqs.semerudiscovery.com
7	www.gggttt888.com	z54y-6yqs.semerudiscovery.com
7	c7575tp.com	z54y-6yqs.semerudiscovery.com
7	9323tp.cc	z54y-6yqs.semerudiscovery.com
7	pjkbv034cbdft6qwd.com	z54y-6yqs.semerudiscovery.com
6	tutu.facaiimage.com	z54y-6yqs.semerudiscovery.com
6	www.3400tupian.com	z54y-6yqs.semerudiscovery.com
6	img10.chkaja.com	z54y-6yqs.semerudiscovery.com
2	images.weserv.nl	z54y-6yqs.semerudiscovery.com
2	img.chkaja.com	2 redirects
2	ztwyqsgdh.dglietou.com	z54y-6yqs.semerudiscovery.com
1	tong--ji.discount-micro.com	z54y-6yqs.semerudiscovery.com
1	x01-49z.discount-micro.com	z54y-6yqs.semerudiscovery.com
0	oss118.oss-accelerate.aliyuncs.com Failed	z54y-6yqs.semerudiscovery.com
257	31

This site contains links to these domains. Also see Links.

Domain
vo9xia.zai.castingwheels.com

Subject Issuer	Validity	Valid
029gdh.wjburley.com R3	`2024-03-18` - `2024-06-16`	3 months	crt.sh
x01-49z.discount-micro.com R3	`2024-01-23` - `2024-04-22`	3 months	crt.sh
tong--ji.discount-micro.com R3	`2024-01-23` - `2024-04-22`	3 months	crt.sh
chkaja.com E1	`2024-03-04` - `2024-06-02`	3 months	crt.sh
ztwyqsgdh.dglietou.com R3	`2024-02-01` - `2024-05-01`	3 months	crt.sh
9831tc.com R3	`2024-02-26` - `2024-05-26`	3 months	crt.sh
pppmmm.tututufafafa.com Amazon RSA 2048 M02	`2024-03-29` - `2025-04-28`	a year	crt.sh
baitu4lliltvmwelqubyqm.com GTS CA 1P5	`2024-03-03` - `2024-06-01`	3 months	crt.sh
pjkbv034cbdft6qwd.com Certum Domain Validation CA SHA2	`2023-08-08` - `2024-09-06`	a year	crt.sh
3400tupian.com E1	`2024-03-22` - `2024-06-20`	3 months	crt.sh
9323tp.cc R3	`2024-03-16` - `2024-06-14`	3 months	crt.sh
c7575tp.com R3	`2024-02-10` - `2024-05-10`	3 months	crt.sh
www.gggttt888.com R3	`2024-01-12` - `2024-04-11`	3 months	crt.sh
www.8122888tp.com R3	`2024-03-28` - `2024-06-26`	3 months	crt.sh
6399tp.com R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
www.7859888tp.com R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
5698tp.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
imagedelivery.net E1	`2024-03-23` - `2024-06-21`	3 months	crt.sh
9216tp.com R3	`2024-01-27` - `2024-04-26`	3 months	crt.sh
c8932888tp.com R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
www.9129666tp.com R3	`2024-01-31` - `2024-04-30`	3 months	crt.sh
1325tp.com R3	`2024-02-28` - `2024-05-28`	3 months	crt.sh
z4a.net GTS CA 1P5	`2024-02-25` - `2024-05-25`	3 months	crt.sh
facaiimage.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-23` - `2025-02-22`	a year	crt.sh
ooo-09.ltd E1	`2024-03-27` - `2024-06-25`	3 months	crt.sh
tu05v46466.ltd E1	`2024-03-30` - `2024-06-28`	3 months	crt.sh
weserv.nl GTS CA 1P5	`2024-02-12` - `2024-05-12`	3 months	crt.sh
s1x3d.mexicorecreation.com R3	`2024-02-16` - `2024-05-16`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://z54y-6yqs.semerudiscovery.com/
Frame ID: A7C7BAF26F3B48E51B6EFAF8EB897D05
Requests: 7 HTTP requests in this frame

Frame: https://z54y-6yqs.semerudiscovery.com/tb/
Frame ID: B1732B6D8F98E1A5BD34358B535EFAF9
Requests: 4 HTTP requests in this frame

Frame: https://tong--ji.discount-micro.com:2053/gdh.html
Frame ID: 97E56BEA77D0C2194B2F18BDEDC46210
Requests: 1 HTTP requests in this frame

Frame: https://z54y-6yqs.semerudiscovery.com/yjjy/
Frame ID: 07775E5FC0D7257CE150A52176E546D0
Requests: 47 HTTP requests in this frame

Frame: https://ztwyqsgdh.dglietou.com/ambm/dbkj.html
Frame ID: 2006FFAD5767832176C0016AF4790893
Requests: 1 HTTP requests in this frame

Frame: https://ztwyqsgdh.dglietou.com/ambm/02949.html
Frame ID: 2320A934D963056F1293716AB050075D
Requests: 1 HTTP requests in this frame

Frame: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Frame ID: 9DAFFF4331D8AE76284D0F7651AD873E
Requests: 61 HTTP requests in this frame

Frame: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Frame ID: F9D381D949457C484B59D4CAE9747969
Requests: 59 HTTP requests in this frame

Frame: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Frame ID: C21927A2241C5B7AD716BEFD578B902F
Requests: 63 HTTP requests in this frame

Frame: https://z54y-6yqs.semerudiscovery.com/yjjy/sx.htm
Frame ID: 74911B37D53345C8904D77F07727C6DC
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

【廣.東.會】致力打造，火热全网！

Page Statistics

257
Requests

85 %
HTTPS

7 %
IPv6

28
Domains

31
Subdomains

31
IPs

4
Countries

64827 kB
Transfer

64880 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vo9xia.zai.castingwheels.com:8443/0149dh/
Title: 下载APP

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://z54y-6yqs.semerudiscovery.com/tb HTTP 301
https://z54y-6yqs.semerudiscovery.com/tb/

Request Chain 6

https://z54y-6yqs.semerudiscovery.com/yjjy HTTP 301
https://z54y-6yqs.semerudiscovery.com/yjjy/

Request Chain 19

https://img.chkaja.com/4d7e508dcdb0d76e.gif HTTP 301
https://img11.chkaja.com/files/20240401/4d7e508dcdb0d76e.gif

Request Chain 48

https://img.chkaja.com/b7d02236465fda64.gif HTTP 301
https://img10.chkaja.com/files/20240119/b7d02236465fda64.gif

257 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
z54y-6yqs.semerudiscovery.com/ 9 KB
5 KB 350ms
80ms Document
text/html 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://z54y-6yqs.semerudiscovery.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

e4cc67588b583296adfce78f7999d1395eff290ecf1125a76bcab7f09ada2065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 01 Apr 2024 09:03:56 GMT
etag: W/"66061674-25f7"
last-modified: Fri, 29 Mar 2024 01:16:36 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 style.css
z54y-6yqs.semerudiscovery.com/skin/css/ 28 KB
8 KB 88ms
86ms Stylesheet
text/css 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://z54y-6yqs.semerudiscovery.com/skin/css/style.css

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

0b9ddf988a8320200b6b618aa65eec4a4df40438c9a385b7bea7bd1630e5618a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 01 Mar 2024 03:20:50 GMT
server: nginx
etag: W/"65e14992-7024"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 01 Apr 2024 21:03:56 GMT

GET
H2 200 tbv84f.js Show response
z54y-6yqs.semerudiscovery.com/tb/ 1 KB
910 B 90ms
89ms Script
application/javascript 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://z54y-6yqs.semerudiscovery.com/tb/tbv84f.js

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

1936c27bacc5c82d91f4fd12748ba5ad3350a265e41abf44f62abe9449fd2e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 07:53:06 GMT
server: nginx
etag: W/"6267a4e2-47d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 01 Apr 2024 21:03:56 GMT

GET
H2 200 wenzhangc0sh.js Show response
z54y-6yqs.semerudiscovery.com/yjjy/ 2 KB
1 KB 91ms
90ms Script
application/javascript 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/wenzhangc0sh.js

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

789fecee97496327e0a92bba6935a848b6b48abbe5b60296d7de8a5aa0bddc73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 10 Feb 2024 05:23:17 GMT
server: nginx
etag: W/"65c70845-6e0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 01 Apr 2024 21:03:56 GMT

GET
H2 200 app.js Show response
x01-49z.discount-micro.com/ 8 KB
4 KB 551ms
129ms Script
application/javascript 134.195.197.167
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://x01-49z.discount-micro.com:2053/app.js

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.197.167 Vancouver, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

167-197-195-134.clients.gthost.com

Software

nginx /

Resource Hash

9ad7f8d84ca78884cc819bffdbdbd4f9d9c3c9add8a4a91e5e54a6aa6590bddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 01 Feb 2024 06:12:48 GMT
server: nginx
etag: W/"65bb3660-200c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 01 Apr 2024 21:03:56 GMT

GET
H2

200

/ Show response
z54y-6yqs.semerudiscovery.com/tb/ Frame B173
Redirect Chain

https://z54y-6yqs.semerudiscovery.com/tb
https://z54y-6yqs.semerudiscovery.com/tb/

2 KB
972 B

77ms
77ms

Document
text/html

66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://z54y-6yqs.semerudiscovery.com/tb/

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/tb/tbv84f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

dfcb757c7bfe5360d79c7e57f83d43e22d2e1d934c1313abfc26f899643edbcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://z54y-6yqs.semerudiscovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 01 Apr 2024 09:03:56 GMT
etag: W/"660a6f05-73b"
last-modified: Mon, 01 Apr 2024 08:23:33 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

content-length: 162
content-type: text/html
date: Mon, 01 Apr 2024 09:03:56 GMT
location: https://z54y-6yqs.semerudiscovery.com/tb/
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 gdh.html
tong--ji.discount-micro.com/ Frame 97E5 0
0 771ms
85ms Document
text/html 134.195.197.62
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://tong--ji.discount-micro.com:2053/gdh.html

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.197.62 Vancouver, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

62-197-195-134.clients.gthost.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://z54y-6yqs.semerudiscovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-length: 580
content-type: text/html
date: Mon, 01 Apr 2024 09:03:57 GMT
etag: "65640bf6-244"
last-modified: Mon, 27 Nov 2023 03:24:38 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H2

200

/ Show response
z54y-6yqs.semerudiscovery.com/yjjy/ Frame 0777
Redirect Chain

https://z54y-6yqs.semerudiscovery.com/yjjy
https://z54y-6yqs.semerudiscovery.com/yjjy/

100 KB
17 KB

112ms
110ms

Document
text/html

66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/wenzhangc0sh.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

670dc3bdc0213b1023bed982cba997a4b219a46642c97d7b51424a5647b02d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://z54y-6yqs.semerudiscovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 01 Apr 2024 09:03:56 GMT
etag: W/"660a6f71-191c1"
last-modified: Mon, 01 Apr 2024 08:25:21 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

content-length: 162
content-type: text/html
date: Mon, 01 Apr 2024 09:03:56 GMT
location: https://z54y-6yqs.semerudiscovery.com/yjjy/
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 logoa.png
z54y-6yqs.semerudiscovery.com/yjjy/images/ Frame B173 10 KB
10 KB 101ms
97ms Image
image/png 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/images/logoa.png

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/tb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

52b8837323d9374394d291385c18083fd0cc772fe019fea172d2c3176d2ae1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/tb/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20 Mar 2024 11:55:58 GMT
server: nginx
etag: "65facece-2869"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10345
expires: Wed, 01 May 2024 09:03:56 GMT

GET
H2 200 0149115.png
z54y-6yqs.semerudiscovery.com/yjjy/images/ Frame B173 5 KB
6 KB 109ms
106ms Image
image/png 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/images/0149115.png

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/tb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

1c2b321436b5c522dba68fc956062153ff87867c777f434d2f2b75c575c91661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/tb/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Apr 2024 08:23:22 GMT
server: nginx
etag: "660a6efa-15d2"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5586
expires: Wed, 01 May 2024 09:03:56 GMT

GET
H3 200 cbd6abd603e97465.png
img10.chkaja.com/files/20240109/ Frame B173 31 KB
32 KB 465ms
223ms Image
image/png 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img10.chkaja.com/files/20240109/cbd6abd603e97465.png

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/tb/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b74753e038b1e7455a308bc79112beb7615f6b853ae5ffb6bf88e92b81ccc997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899925
alt-svc: h3=":443"; ma=86400
content-length: 32015
last-modified: Tue, 09 Jan 2024 10:03:31 GMT
server: cloudflare
etag: "659d19f3-7d0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=buswraVPWALtC0TD844B2w9vQC0a3bSFvTPj%2BnQezyYOaoEE6NpzPLkyZlCiQECzaz8%2FuXzIg42PeDAGWmJPI64eq7itBaL7jcQRe2wxqPczU8gGsozt0ic621a%2BizFPlGqh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86d768abfe768e02-MIA
priority: u=1,i
expires: Wed, 26 Feb 2025 19:31:51 GMT

GET
H2 200 dbkj.html
ztwyqsgdh.dglietou.com/ambm/ Frame 2006 0
0 528ms
54ms Document
text/html 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/dbkj.html

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/tb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://z54y-6yqs.semerudiscovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html
date: Mon, 01 Apr 2024 09:03:57 GMT
etag: W/"63a70a62-af4"
expires: Wed, 01 May 2024 09:03:57 GMT
last-modified: Sat, 24 Dec 2022 14:19:14 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 sty1e.css
z54y-6yqs.semerudiscovery.com/yjjy/images/ Frame 0777 2 KB
965 B 85ms
82ms Stylesheet
text/css 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/images/sty1e.css

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

b7efb321f18d47784d0acc92b8b29c7f5444f18874f9d28c4fde985f9d488d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/yjjy/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 06:25:00 GMT
server: nginx
etag: W/"617f883c-618"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 01 Apr 2024 21:03:56 GMT

GET
H2 200 icon1.png
z54y-6yqs.semerudiscovery.com/yjjy/images/ Frame 0777 11 KB
11 KB 101ms
98ms Image
image/png 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/images/icon1.png

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

3e6efe0815c9ea5b4502dd6c714ad9b2d6a191c7ca9b6bb15da50201f744edaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/yjjy/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Nov 2021 23:46:20 GMT
server: nginx
etag: "61831f4c-2c05"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11269
expires: Wed, 01 May 2024 09:03:56 GMT

GET
H2 200 icon2.png
z54y-6yqs.semerudiscovery.com/yjjy/images/ Frame 0777 11 KB
11 KB 139ms
136ms Image
image/png 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/images/icon2.png

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

6cd8f1af5a0fbf8ad900df3c173f1738929b115a84245b71c945f193d298df2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/yjjy/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Nov 2021 23:46:22 GMT
server: nginx
etag: "61831f4e-2c06"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11270
expires: Wed, 01 May 2024 09:03:56 GMT

GET
H2 200 icon3.png
z54y-6yqs.semerudiscovery.com/yjjy/images/ Frame 0777 10 KB
10 KB 149ms
116ms Image
image/png 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/images/icon3.png

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

1104e712e03efa5a2d26d91c4a5e9c4520565ab74502e2cec9f8bb95331907c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/yjjy/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Nov 2021 23:46:22 GMT
server: nginx
etag: "61831f4e-2883"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10371
expires: Wed, 01 May 2024 09:03:56 GMT

GET
H2 200 icon4.png
z54y-6yqs.semerudiscovery.com/yjjy/images/ Frame 0777 11 KB
11 KB 167ms
134ms Image
image/png 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/images/icon4.png

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

9f47cb14e759d2e75e90c421e6f382626c3978cc676b5ec9ff792ae7d09e331a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/yjjy/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Nov 2021 23:46:24 GMT
server: nginx
etag: "61831f50-2a76"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10870
expires: Wed, 01 May 2024 09:03:56 GMT

GET
H2 200 icon5.png
z54y-6yqs.semerudiscovery.com/yjjy/images/ Frame 0777 11 KB
11 KB 180ms
147ms Image
image/png 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/images/icon5.png

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

dce826e006580a87880617fa0f71161975fcc4d5a9839c868e11613fd5820fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/yjjy/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Nov 2021 23:46:24 GMT
server: nginx
etag: "61831f50-2aae"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10926
expires: Wed, 01 May 2024 09:03:56 GMT

GET
H3 200 514c5d90740434a2.gif
img10.chkaja.com/files/20240125/ Frame 0777 16 KB
16 KB 435ms
261ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img10.chkaja.com/files/20240125/514c5d90740434a2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d580aa056de9feef2e9d5633d1d10d93b78b3185db715865f4bbc2dd0d733fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2908331
alt-svc: h3=":443"; ma=86400
content-length: 16323
last-modified: Thu, 25 Jan 2024 03:50:43 GMT
server: cloudflare
etag: "65b1da93-3fc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ch4XIX1DXq8x0lo9moUWl1s8Z8SEKjPWjvDgfWLelhQ98xwI1Nv8l8EGpz4%2FcG7ZVffHLlhVN3H3i%2FjSioqMexz3lfmlLO2vxvSd3236pFtc2BW6CTyNnWfpMlmIIOImLAn%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86d768abfe738e02-MIA
priority: u=3,i
expires: Wed, 26 Feb 2025 17:11:45 GMT

GET
H3 200 03b5328e493b7c8b.png
img10.chkaja.com/files/20240125/ Frame 0777 111 KB
112 KB 342ms
168ms Image
image/png 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img10.chkaja.com/files/20240125/03b5328e493b7c8b.png

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a22354aeb342419133a53eab028575c7572dc21461430c719287aa017db547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899925
alt-svc: h3=":443"; ma=86400
content-length: 113649
last-modified: Thu, 25 Jan 2024 03:57:19 GMT
server: cloudflare
etag: "65b1dc1f-1bbf1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QnOdp9l%2FdlHRoDeasGXGNyWoKZrOSCSUjXLDK0XMcf3L%2F0T6vqtflAK12XBImf46ifdJcMbzAjEG8R2MOGh%2FS5Dx6x9LNcHSX9mqPK6i9Z1B5GbfqavWEmBdwvJ8JC%2BSColB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86d768abfe728e02-MIA
priority: u=3,i
expires: Wed, 26 Feb 2025 19:31:51 GMT

GET
H3

200

4d7e508dcdb0d76e.gif
img11.chkaja.com/files/20240401/ Frame 0777
Redirect Chain

https://img.chkaja.com/4d7e508dcdb0d76e.gif
https://img11.chkaja.com/files/20240401/4d7e508dcdb0d76e.gif

23 KB
24 KB

122ms
77ms

Image
image/gif

104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240401/4d7e508dcdb0d76e.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Server

104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ad6a5b9d23c162842eacf0792adb7651d8b232d321207de3bfb0b62dc830864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://z54y-6yqs.semerudiscovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Apr 2024 09:03:57 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2130
alt-svc: h3=":443"; ma=86400
content-length: 23818
last-modified: Mon, 01 Apr 2024 08:16:11 GMT
server: cloudflare
etag: "660a6d4b-5d0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=om2HZHFkLVo7pVT0Xpb0crWdSYMnDZilfiPGz%2ByQ%2FrWegLrAtf5ZHe8GG6axRQOVRaLCFy%2BirksVJ%2F%2BcEyPJYBDYsPnAEoNwRR6lcw5%2F1%2B4KpFYgIz3OgZ8srs5G7LAK%2BtXH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86d768adbb1a09f2-MIA
priority: u=3,i
expires: Tue, 01 Apr 2025 08:28:27 GMT

Redirect headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 465
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2BG6iALL74KGDE56qDCplIARPInxec7iMrisJIGcHsso%2BnoOpMcv%2FDl1NYvPgPwAzPjIjmqdPDeEv82zwj6q3oNxTMRtoYWBQaEneZHJnjl3dKmVLKzsudmNB0rGgy1Y9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://img11.chkaja.com/files/20240401/4d7e508dcdb0d76e.gif
cf-ray: 86d768ac0a7909f2-MIA
alt-svc: h3=":443"; ma=86400
priority: u=3,i

GET
H2 200 jc.png
z54y-6yqs.semerudiscovery.com/yjjy/images/ Frame 0777 14 KB
14 KB 196ms
165ms Image
image/png 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/images/jc.png

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

d1cdacfca4acb6ba851ec84e1bce56863166d935a784ed89a7c381046cd1417f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/yjjy/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 08 Apr 2023 12:12:46 GMT
server: nginx
etag: "64315a3e-3870"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14448
expires: Wed, 01 May 2024 09:03:56 GMT

GET
H/1.1 200
OK 712x45.gif
9831tc.com/tp/ Frame 0777 254 KB
255 KB 1483ms
123ms Image
image/gif 192.74.227.226
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9831tc.com/tp/712x45.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.227.226 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 2c38ff94e9acc4d3c3e7c23f8b3e77928735ccb963b7852845c1897e1cb8397f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:03:58 GMT
Via: s202311034054
Last-Modified: Sun, 31 Mar 2024 08:17:33 GMT
Server: openresty
ETag: "66091c1d-3f9f2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 260594
Expires: Tue, 30 Apr 2024 08:19:59 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/mt2023/ Frame 0777 439 KB
440 KB 1440ms
68ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 02 Mar 2024 10:58:35 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 2585123
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:26 GMT
server: nginx
etag: "65843a32-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: g8zt3RzqHIioOdY24yOfqzu2f2H7K6fr8c7ZZnKwqzSKI4zbWZYR9A==
expires: Mon, 01 Apr 2024 10:58:35 GMT

GET
H3 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame 0777 810 KB
811 KB 396ms
95ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 12:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301798
etag: "658d6b0d-ca80e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AxzxxUjAkszSarD5jBb7RhxEldIt3ujbyau%2BzCALMH%2FjiD693j5YP6884NuP6SLcra2ivlbQoGFikA6iUyvWokebLLmCfZHFlrx6SQ6hshB%2BacrUfph4PTOBuBdxBjZKq9zTTtq%2FEWYttRmmDFkOffctWPwD"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768accc5f5c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame 0777 223 KB
224 KB 613ms
138ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pjkbv034cbdft6qwd.com/0343.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.204.238.227 , United States, ASN33387 (NOCIX, US),

Reverse DNS

Software

nginx /

Resource Hash

0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:57 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Wed, 01 May 2024 09:03:57 GMT

GET
H3 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame 0777 282 KB
283 KB 353ms
173ms Image
image/gif 172.67.155.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.155.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 854451
alt-svc: h3=":443"; ma=86400
content-length: 289258
last-modified: Wed, 31 Jan 2024 16:12:40 GMT
server: cloudflare
etag: "65ba7178-469ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WGAl7kOOViCAOxrOc1Ja7KyACixn%2Bf7NjhY38QL4aexm1ROGVz5cuzvBZeU3EJs6oFMqFNYoCE5T8TYqUKJ%2BG7WBwEkDkXUWH4iyOyzLOrNqk7tWvuMED4VLl6jHvv36aUKRSQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86d768ac0f463359-MIA
expires: Wed, 10 Apr 2024 16:18:33 GMT

GET
H3 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame 0777 662 KB
663 KB 895ms
584ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 13:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301798
etag: "6569e283-a5894"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yP77NV9sFmRvAI7PlLBzyjjFJ%2BfKzaFZk6x%2B2mQ0%2Ffh6KlBsDJZdHISP3dx7ApIN%2B%2BJEgKBaFFW2rrPD6RviwE7E5DcP%2BENRVNBTi6PHgRz%2BpLgTRZXf0w%2BO8JV%2FeYSbJJh04HNi37MGcqERqSm0ZBeifstj"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768acec815c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame 0777 272 KB
272 KB 353ms
174ms Image
image/gif 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899920
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WDiMeI%2BTrgftE3Ql3gDyVKjqj07IiFm3tPlR45fKYS9kCFnA%2BZeF22LMw52ToZOYw2LN4ACFwSbvKFsTPvlblr6JKgpvgHekKSSLI%2BmS3m6GKstWzLogUbAY3hq68xZntWdj"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86d768ac0a7a09f2-MIA
priority: u=3,i
expires: Wed, 26 Feb 2025 19:31:55 GMT

GET
H/1.1 200
OK 960x60.gif
9323tp.cc/tp/ Frame 0777 148 KB
148 KB 980ms
121ms Image
image/gif 192.74.232.140
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tp.cc/tp/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.232.140 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: dc275b7fde01a28c190c792ec1d1e3fe80972043854c0a4d231e23a6069f2583

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:03:58 GMT
Via: s202311041118
Last-Modified: Fri, 08 Mar 2024 04:43:09 GMT
Server: openresty
ETag: "65ea975d-24fca"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 151498
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H/1.1 200
OK 712x45.gif
c7575tp.com/tp/ Frame 0777 151 KB
151 KB 1318ms
118ms Image
image/gif 198.2.204.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c7575tp.com/tp/712x45.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.2.204.100 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

0414a80b05b71cf0d7ac2e0d83b57bb02a1e88fc2dd63beb72b194878704c095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:03:58 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311201087
Last-Modified: Fri, 15 Mar 2024 07:36:13 GMT
Server: openresty
ETag: "65f3fa6d-25aa2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 154274
Expires: Mon, 29 Apr 2024 07:40:14 GMT

GET
H/1.1 200
OK 96.gif
www.gggttt888.com/ Frame 0777 266 KB
266 KB 1386ms
135ms Image
image/gif 149.104.32.243
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gggttt888.com/96.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

149.104.32.243 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx/onex /

Resource Hash

7e6a8c633bcc65aff1d931ecae80b99d3a3e4323387a96c13ec959c6fcfe791a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-One-Cache: HIT
Date: Mon, 01 Apr 2024 09:03:58 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 23 Feb 2024 07:15:45 GMT
Server: nginx/onex
ETag: "65d84621-426d8"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 272088
Expires: Sun, 28 Apr 2024 07:16:18 GMT

GET
H/1.1 200
OK 7bw50-1.gif
www.8122888tp.com/ Frame 0777 161 KB
161 KB 1372ms
130ms Image
image/gif 107.148.194.12
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.8122888tp.com/7bw50-1.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.12 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 7f20f879aa61a695f2ead08efc741e3749e4866926f11ce930505b1d9f4d6b34

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:03:58 GMT
Via: s202310298740
Last-Modified: Mon, 05 Feb 2024 10:00:55 GMT
Server: openresty
ETag: "65c0b1d7-283d6"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164822
Expires: Tue, 09 Apr 2024 18:32:02 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame 0777 300 KB
301 KB 2954ms
213ms Image
image/gif 38.145.218.136
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.145.218.136 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 136.218-145-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:00 GMT
Via: 294097.47935.sys.ipv4.io
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 307646
Expires: Fri, 26 Apr 2024 16:13:05 GMT

GET
H/1.1 200
OK 750-50.gif
www.7859888tp.com/ Frame 0777 184 KB
184 KB 1239ms
159ms Image
image/gif 142.4.127.78
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.7859888tp.com/750-50.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.127.78 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: aeb12ddd33057f62b5b58d203d40947ddc711feefa77c62e0998ecb5b61b69bc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:03:58 GMT
Via: s202311058517
Last-Modified: Mon, 05 Feb 2024 06:59:03 GMT
Server: openresty
ETag: "65c08737-2de40"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187968
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H/1.1 200
OK 8yustaoza.gif
5698tp.com/tp/ Frame 0777 193 KB
193 KB 1154ms
214ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/8yustaoza.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:03:59 GMT
Via: s202311127594
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 197728
Expires: Tue, 09 Apr 2024 18:31:16 GMT

GET
H3 200 712x45
imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/ Frame 0777 560 KB
561 KB 572ms
248ms Image
image/gif 104.18.2.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/712x45

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.2.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6827fad733b3b1ae8c84f554c4cdcfafcf5d80f9e81886f587390eac72cbf5a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=18+928 c=0+0 v=2024.3.2 l=573906
date: Mon, 01 Apr 2024 09:03:58 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 573906
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cf4eIMro_COxK4V4wILx0bOPfM4ZE98CIV-dmMU-nGDQ"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported", cf-images 299 "original is 5452B smaller"
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 86d768b94e99875b-MIA
priority: u=1;i=?0,cf-chb=(782;u=3;i=?0 1953;u=3;i=?0 15722;u=5;i=?0)

GET
H/1.1 200
OK 960x60.gif
9216tp.com/7780/ Frame 0777 225 KB
225 KB 1646ms
140ms Image
image/gif 107.148.195.241
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp.com/7780/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.195.241 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 93c462ff86304122941c8587eddf51f3dd58f84b7660e6df58d4432768a9881b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:00 GMT
Via: 107.148.195.240
Last-Modified: Wed, 20 Mar 2024 06:33:13 GMT
Server: openresty
ETag: "65fa8329-382ee"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 230126
Expires: Tue, 30 Apr 2024 13:59:50 GMT

GET
H3 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame 0777 665 KB
666 KB 440ms
170ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:58 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 126053
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Arwa3jW6pGGZSoW0vFZleUqGa02%2FI%2FeEhLq2%2FXrZTvyal5gZR0ldYseVL4ch8unmPfRktDWtG9MixNBDfJZMADgOzMOIwGEjNl2GHkZD%2BzhPjKBgKTUckZtjSQTdNtSLeAJ4H%2BO8Fv%2FfvqsTyi5lAwwmN58f"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768b91ae15c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Mar 2024 04:06:19 GMT

GET
H/1.1 200
OK 960x601.gif
5698tp.com/tp/ Frame 0777 177 KB
177 KB 628ms
207ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/960x601.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:03:59 GMT
Via: s202311127594
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181320
Expires: Tue, 09 Apr 2024 18:31:17 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame 0777 405 KB
405 KB 1171ms
165ms Image
image/gif 137.175.69.133
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c8932888tp.com/tp/bht60.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

137.175.69.133 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

01fba89e81cfb0d43eb6493527805b3c3f27542c84e01a1248d8b86a7a2ce6c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:00 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311265259
Last-Modified: Sat, 23 Mar 2024 08:29:47 GMT
Server: openresty
ETag: "65fe92fb-65464"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 414820
Expires: Mon, 22 Apr 2024 08:32:11 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame 0777 375 KB
376 KB 1303ms
127ms Image
image/gif 198.2.209.177
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.209.177 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:00 GMT
Via: s202311201973
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 384496
Expires: Tue, 09 Apr 2024 18:31:19 GMT

GET e20212307abf2gg1234kj.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame 0777 0
0

GET 999656bd7cb3cgg1233.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame 0777 0
0

GET
H2 200 kj.js Show response
z54y-6yqs.semerudiscovery.com/yjjy/ Frame 0777 5 KB
2 KB 181ms
148ms Script
application/javascript 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/kj.js

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

618e8d0e1af3c701b02c897b1353c8c026a785e97eb4f76647342a1c98e32d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/yjjy/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 03 Mar 2024 05:06:51 GMT
server: nginx
etag: W/"65e4056b-14cc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 01 Apr 2024 21:03:56 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/jnc2023/ Frame 0777 842 KB
844 KB 205ms
50ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 16 Mar 2024 07:20:45 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 1388593
x-cache: Hit from cloudfront
content-length: 862690
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:24:07 GMT
server: nginx
etag: "6502fb67-d29e2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: qGS5rO1qyi34tnpqqfOcd1m463V2lsuvVrPypuXYuumx4TOJnfjKOQ==
expires: Mon, 15 Apr 2024 07:20:45 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame 0777 156 KB
156 KB 1153ms
179ms Image
image/gif 192.74.245.123
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.245.123 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 375df959b600f852811683d290fa3cb6e90cedf389ff9cb277b804ff5f68b4dd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:00 GMT
Via: 192.74.245.115
Last-Modified: Wed, 20 Mar 2024 04:31:54 GMT
Server: openresty
ETag: "65fa66ba-26fbf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 159679
Expires: Fri, 19 Apr 2024 04:32:48 GMT

GET
H2 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame 0777 50 KB
50 KB 872ms
39ms Image
image/gif 2606:4700:3038::6815:eaea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899929
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Tue, 27 Feb 2024 19:31:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r7GEKyetwFPcFmx889pxFzNBsBkfUiaPzNRPWlKW5GwbekmPM4NOfNmjL7feOcBMr78JHIOZGVO70nKzjJPyPWBYnlaiK2PalFy0KmTioPlsrRCRR4HmYwbiDXssIQOVWQ3Prc36"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86d768c28e314c02-MIA
expires: Wed, 26 Feb 2025 19:31:51 GMT

GET
H2 200 lhgg.gif
tutu.facaiimage.com/ Frame 0777 17 KB
17 KB 684ms
161ms Image
image/gif 199.180.100.129
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tutu.facaiimage.com/lhgg.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.180.100.129 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

nginx /

Resource Hash

38a61d4dc9225e1e5238802b7ad3ce36952ededf39b0ce6509a3a210555bc42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:00 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23 Jan 2024 11:58:12 GMT
server: nginx
etag: "65afa9d4-4345"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17221
expires: Wed, 01 May 2024 09:04:00 GMT

GET
H3

200

b7d02236465fda64.gif
img10.chkaja.com/files/20240119/ Frame 0777
Redirect Chain

https://img.chkaja.com/b7d02236465fda64.gif
https://img10.chkaja.com/files/20240119/b7d02236465fda64.gif

21 KB
22 KB

90ms
87ms

Image
image/gif

104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img10.chkaja.com/files/20240119/b7d02236465fda64.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Server

104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37819646264a5a312285098c6f10efd89b050abc62f4faad27888fb001855fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://z54y-6yqs.semerudiscovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Apr 2024 09:04:01 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2720624
alt-svc: h3=":443"; ma=86400
content-length: 21692
last-modified: Fri, 19 Jan 2024 02:53:47 GMT
server: cloudflare
etag: "65a9e43b-54bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x446s5ZUu8KxIw050r4uyl3vw61T9aU%2BevuZU5k1vLB80j1ogxS4xknTe%2Bo%2FIAX2X%2F5myZhmAYeaBeh8T7VOQCTuQsEyVTPPtm%2FJaWWIp9QmqDmsabtkATB3VIi40E%2F4HoMg"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86d768cc2f3e8e02-MIA
priority: u=1,i
expires: Fri, 28 Feb 2025 21:20:17 GMT

Redirect headers

date: Mon, 01 Apr 2024 09:03:59 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 116
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3eg8PLGyRnRbc1pB4s1K%2FPgWVx9q0MKHgnBinCZaJ4wQ%2FW1c5JMv1eENoZv8RuXgGWBvIm2mqtJPxMFky08O%2FGe0QcrhJmsINzv3vkLy16DT8AtuuBzjSXfE7nVv47WNdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://img10.chkaja.com/files/20240119/b7d02236465fda64.gif
cf-ray: 86d768bf7c5809f2-MIA
alt-svc: h3=":443"; ma=86400
priority: u=3,i

GET
H3 200 75070.gif
img.ooo-09.ltd/facaile/ Frame 0777 555 KB
555 KB 506ms
50ms Image
image/gif 172.67.178.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ooo-09.ltd/facaile/75070.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:00 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 418902
alt-svc: h3=":443"; ma=86400
content-length: 568016
last-modified: Wed, 06 Mar 2024 07:50:29 GMT
server: cloudflare
etag: "65e82045-8aad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I5vaNcuhTMCIof0mNxYDPTEXD1Dw2zl0kdk8XZPdDZMvlKKQDJUuB71LmVcGCVYDbQg6IIg5Gc9aLlJ8dwtNXviTrS68gLWVyaisEhBNeq%2BiWVJW3ePDCyCzNJX%2FFMggiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86d768c27f632604-MIA
expires: Fri, 26 Apr 2024 12:00:59 GMT

GET
H2 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame 0777 49 KB
49 KB 102ms
38ms Image
image/gif 2606:4700:3038::6815:eaea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2903789
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Tue, 27 Feb 2024 18:27:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8LiQ8jSmLq8ozdCBdfx90DfY1qryivIyzwpbcnAJnwjpknoRNp1QgBFtc7sP8r49FC8cBdxDkmQA7zi0OPzCODlLE6XPJkhfFOpCp3FDaNq0oulgLfm7SsS6FnUUA4CfMb6GR71j"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86d768c3deb74c02-MIA
expires: Wed, 26 Feb 2025 18:27:31 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/yh2023/ Frame 0777 452 KB
453 KB 136ms
73ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7c2e91e0c01dedc90326bb79e88f933ddec44c0404cdb8975500eb206bba4dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 24 Mar 2024 10:12:52 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 687068
x-cache: Hit from cloudfront
content-length: 463187
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jan 2024 09:55:23 GMT
server: nginx
etag: "65b0de8b-71153"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: JgoAjuVL9KxDa2Y4bWEKPW_dqpRH7MMtsueFDBNQpd66lSVs4QJsNw==
expires: Tue, 23 Apr 2024 10:12:52 GMT

GET
H3 200 712x45.gif
v.tu05v46466.ltd/40/ Frame 0777 247 KB
247 KB 212ms
49ms Image
image/gif 172.67.199.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.tu05v46466.ltd/40/712x45.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.199.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:00 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 22 Mar 2024 06:55:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 862417
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2ByuOGXChrmLDKX6juG16erZTrS01c1J5AVe9vNU9ZePceM8ddWoZWzuJM%2FlsWWB6hPSMoTr8VHBJz1NmWCLLhV7F%2BjYedzRDauJUszsBFFyo9v2ZeH126hvq%2BU7ZR%2BnrKlEC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768c489bd3364-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Apr 2024 06:55:59 GMT

GET
H3 200 774afe8d94db5abe.gif
img10.chkaja.com/files/20240122/ Frame 0777 22 KB
23 KB 97ms
50ms Image
image/gif 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img10.chkaja.com/files/20240122/774afe8d94db5abe.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c95eb8a826fb9a101d03b69f2cd6abd2dd58e3298771f9274eabfee620ee7002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:00 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1594568
alt-svc: h3=":443"; ma=86400
content-length: 22622
last-modified: Mon, 22 Jan 2024 13:46:47 GMT
server: cloudflare
etag: "65ae71c7-585e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SuwqxofxEWzXQZnL5yXtmKdDddTKW6bsEKxmW5VzB%2BluT1OwjKuhanZUxl6FEFYNLM57zJN4ekWGuDACQOfXnY8f%2F1PJgZt05GBk8j0z4hgnpYGCFod74wGupkDPgMOpDgNN"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86d768c3ccfe8e02-MIA
priority: u=3,i
expires: Thu, 13 Mar 2025 22:07:52 GMT

GET
H3 200 /
images.weserv.nl/ Frame 0777 64 KB
65 KB 373ms
220ms Image
image/jpeg 104.21.234.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://tk2.xinchangcheng.net:4949/col/92/tbss.jpg

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.187 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07f1155d221c173368f9664a6f9b5694327020f336f8e9d2db4bbeae6d3f9d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-images-api: 5
date: Mon, 01 Apr 2024 09:04:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28069
x-cache-status: EXPIRED
x-upstream-response-length: 85283
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400
content-length: 65857
last-modified: Sun, 31 Mar 2024 15:19:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pGHIEiJutCT4MkkH8Y2IZxOusBnZXZo4qlwtYSLs8%2FA8tPPCR3VDhaKUTMZJIOUfSSHarST%2Fx%2BgrssMQpprGpYQlWWYCVBZ6nsZF7lweP752VpymsslDW7jhal8V%2FpGlllAA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://tk2.xinchangcheng.net:4949/col/92/tbss.jpg>; rel="canonical"
cf-ray: 86d768c4ce985c7b-MIA
expires: Mon, 31 Mar 2025 15:19:49 GMT

GET
H3 200 /
images.weserv.nl/ Frame 0777 142 KB
142 KB 193ms
46ms Image
image/jpeg 104.21.234.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://tk2.xinchangcheng.net:4949/col/92/d25.jpg

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.187 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c45b2b4feb9fee119048ed9262fe42e7633ed8dbc19442e1cef173afd41b33bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-images-api: 5
date: Mon, 01 Apr 2024 09:04:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28069
x-cache-status: EXPIRED
x-upstream-response-length: 169890
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400
content-length: 145038
last-modified: Sun, 31 Mar 2024 14:20:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aZngiIC96sUXbt3xaclsH8V8ru0aOtDWC0SMiUHO3y5S3s1FkoB8T6rtZFILyUiQRD7CcIuT3HBcoaLI9hB0TNtJ8GpJh%2BYZMadReaRm49i82wrezupKXFb%2Bb%2Fv%2FPgpJv6W8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://tk2.xinchangcheng.net:4949/col/92/d25.jpg>; rel="canonical"
cf-ray: 86d768c4ce975c7b-MIA
expires: Mon, 31 Mar 2025 14:20:22 GMT

GET
H2 200 style.css
z54y-6yqs.semerudiscovery.com/yjjy/images/ Frame 0777 13 KB
3 KB 278ms
17ms Stylesheet
text/css 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/images/style.css

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/images/sty1e.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

0e5657cc2ec3ecac3778320c237fddff1088d196dd598f11cef88d7af6ba9d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/yjjy/images/sty1e.css
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 07:37:04 GMT
server: nginx
etag: W/"63e9e8a0-33e8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 01 Apr 2024 21:03:56 GMT

GET
H3 200 7e6200fc2c83a2d7.png
img10.chkaja.com/files/20240131/ 30 KB
30 KB 265ms
143ms Image
image/png 104.21.235.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img10.chkaja.com/files/20240131/7e6200fc2c83a2d7.png

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab2cd080a261ee4c75d7677666efcbd3496ab2e3d3595122ff3b98dc9e51cdd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:03:56 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899925
alt-svc: h3=":443"; ma=86400
content-length: 30346
last-modified: Wed, 31 Jan 2024 07:58:56 GMT
server: cloudflare
etag: "65b9fdc0-768a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WWCrp8MmLWJ81fjMKeKFU%2FowcEPn9kv5HxceYS8LQ8Q13%2FHZYAXSsIRauZUal0KnRvXNFLvtwdQsJ6OrF%2B2PycHdQVr4YCcdrc8zhGqyNMWNn%2BBL9HKtogEZOZNCx4ap6MGB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86d768acbe9c8e02-MIA
priority: u=3,i
expires: Wed, 26 Feb 2025 19:31:51 GMT

GET
H2 200 02949.html
ztwyqsgdh.dglietou.com/ambm/ Frame 2320 0
0 133ms
63ms Document
text/html 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/02949.html

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/kj.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://z54y-6yqs.semerudiscovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html
date: Mon, 01 Apr 2024 09:03:57 GMT
etag: W/"65f9615a-13b8"
expires: Wed, 01 May 2024 09:03:57 GMT
last-modified: Tue, 19 Mar 2024 09:56:42 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 bc.htm Show response
z54y-6yqs.semerudiscovery.com/yjjy/ Frame 9DAF 10 KB
3 KB 167ms
60ms Document
text/html 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

e1f74045632ee290caf59fb945c1dbd1ef7431e05863c71c4ea05c3800654d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://z54y-6yqs.semerudiscovery.com/yjjy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 01 Apr 2024 09:03:57 GMT
etag: W/"660a6b82-2735"
last-modified: Mon, 01 Apr 2024 08:08:34 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 bc.htm Show response
z54y-6yqs.semerudiscovery.com/yjjy/ Frame F9D3 10 KB
3 KB 145ms
61ms Document
text/html 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

e1f74045632ee290caf59fb945c1dbd1ef7431e05863c71c4ea05c3800654d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://z54y-6yqs.semerudiscovery.com/yjjy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 01 Apr 2024 09:03:57 GMT
etag: W/"660a6b82-2735"
last-modified: Mon, 01 Apr 2024 08:08:34 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 bc.htm Show response
z54y-6yqs.semerudiscovery.com/yjjy/ Frame C219 10 KB
3 KB 80ms
73ms Document
text/html 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

e1f74045632ee290caf59fb945c1dbd1ef7431e05863c71c4ea05c3800654d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://z54y-6yqs.semerudiscovery.com/yjjy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 01 Apr 2024 09:04:02 GMT
etag: W/"660a6b82-2735"
last-modified: Mon, 01 Apr 2024 08:08:34 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 sx.htm Show response
z54y-6yqs.semerudiscovery.com/yjjy/ Frame 7491 24 KB
6 KB 84ms
78ms Document
text/html 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://z54y-6yqs.semerudiscovery.com/yjjy/sx.htm

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

4cdf356ad9f1f5001648aeb99e27f0f78109625b2bf83910e387822c1c024186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://z54y-6yqs.semerudiscovery.com/yjjy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 01 Apr 2024 09:04:02 GMT
etag: W/"65c74864-5ed3"
last-modified: Sat, 10 Feb 2024 09:56:52 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H/1.1 200
OK 712x45.gif
9831tc.com/tp/ Frame 9DAF 254 KB
255 KB 129ms
128ms Image
image/gif 192.74.227.226
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9831tc.com/tp/712x45.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.227.226 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 2c38ff94e9acc4d3c3e7c23f8b3e77928735ccb963b7852845c1897e1cb8397f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:02 GMT
Via: s202311034054
Last-Modified: Sun, 31 Mar 2024 08:17:33 GMT
Server: openresty
ETag: "66091c1d-3f9f2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 260594
Expires: Tue, 30 Apr 2024 08:19:59 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame 9DAF 223 KB
224 KB 155ms
155ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pjkbv034cbdft6qwd.com/0343.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.204.238.227 , United States, ASN33387 (NOCIX, US),

Reverse DNS

Software

nginx /

Resource Hash

0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Wed, 01 May 2024 09:04:02 GMT

GET
H3 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame 9DAF 282 KB
283 KB 66ms
64ms Image
image/gif 172.67.155.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.155.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 854457
alt-svc: h3=":443"; ma=86400
content-length: 289258
last-modified: Wed, 31 Jan 2024 16:12:40 GMT
server: cloudflare
etag: "65ba7178-469ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aJtzxL%2Bt0fA%2BmHXwGTmTgpCwU3WZgBZ8zA1LSLj%2B3H2BuRPTshkYYNrpbgoYPw4rAK5%2F5odxMlgpdleWmlmras7GhFdmh8XkWasrUIEEu2kM9D8KYcdiKUdlHytOX4%2F20p2FxXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86d768cedc0d3359-MIA
expires: Wed, 10 Apr 2024 16:18:33 GMT

GET
H/1.1 200
OK 712x45.gif
c7575tp.com/tp/ Frame 9DAF 151 KB
151 KB 121ms
119ms Image
image/gif 198.2.204.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c7575tp.com/tp/712x45.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.2.204.100 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

0414a80b05b71cf0d7ac2e0d83b57bb02a1e88fc2dd63beb72b194878704c095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:02 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311201087
Last-Modified: Fri, 15 Mar 2024 07:36:13 GMT
Server: openresty
ETag: "65f3fa6d-25aa2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 154274
Expires: Mon, 29 Apr 2024 07:40:14 GMT

GET
H/1.1 200
OK 7bw50-1.gif
www.8122888tp.com/ Frame 9DAF 161 KB
161 KB 121ms
119ms Image
image/gif 107.148.194.12
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.8122888tp.com/7bw50-1.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.12 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 7f20f879aa61a695f2ead08efc741e3749e4866926f11ce930505b1d9f4d6b34

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:02 GMT
Via: s202310298740
Last-Modified: Mon, 05 Feb 2024 10:00:55 GMT
Server: openresty
ETag: "65c0b1d7-283d6"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164822
Expires: Tue, 09 Apr 2024 18:32:02 GMT

GET
H/1.1 200
OK 750-50.gif
www.7859888tp.com/ Frame 9DAF 184 KB
184 KB 119ms
118ms Image
image/gif 142.4.127.78
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.7859888tp.com/750-50.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.127.78 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: aeb12ddd33057f62b5b58d203d40947ddc711feefa77c62e0998ecb5b61b69bc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:02 GMT
Via: s202311058517
Last-Modified: Mon, 05 Feb 2024 06:59:03 GMT
Server: openresty
ETag: "65c08737-2de40"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187968
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/mt2023/ Frame 9DAF 439 KB
440 KB 77ms
76ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 02 Mar 2024 10:58:35 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 2585127
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:26 GMT
server: nginx
etag: "65843a32-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: i_Pp6XZS1B_HBLape028IakZnbXQKS9sthpfQTWNpr0tRgXvD6tWAg==
expires: Mon, 01 Apr 2024 10:58:35 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/jnc2023/ Frame 9DAF 842 KB
844 KB 262ms
260ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 16 Mar 2024 07:20:45 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 1388596
x-cache: Hit from cloudfront
content-length: 862690
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:24:07 GMT
server: nginx
etag: "6502fb67-d29e2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: vsalJ2tmrx6zUcXZpUlU7cLOFiiXrtRAF6fRHAIQbVfquW0DcuVdlw==
expires: Mon, 15 Apr 2024 07:20:45 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame 9DAF 300 KB
301 KB 200ms
198ms Image
image/gif 38.145.218.136
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.145.218.136 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 136.218-145-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:02 GMT
Via: 294097.47935.sys.ipv4.io
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 307646
Expires: Fri, 26 Apr 2024 16:13:05 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/yh2023/ Frame 9DAF 452 KB
453 KB 289ms
287ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7c2e91e0c01dedc90326bb79e88f933ddec44c0404cdb8975500eb206bba4dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 24 Mar 2024 10:12:52 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 687070
x-cache: Hit from cloudfront
content-length: 463187
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jan 2024 09:55:23 GMT
server: nginx
etag: "65b0de8b-71153"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: J5BzIxoMLafBX0iFLjixW0c6g0awqisk4_S1XCbcoW30oWL8ERdaew==
expires: Tue, 23 Apr 2024 10:12:52 GMT

GET
H/1.1 200
OK 960x60.gif
9216tp.com/7780/ Frame 9DAF 225 KB
225 KB 168ms
167ms Image
image/gif 107.148.195.241
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp.com/7780/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.195.241 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 93c462ff86304122941c8587eddf51f3dd58f84b7660e6df58d4432768a9881b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:02 GMT
Via: 107.148.195.240
Last-Modified: Wed, 20 Mar 2024 06:33:13 GMT
Server: openresty
ETag: "65fa8329-382ee"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 230126
Expires: Tue, 30 Apr 2024 13:59:50 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame 9DAF 405 KB
405 KB 107ms
106ms Image
image/gif 137.175.69.133
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c8932888tp.com/tp/bht60.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

137.175.69.133 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

01fba89e81cfb0d43eb6493527805b3c3f27542c84e01a1248d8b86a7a2ce6c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:02 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311265259
Last-Modified: Sat, 23 Mar 2024 08:29:47 GMT
Server: openresty
ETag: "65fe92fb-65464"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 414820
Expires: Mon, 22 Apr 2024 08:32:11 GMT

GET
H/1.1 200
OK 960x60.gif
9323tp.cc/tp/ Frame 9DAF 148 KB
148 KB 175ms
147ms Image
image/gif 192.74.232.140
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tp.cc/tp/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.232.140 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: dc275b7fde01a28c190c792ec1d1e3fe80972043854c0a4d231e23a6069f2583

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:02 GMT
Via: s202311041118
Last-Modified: Fri, 08 Mar 2024 04:43:09 GMT
Server: openresty
ETag: "65ea975d-24fca"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 151498
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H3 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame 9DAF 662 KB
663 KB 89ms
58ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 13:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301804
etag: "6569e283-a5894"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qr17djuc8ebkx8N4mU%2BrxUTdCuc16Chdm6OXOicBVbJ15OVYptRKqD6lHARbBjjmOVArEepPp7rONShdwpYfHy1q99r6cg9CXlvhBjxkQvBhy3Oq5Prdy%2FFNIWtwGxsKLz7uqGCOUd2AATmUzPQ%2Ba%2BAwG%2Big"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768cf3f7f5c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H2 200 lhgg.gif
tutu.facaiimage.com/ Frame 9DAF 17 KB
17 KB 438ms
392ms Image
image/gif 199.180.100.129
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tutu.facaiimage.com/lhgg.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.180.100.129 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

nginx /

Resource Hash

38a61d4dc9225e1e5238802b7ad3ce36952ededf39b0ce6509a3a210555bc42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23 Jan 2024 11:58:12 GMT
server: nginx
etag: "65afa9d4-4345"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17221
expires: Wed, 01 May 2024 09:04:02 GMT

GET
H3 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame 9DAF 810 KB
811 KB 1071ms
1041ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 12:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301804
etag: "658d6b0d-ca80e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fmXCvR%2BuImNUUWo1vG3rjGAb7SfN2fSxNHdNtsIUI1jsQ1Q9IKb%2F7yMYE01XaDd5IWM%2BRXxVY%2FMcG%2FoeuUs6mVDP6qsTgomU%2BIU6wKzBFp%2BvYJQmAHfqeaJyenpguD64%2BTwzm%2FDEux4ZAF2%2FlWHsBZJjxhnE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768cf3f805c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H/1.1 200
OK 96.gif
www.gggttt888.com/ Frame 9DAF 266 KB
266 KB 229ms
198ms Image
image/gif 149.104.32.243
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gggttt888.com/96.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

149.104.32.243 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx/onex /

Resource Hash

7e6a8c633bcc65aff1d931ecae80b99d3a3e4323387a96c13ec959c6fcfe791a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-One-Cache: HIT
Date: Mon, 01 Apr 2024 09:04:02 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 23 Feb 2024 07:15:45 GMT
Server: nginx/onex
ETag: "65d84621-426d8"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 272088
Expires: Sun, 28 Apr 2024 07:16:18 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame 9DAF 272 KB
272 KB 221ms
189ms Image
image/gif 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899926
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jp14npsR0cmC1Y%2FKf%2BfnRU3%2Bet2yeUSJzJgiqqu%2BPAadmGNMoOjAQhnT3ye6etOK3vh8KMlU2r1T65t9Oj22JA3Y%2FrrM1085weYRrxqT6I3HUHxLBtkE%2B%2FYjweSVCCT2bpNj"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86d768cf4fa709f2-MIA
priority: u=3,i
expires: Wed, 26 Feb 2025 19:31:55 GMT

GET
H/1.1 200
OK 960x601.gif
5698tp.com/tp/ Frame 9DAF 177 KB
177 KB 253ms
221ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/960x601.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:02 GMT
Via: s202311127594
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181320
Expires: Tue, 09 Apr 2024 18:31:17 GMT

GET
H3 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame 9DAF 50 KB
50 KB 2194ms
2162ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899931
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Tue, 27 Feb 2024 19:31:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YZUyeUFyp1NNnwBykanz%2F%2BcsvGBtfP4qouSkS9ykSVkr108vJHOeEmG6Cm5hUzqnG1hB2jG%2FefqCge%2BhVwTb%2FUW3o0EXqkV6fWc4YS0BH8OiVCUx5APRgYFP"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86d768cf4a860a2a-MIA
expires: Wed, 26 Feb 2025 19:31:51 GMT

GET
H3 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame 9DAF 665 KB
666 KB 1929ms
1897ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 126057
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LkVmU9RKVeLWqu%2FJdHIF1nZmiAr1%2BOJgbGiF6Y4NfG%2FSZf1HINpiCLvg8qZeWY9Pq7soGq3C8JRq0t7V%2FwxHFKV1kwHnZWOVF7fnHWGw0ZZGi4o0RAOHJ%2FvOKVnWTx8qXOFbMI3ZtcYN7FdcEd73M0xi3ZSO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768cf4f845c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Mar 2024 04:06:19 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame 9DAF 375 KB
376 KB 253ms
220ms Image
image/gif 198.2.209.177
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.209.177 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:02 GMT
Via: s202311201973
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 384496
Expires: Tue, 09 Apr 2024 18:31:19 GMT

GET
H/1.1 200
OK 8yustaoza.gif
5698tp.com/tp/ Frame 9DAF 193 KB
193 KB 170ms
117ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/8yustaoza.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311127594
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 197728
Expires: Tue, 09 Apr 2024 18:31:16 GMT

GET
H3 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame 9DAF 49 KB
49 KB 2426ms
2393ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2903791
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Tue, 27 Feb 2024 18:27:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMM3tiRAmWn6M1kJuBNPh3hOBAf2%2BoJ9PFK8NUSYVvBnL18KuyQiFEyzg1baeT0wEim4XOeQHo4WncXr5ZYKBZ0%2BvjHdleaK7FXonIftlGl3QbeU6Sve3veV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86d768cf4a870a2a-MIA
expires: Wed, 26 Feb 2025 18:27:31 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame 9DAF 156 KB
156 KB 192ms
109ms Image
image/gif 192.74.245.123
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.245.123 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 375df959b600f852811683d290fa3cb6e90cedf389ff9cb277b804ff5f68b4dd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: 192.74.245.115
Last-Modified: Wed, 20 Mar 2024 04:31:54 GMT
Server: openresty
ETag: "65fa66ba-26fbf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 159679
Expires: Fri, 19 Apr 2024 04:32:48 GMT

GET e20212307abf2gg1234kj.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame 9DAF 0
0

GET 999656bd7cb3cgg1233.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame 9DAF 0
0

GET
H3 200 75070.gif
img.ooo-09.ltd/facaile/ Frame 9DAF 555 KB
555 KB 211ms
182ms Image
image/gif 172.67.178.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ooo-09.ltd/facaile/75070.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 418904
alt-svc: h3=":443"; ma=86400
content-length: 568016
last-modified: Wed, 06 Mar 2024 07:50:29 GMT
server: cloudflare
etag: "65e82045-8aad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YgUPFJRxbQ837%2B7LmRB8LdvECpSwCURSwQZKR7n3jOjbEFP3qrAQuJnMWYDqVgTo5AQR6grS90QEoYPXYLzKnzg2KQG%2B5KBCayYsvvGDjNP7OW4PRLdi7%2FIfG3lGSnyFxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86d768cf4db92604-MIA
expires: Fri, 26 Apr 2024 12:00:59 GMT

GET
H3 200 712x45.gif
v.tu05v46466.ltd/40/ Frame 9DAF 247 KB
247 KB 84ms
55ms Image
image/gif 172.67.199.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.tu05v46466.ltd/40/712x45.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.199.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 22 Mar 2024 06:55:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 862419
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hy0YcNmQfm8lJef6ONeTob14dxZDG5hnMZ66Us1O5P%2FYknwiNI%2FSA5aaNJkz04ELPcrYHOBi%2FsEFl%2B669oCzvAF9oo%2FiKMcLGyt%2F6bwy8tLLhxv9k50ZwbzBTPl80giyRe%2FQ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768cf4fe33364-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Apr 2024 06:55:59 GMT

GET
H3 200 712x45
imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/ Frame 9DAF 560 KB
561 KB 92ms
64ms Image
image/gif 104.18.2.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/712x45

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.2.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6827fad733b3b1ae8c84f554c4cdcfafcf5d80f9e81886f587390eac72cbf5a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=18+928 c=0+0 v=2024.3.2 l=573906
date: Mon, 01 Apr 2024 09:04:02 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 573906
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cf4eIMro_COxK4V4wILx0bOPfM4ZE98CIV-dmMU-nGDQ"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported", cf-images 299 "original is 5452B smaller"
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 86d768cf48bc875b-MIA
priority: u=1;i=?0,cf-chb=(782;u=3;i=?0 1953;u=3;i=?0 15722;u=5;i=?0)

GET
H/1.1 200
OK 712x45.gif
9831tc.com/tp/ Frame F9D3 254 KB
255 KB 124ms
122ms Image
image/gif 192.74.227.226
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9831tc.com/tp/712x45.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.227.226 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 2c38ff94e9acc4d3c3e7c23f8b3e77928735ccb963b7852845c1897e1cb8397f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:02 GMT
Via: s202311034054
Last-Modified: Sun, 31 Mar 2024 08:17:33 GMT
Server: openresty
ETag: "66091c1d-3f9f2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 260594
Expires: Tue, 30 Apr 2024 08:19:59 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame F9D3 223 KB
224 KB 543ms
542ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pjkbv034cbdft6qwd.com/0343.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.204.238.227 , United States, ASN33387 (NOCIX, US),

Reverse DNS

Software

nginx /

Resource Hash

0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Wed, 01 May 2024 09:04:02 GMT

GET
H3 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame F9D3 282 KB
283 KB 200ms
74ms Image
image/gif 172.67.155.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.155.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 854458
alt-svc: h3=":443"; ma=86400
content-length: 289258
last-modified: Wed, 31 Jan 2024 16:12:40 GMT
server: cloudflare
etag: "65ba7178-469ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2FbyZlJIi6il2CsnFNYDvXsXiG2dM1q0ygJTzmgFD7Wask7iaqmTVnUHVfpJFULIFrdGI3wMQkiLRLv4SziheRbk01en%2FH0IgIlO1y8coitbNCoPW0od8hs3qUQrWNgr6lkc8LY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86d768d37ee73359-MIA
expires: Wed, 10 Apr 2024 16:18:33 GMT

GET
H/1.1 200
OK 712x45.gif
c7575tp.com/tp/ Frame F9D3 151 KB
151 KB 691ms
406ms Image
image/gif 198.2.204.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c7575tp.com/tp/712x45.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.2.204.100 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

0414a80b05b71cf0d7ac2e0d83b57bb02a1e88fc2dd63beb72b194878704c095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311201087
Last-Modified: Fri, 15 Mar 2024 07:36:13 GMT
Server: openresty
ETag: "65f3fa6d-25aa2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 154274
Expires: Mon, 29 Apr 2024 07:40:14 GMT

GET
H/1.1 200
OK 7bw50-1.gif
www.8122888tp.com/ Frame F9D3 161 KB
161 KB 351ms
228ms Image
image/gif 107.148.194.12
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.8122888tp.com/7bw50-1.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.12 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 7f20f879aa61a695f2ead08efc741e3749e4866926f11ce930505b1d9f4d6b34

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202310298740
Last-Modified: Mon, 05 Feb 2024 10:00:55 GMT
Server: openresty
ETag: "65c0b1d7-283d6"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164822
Expires: Tue, 09 Apr 2024 18:32:02 GMT

GET
H/1.1 200
OK 750-50.gif
www.7859888tp.com/ Frame F9D3 184 KB
184 KB 236ms
114ms Image
image/gif 142.4.127.78
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.7859888tp.com/750-50.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.127.78 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: aeb12ddd33057f62b5b58d203d40947ddc711feefa77c62e0998ecb5b61b69bc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311058517
Last-Modified: Mon, 05 Feb 2024 06:59:03 GMT
Server: openresty
ETag: "65c08737-2de40"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187968
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/mt2023/ Frame F9D3 439 KB
440 KB 1012ms
823ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 02 Mar 2024 10:58:35 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 2585128
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:26 GMT
server: nginx
etag: "65843a32-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: vLpj1R0GKpsTM_nZeyFWZE2GYeTyr0bZ3VVxBxAYpQC2TG9mPWDsTA==
expires: Mon, 01 Apr 2024 10:58:35 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/jnc2023/ Frame F9D3 842 KB
844 KB 1026ms
838ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 16 Mar 2024 07:20:45 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 1388597
x-cache: Hit from cloudfront
content-length: 862690
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:24:07 GMT
server: nginx
etag: "6502fb67-d29e2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: Vz7UBofv7hOiZVMq1WCFVDpYLGQyIzcef8BOkZCzHfZW_RH5bwfjJw==
expires: Mon, 15 Apr 2024 07:20:45 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame F9D3 300 KB
301 KB 1047ms
244ms Image
image/gif 38.145.218.136
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.145.218.136 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 136.218-145-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: 294097.47935.sys.ipv4.io
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 307646
Expires: Fri, 26 Apr 2024 16:13:05 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/yh2023/ Frame F9D3 452 KB
453 KB 1029ms
856ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7c2e91e0c01dedc90326bb79e88f933ddec44c0404cdb8975500eb206bba4dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 24 Mar 2024 10:12:52 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 687071
x-cache: Hit from cloudfront
content-length: 463187
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jan 2024 09:55:23 GMT
server: nginx
etag: "65b0de8b-71153"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 7JODRuOnHG8i8q2XIW-YNYjmZTU-Soj1uMV5ZgcWUuY-fOedrub-CA==
expires: Tue, 23 Apr 2024 10:12:52 GMT

GET
H/1.1 200
OK 960x60.gif
9216tp.com/7780/ Frame F9D3 225 KB
225 KB 222ms
116ms Image
image/gif 107.148.195.241
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp.com/7780/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.195.241 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 93c462ff86304122941c8587eddf51f3dd58f84b7660e6df58d4432768a9881b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: 107.148.195.240
Last-Modified: Wed, 20 Mar 2024 06:33:13 GMT
Server: openresty
ETag: "65fa8329-382ee"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 230126
Expires: Tue, 30 Apr 2024 13:59:50 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame F9D3 405 KB
405 KB 220ms
115ms Image
image/gif 137.175.69.133
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c8932888tp.com/tp/bht60.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

137.175.69.133 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

01fba89e81cfb0d43eb6493527805b3c3f27542c84e01a1248d8b86a7a2ce6c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311265259
Last-Modified: Sat, 23 Mar 2024 08:29:47 GMT
Server: openresty
ETag: "65fe92fb-65464"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 414820
Expires: Mon, 22 Apr 2024 08:32:11 GMT

GET
H/1.1 200
OK 960x60.gif
9323tp.cc/tp/ Frame F9D3 148 KB
148 KB 210ms
112ms Image
image/gif 192.74.232.140
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tp.cc/tp/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.232.140 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: dc275b7fde01a28c190c792ec1d1e3fe80972043854c0a4d231e23a6069f2583

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311041118
Last-Modified: Fri, 08 Mar 2024 04:43:09 GMT
Server: openresty
ETag: "65ea975d-24fca"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 151498
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H3 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame F9D3 662 KB
663 KB 3332ms
3235ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 13:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301805
etag: "6569e283-a5894"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=91pn%2BsuRRnApe3RikuSHBPobHdcr43wmiTPFdaLRfzPSBrPEkL5h4yBfHxAFPfa0QZPu22SVeH5pX9Gizb7i2nuyKK8Q3VeUOjIYkRwktzTljMtbtTOjIKRl7kU0Ho5Pqc2yUD1SakumF65Y%2BXd%2Beu9kfRt4"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768d389cf5c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H2 200 lhgg.gif
tutu.facaiimage.com/ Frame F9D3 17 KB
17 KB 661ms
501ms Image
image/gif 199.180.100.129
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tutu.facaiimage.com/lhgg.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.180.100.129 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

nginx /

Resource Hash

38a61d4dc9225e1e5238802b7ad3ce36952ededf39b0ce6509a3a210555bc42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23 Jan 2024 11:58:12 GMT
server: nginx
etag: "65afa9d4-4345"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17221
expires: Wed, 01 May 2024 09:04:03 GMT

GET
H3 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame F9D3 810 KB
811 KB 3658ms
3557ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 12:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301805
etag: "658d6b0d-ca80e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lKGN4ywTFZ79cDSB4VefHtxNc1R9UZ9fLFE5HkodJaivSZ71pz9m2BLGqD9I5e%2Fl2Cl3R8JG1Ju482HE2Tt8Nfve39%2B8zT7wW3vhAWcb4UaVSqxpujUUZrD1J19ELUdvSj8OQIqepjTYjUYBn%2FW2SO4oueZA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768d399dc5c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H/1.1 200
OK 96.gif
www.gggttt888.com/ Frame F9D3 266 KB
266 KB 1044ms
785ms Image
image/gif 149.104.32.243
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gggttt888.com/96.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

149.104.32.243 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx/onex /

Resource Hash

7e6a8c633bcc65aff1d931ecae80b99d3a3e4323387a96c13ec959c6fcfe791a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-One-Cache: HIT
Date: Mon, 01 Apr 2024 09:04:03 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 23 Feb 2024 07:15:45 GMT
Server: nginx/onex
ETag: "65d84621-426d8"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 272088
Expires: Sun, 28 Apr 2024 07:16:18 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame F9D3 272 KB
272 KB 264ms
163ms Image
image/gif 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899927
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j6itMTzaRvBHqVequ8eUvehY1Y5DNhErkX%2FkYXLmK4UV%2B1NoE32HhEX5AnrIDdW6uo28zcQs7L%2ByTownBmivJrIXcI%2BCmXKUP92tDYCUZrRamr5Gx34G846lc9N0nGw3pPsn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86d768d3997f09f2-MIA
priority: u=3,i
expires: Wed, 26 Feb 2025 19:31:55 GMT

GET
H/1.1 200
OK 960x601.gif
5698tp.com/tp/ Frame F9D3 177 KB
177 KB 347ms
246ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/960x601.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311127594
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181320
Expires: Tue, 09 Apr 2024 18:31:17 GMT

GET
H3 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame F9D3 50 KB
50 KB 2448ms
2348ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899932
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Tue, 27 Feb 2024 19:31:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YRG36A9kK2q00Pr5Nu2HPjbpgGxefFrmUZQd1eTqAzFxn7IB%2F3brkYRHiwXVEedbJwBJNxejo5WexRsC3tOM5t3VixgQD4hinfpTITL61US8oySpRR5hWzOE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86d768d39c600a2a-MIA
expires: Wed, 26 Feb 2025 19:31:51 GMT

GET
H3 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame F9D3 665 KB
666 KB 4059ms
3963ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 126058
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rukG2Rc0Q1pJM%2BdUWnOtWdXdXRAOlKtUAZg2mWKeU0uk18CTZRW%2Fsl1CFTBqVFqWSWZMhLQXPAOQndB7B7pWOjz50hqUMwuB2ttqlPjofgH7yofSnS17GPaMp8taCrZAvGpX%2B%2BKZgX%2F%2FRsUfa7yY3026FhtY"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768d399e05c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Mar 2024 04:06:19 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame F9D3 375 KB
376 KB 460ms
208ms Image
image/gif 198.2.209.177
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.209.177 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311201973
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 384496
Expires: Tue, 09 Apr 2024 18:31:19 GMT

GET
H/1.1 200
OK 8yustaoza.gif
5698tp.com/tp/ Frame F9D3 193 KB
193 KB 167ms
117ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/8yustaoza.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311127594
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 197728
Expires: Tue, 09 Apr 2024 18:31:16 GMT

GET
H3 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame F9D3 49 KB
49 KB 2584ms
2491ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2903792
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Tue, 27 Feb 2024 18:27:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gVAKLHML3Q5MK393e4IIeQM6WKA32msrn8ypN2pJ8tPqGdkLlO%2FGbul0CRBiioIHL%2BoP12BIlhSwDesRn0UdJ%2BUEv6Y7npaETi%2FYKblTyG%2FRu1VY3WvadUsc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86d768d39c610a2a-MIA
expires: Wed, 26 Feb 2025 18:27:31 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame F9D3 156 KB
156 KB 312ms
215ms Image
image/gif 192.74.245.123
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.245.123 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 375df959b600f852811683d290fa3cb6e90cedf389ff9cb277b804ff5f68b4dd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: 192.74.245.115
Last-Modified: Wed, 20 Mar 2024 04:31:54 GMT
Server: openresty
ETag: "65fa66ba-26fbf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 159679
Expires: Fri, 19 Apr 2024 04:32:48 GMT

GET e20212307abf2gg1234kj.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame F9D3 0
0

GET 999656bd7cb3cgg1233.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame F9D3 0
0

GET
H3 200 75070.gif
img.ooo-09.ltd/facaile/ Frame F9D3 555 KB
555 KB 772ms
683ms Image
image/gif 172.67.178.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ooo-09.ltd/facaile/75070.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 418905
alt-svc: h3=":443"; ma=86400
content-length: 568016
last-modified: Wed, 06 Mar 2024 07:50:29 GMT
server: cloudflare
etag: "65e82045-8aad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qGVtPI0sVg0HrYMn%2BNJPKB7rffDZg7A6snt%2Bd9LwCuqYu73IX2pvImaq7UVtJyBtFvJSZS0wk8fKHB9wDOdoLa0IV%2B3LCFwBNbmi%2BXmyYV%2B4N0aay%2BH%2B%2FrBSHP9sUI%2FxcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86d768d3982c2604-MIA
expires: Fri, 26 Apr 2024 12:00:59 GMT

GET
H3 200 712x45.gif
v.tu05v46466.ltd/40/ Frame F9D3 247 KB
247 KB 207ms
121ms Image
image/gif 172.67.199.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.tu05v46466.ltd/40/712x45.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.199.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 22 Mar 2024 06:55:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 862420
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7y9KmnYUuModQza5CbbnTpFbx1tt8WLEuGZ78Fqsvq2wD3CDXMgvvr9FTJ3HJL7zATMKLqqLRKCCfcSUJf6ImPRSH%2FE8v55NOO5%2BXyhAdAjTYLNshanA4VuJkgRc7VYcOIq5"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768d39a993364-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Apr 2024 06:55:59 GMT

GET
H3 200 712x45
imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/ Frame F9D3 560 KB
561 KB 981ms
895ms Image
image/gif 104.18.2.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/712x45

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.2.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6827fad733b3b1ae8c84f554c4cdcfafcf5d80f9e81886f587390eac72cbf5a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=18+928 c=0+0 v=2024.3.2 l=573906
date: Mon, 01 Apr 2024 09:04:03 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 573906
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cf4eIMro_COxK4V4wILx0bOPfM4ZE98CIV-dmMU-nGDQ"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported", cf-images 299 "original is 5452B smaller"
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 86d768d39abe875b-MIA
priority: u=1;i=?0,cf-chb=(782;u=3;i=?0 1953;u=3;i=?0 15722;u=5;i=?0)

GET
H/1.1 200
OK 712x45.gif
9831tc.com/tp/ Frame C219 254 KB
255 KB 452ms
231ms Image
image/gif 192.74.227.226
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9831tc.com/tp/712x45.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.227.226 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 2c38ff94e9acc4d3c3e7c23f8b3e77928735ccb963b7852845c1897e1cb8397f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:02 GMT
Via: s202311034054
Last-Modified: Sun, 31 Mar 2024 08:17:33 GMT
Server: openresty
ETag: "66091c1d-3f9f2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 260594
Expires: Tue, 30 Apr 2024 08:19:59 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame C219 223 KB
224 KB 433ms
376ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pjkbv034cbdft6qwd.com/0343.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.204.238.227 , United States, ASN33387 (NOCIX, US),

Reverse DNS

Software

nginx /

Resource Hash

0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Wed, 01 May 2024 09:04:02 GMT

GET
H3 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame C219 282 KB
283 KB 191ms
73ms Image
image/gif 172.67.155.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.155.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 854458
alt-svc: h3=":443"; ma=86400
content-length: 289258
last-modified: Wed, 31 Jan 2024 16:12:40 GMT
server: cloudflare
etag: "65ba7178-469ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kdHA3i3Dwsx9r42hlNUl5cW41svBNkVLTyp8nZTvvRM0wBttuIdVYUdcuNCcLR0A0GjXeKMK75kA1nLvlRbQ8pITHHg4TpuexH0HO5DSbOhFgNoEGdrOmPRtxgVPj%2B5GAZ6Ko2U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86d768d748ef3359-MIA
expires: Wed, 10 Apr 2024 16:18:33 GMT

GET
H/1.1 200
OK 712x45.gif
c7575tp.com/tp/ Frame C219 151 KB
151 KB 460ms
209ms Image
image/gif 198.2.204.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c7575tp.com/tp/712x45.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.2.204.100 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

0414a80b05b71cf0d7ac2e0d83b57bb02a1e88fc2dd63beb72b194878704c095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311201087
Last-Modified: Fri, 15 Mar 2024 07:36:13 GMT
Server: openresty
ETag: "65f3fa6d-25aa2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 154274
Expires: Mon, 29 Apr 2024 07:40:14 GMT

GET
H/1.1 200
OK 7bw50-1.gif
www.8122888tp.com/ Frame C219 161 KB
161 KB 500ms
258ms Image
image/gif 107.148.194.12
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.8122888tp.com/7bw50-1.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.12 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 7f20f879aa61a695f2ead08efc741e3749e4866926f11ce930505b1d9f4d6b34

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202310298740
Last-Modified: Mon, 05 Feb 2024 10:00:55 GMT
Server: openresty
ETag: "65c0b1d7-283d6"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164822
Expires: Tue, 09 Apr 2024 18:32:02 GMT

GET
H/1.1 200
OK 750-50.gif
www.7859888tp.com/ Frame C219 184 KB
184 KB 407ms
220ms Image
image/gif 142.4.127.78
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.7859888tp.com/750-50.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.127.78 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: aeb12ddd33057f62b5b58d203d40947ddc711feefa77c62e0998ecb5b61b69bc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311058517
Last-Modified: Mon, 05 Feb 2024 06:59:03 GMT
Server: openresty
ETag: "65c08737-2de40"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187968
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/mt2023/ Frame C219 439 KB
440 KB 3205ms
3010ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 02 Mar 2024 10:58:35 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 2585128
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:26 GMT
server: nginx
etag: "65843a32-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: mpS1hm4VKtipU-FCQVuIfUMKJf4zo8399SF7elIKh4ZDPxwD3AfRmg==
expires: Mon, 01 Apr 2024 10:58:35 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/jnc2023/ Frame C219 842 KB
844 KB 3426ms
3241ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 16 Mar 2024 07:20:45 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 1388597
x-cache: Hit from cloudfront
content-length: 862690
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:24:07 GMT
server: nginx
etag: "6502fb67-d29e2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 1QsN3gIHXuUZRwYdlKE5bNWu0arLUfizgWe12kuvbzR-MvxKEHflzA==
expires: Mon, 15 Apr 2024 07:20:45 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame C219 300 KB
301 KB 382ms
198ms Image
image/gif 38.145.218.136
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.145.218.136 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 136.218-145-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: 294097.47935.sys.ipv4.io
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 307646
Expires: Fri, 26 Apr 2024 16:13:05 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/yh2023/ Frame C219 452 KB
453 KB 3820ms
3636ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7c2e91e0c01dedc90326bb79e88f933ddec44c0404cdb8975500eb206bba4dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 24 Mar 2024 10:12:52 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 687071
x-cache: Hit from cloudfront
content-length: 463187
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jan 2024 09:55:23 GMT
server: nginx
etag: "65b0de8b-71153"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: cIbL1L3IAoCOC01NiANbxmCFJR0kS0Yj8H0hZqDsLa1ePmf8Tlh31w==
expires: Tue, 23 Apr 2024 10:12:52 GMT

GET
H/1.1 200
OK 960x60.gif
9216tp.com/7780/ Frame C219 225 KB
225 KB 461ms
216ms Image
image/gif 107.148.195.241
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp.com/7780/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.195.241 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 93c462ff86304122941c8587eddf51f3dd58f84b7660e6df58d4432768a9881b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: 107.148.195.240
Last-Modified: Wed, 20 Mar 2024 06:33:13 GMT
Server: openresty
ETag: "65fa8329-382ee"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 230126
Expires: Tue, 30 Apr 2024 13:59:50 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame C219 405 KB
405 KB 454ms
216ms Image
image/gif 137.175.69.133
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c8932888tp.com/tp/bht60.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

137.175.69.133 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

01fba89e81cfb0d43eb6493527805b3c3f27542c84e01a1248d8b86a7a2ce6c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311265259
Last-Modified: Sat, 23 Mar 2024 08:29:47 GMT
Server: openresty
ETag: "65fe92fb-65464"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 414820
Expires: Mon, 22 Apr 2024 08:32:11 GMT

GET
H/1.1 200
OK 960x60.gif
9323tp.cc/tp/ Frame C219 148 KB
148 KB 552ms
130ms Image
image/gif 192.74.232.140
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tp.cc/tp/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.232.140 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: dc275b7fde01a28c190c792ec1d1e3fe80972043854c0a4d231e23a6069f2583

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Via: s202311041118
Last-Modified: Fri, 08 Mar 2024 04:43:09 GMT
Server: openresty
ETag: "65ea975d-24fca"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 151498
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H3 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame C219 662 KB
663 KB 4572ms
4458ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 13:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301805
etag: "6569e283-a5894"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bR5l%2BqRo%2Bx4HpqvckGHRhQLUmZS3rotbCWWI18Eu1mx9xzGiqXT3%2FcoRJqJnXeRkU6bt%2F2qXUKDONLTOUzyyVSOu6fj5nNpjOMbBHT4cE1ksge26vIPrgcc9znGlk4YKYC%2F6GnWeX1WZYQfqV3WEI7A4Cbpp"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768d75bdc5c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H2 200 lhgg.gif
tutu.facaiimage.com/ Frame C219 17 KB
17 KB 501ms
319ms Image
image/gif 199.180.100.129
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tutu.facaiimage.com/lhgg.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.180.100.129 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

nginx /

Resource Hash

38a61d4dc9225e1e5238802b7ad3ce36952ededf39b0ce6509a3a210555bc42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23 Jan 2024 11:58:12 GMT
server: nginx
etag: "65afa9d4-4345"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17221
expires: Wed, 01 May 2024 09:04:03 GMT

GET
H3 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame C219 810 KB
811 KB 4780ms
4667ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 12:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301805
etag: "658d6b0d-ca80e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LsiTKnAJUxWjgSVkg7UbeOHKS8tJ0l1fCdVuFT%2B%2B%2FsORiAcSAT%2FQb2T0MuZAJK%2FlCJAIYgTi0QfVOoWxbN6iCI0qMA809QhS%2FyJYleYBopCSM9o4WgNcwr1K%2FFQ8MT%2BJj5sQWXH%2FJvVb3hmZ2oI5at6ZCsVF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768d75bdd5c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H/1.1 200
OK 96.gif
www.gggttt888.com/ Frame C219 266 KB
266 KB 434ms
321ms Image
image/gif 149.104.32.243
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gggttt888.com/96.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

149.104.32.243 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx/onex /

Resource Hash

7e6a8c633bcc65aff1d931ecae80b99d3a3e4323387a96c13ec959c6fcfe791a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-One-Cache: HIT
Date: Mon, 01 Apr 2024 09:04:03 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 23 Feb 2024 07:15:45 GMT
Server: nginx/onex
ETag: "65d84621-426d8"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 272088
Expires: Sun, 28 Apr 2024 07:16:18 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame C219 272 KB
272 KB 234ms
121ms Image
image/gif 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899927
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=whUuK%2FB5nrWhXIomshAl%2BI29lix0847h0Ms6saoyrey3dQB6lDqPI3Bq1cskc7QLF4b%2Bd7ahDZ2SmySR3j76K3ER6cLvjlx6DYRJ2DNMBN8DHG1m0lz1AXgoS4%2BhGg5Joo%2Fj"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86d768d75aec09f2-MIA
priority: u=3,i
expires: Wed, 26 Feb 2025 19:31:55 GMT

GET
H/1.1 200
OK 960x601.gif
5698tp.com/tp/ Frame C219 177 KB
177 KB 441ms
329ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/960x601.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311127594
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181320
Expires: Tue, 09 Apr 2024 18:31:17 GMT

GET
H3 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame C219 50 KB
50 KB 2293ms
2180ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899932
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Tue, 27 Feb 2024 19:31:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wjGB7pdYqHrnLFMi3DIgFi6sntSeGBOo8DilRK4moA9iDXcZiqaEm0w2n9AA8DHUzLTQnNCwBIappKxVMC%2BqFx6CgPOnAQzo4xvudvoVisx5yN9PNFlhv4OC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86d768d75e5a0a2a-MIA
expires: Wed, 26 Feb 2025 19:31:51 GMT

GET
H3 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame C219 665 KB
666 KB 5008ms
4895ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 126058
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0VKfcfyuuIsmx7midbyd76lpOWe%2FwcV1%2BplMtliKp14jvshhiPsIx4WvTuZbSwhmJX8oo2T3qVCcY5JrZ842FAuus3gxuA1qZZg7zddyf2zrSdYxQjuIDYjzyvvtmi5H4rc5Cbr2NNtgWOMq5TXXRXY1ScPC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768d75bde5c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Mar 2024 04:06:19 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame C219 375 KB
376 KB 333ms
229ms Image
image/gif 198.2.209.177
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.209.177 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311201973
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 384496
Expires: Tue, 09 Apr 2024 18:31:19 GMT

GET
H/1.1 200
OK 8yustaoza.gif
5698tp.com/tp/ Frame C219 193 KB
193 KB 356ms
218ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/8yustaoza.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Via: s202311127594
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 197728
Expires: Tue, 09 Apr 2024 18:31:16 GMT

GET
H3 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame C219 49 KB
49 KB 2372ms
2260ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2903792
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Tue, 27 Feb 2024 18:27:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZXYpfe1LEP3MGTPpGy8rIqYzetAy%2FSRB312KDU3vwGL54ds6GIjyi9nuDDGYy9Vjowz8kszrZ3xV%2BLWlk13V5Qlk%2FceLseU9UWFBuMPAt0RAvscr7srQABXp"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86d768d75e5b0a2a-MIA
expires: Wed, 26 Feb 2025 18:27:31 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame C219 156 KB
156 KB 177ms
130ms Image
image/gif 192.74.245.123
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.245.123 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 375df959b600f852811683d290fa3cb6e90cedf389ff9cb277b804ff5f68b4dd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Via: 192.74.245.115
Last-Modified: Wed, 20 Mar 2024 04:31:54 GMT
Server: openresty
ETag: "65fa66ba-26fbf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 159679
Expires: Fri, 19 Apr 2024 04:32:48 GMT

GET e20212307abf2gg1234kj.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame C219 0
0

GET 999656bd7cb3cgg1233.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame C219 0
0

GET
H3 200 75070.gif
img.ooo-09.ltd/facaile/ Frame C219 555 KB
555 KB 669ms
551ms Image
image/gif 172.67.178.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ooo-09.ltd/facaile/75070.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 418905
alt-svc: h3=":443"; ma=86400
content-length: 568016
last-modified: Wed, 06 Mar 2024 07:50:29 GMT
server: cloudflare
etag: "65e82045-8aad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JsthtYZflWD6PHmaECITSo67IlFY04k9z0shbUzh%2F%2FDAHpdwgjWq34pQcP1yMK%2FloMNZtNz%2Bronbd5Sp3W6yKtZ66ufGkgvXEV%2B9VVTQhueTxtdmknYurEYG0BFJoo7IRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86d768d76a1d2604-MIA
expires: Fri, 26 Apr 2024 12:00:59 GMT

GET
H3 200 712x45.gif
v.tu05v46466.ltd/40/ Frame C219 247 KB
247 KB 252ms
155ms Image
image/gif 172.67.199.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.tu05v46466.ltd/40/712x45.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.199.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 22 Mar 2024 06:55:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 862420
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JoOxkECTx9aQoMKYbERXL2AadHS9gLIfEQAjJK%2Fi15jYUqgVc9kTg%2FSHL4L78zQlA4qXYJqHZ2bFpNfDrllCj5y7%2Bl5gPWYv%2FrM7l%2FVETu%2FkyIi9Zq4%2FJpobz8ZOjNE0WExl"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768d76ccf3364-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Apr 2024 06:55:59 GMT

GET
H3 200 712x45
imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/ Frame C219 560 KB
561 KB 1364ms
1267ms Image
image/gif 104.18.2.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/712x45

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.2.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6827fad733b3b1ae8c84f554c4cdcfafcf5d80f9e81886f587390eac72cbf5a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=18+928 c=0+0 v=2024.3.2 l=573906
date: Mon, 01 Apr 2024 09:04:03 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 573906
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cf4eIMro_COxK4V4wILx0bOPfM4ZE98CIV-dmMU-nGDQ"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported", cf-images 299 "original is 5452B smaller"
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 86d768d76c8d875b-MIA
priority: u=1;i=?0,cf-chb=(782;u=3;i=?0 1953;u=3;i=?0 15722;u=5;i=?0)

GET
H2 200 long.gif
s1x3d.mexicorecreation.com/tp/ Frame 7491 843 B
1 KB 1548ms
667ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/long.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

379b79374fd85419732e9048da588738ef21b50c15673af1160e98cf44a6fd66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:56 GMT
server: nginx
etag: "626cff00-34b"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 843
expires: Wed, 01 May 2024 09:04:04 GMT

GET
H2 200 tu.gif
s1x3d.mexicorecreation.com/tp/ Frame 7491 583 B
789 B 1547ms
666ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/tu.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

0fada6383084eea37080722a0b38e8bbb5c22b5e96c5c1a30e7132d501bebbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:19:01 GMT
server: nginx
etag: "626cff05-247"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 583
expires: Wed, 01 May 2024 09:04:04 GMT

GET
H2 200 hu.gif
s1x3d.mexicorecreation.com/tp/ Frame 7491 729 B
934 B 477ms
321ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/hu.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

a34f9448e801cbb09648b7f84b23ed4c99f350d45b388f02eb94619405d06dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:54 GMT
server: nginx
etag: "626cfefe-2d9"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 729
expires: Wed, 01 May 2024 09:04:04 GMT

GET
H2 200 niu.gif
s1x3d.mexicorecreation.com/tp/ Frame 7491 572 B
777 B 620ms
464ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/niu.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

7aba29366a261480736a289f19748f4c063cb9b1d23440b4ac77f6d797ea070f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:58 GMT
server: nginx
etag: "626cff02-23c"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 572
expires: Wed, 01 May 2024 09:04:04 GMT

GET
H2 200 shu.gif
s1x3d.mexicorecreation.com/tp/ Frame 7491 526 B
731 B 630ms
476ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/shu.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

7258ca0727e3213dcc632719b008ae0a03845e123214a881be9cf7d6ba0fa125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:19:00 GMT
server: nginx
etag: "626cff04-20e"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 526
expires: Wed, 01 May 2024 09:04:04 GMT

GET
H2 200 zhu.gif
s1x3d.mexicorecreation.com/tp/ Frame 7491 586 B
791 B 632ms
479ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/zhu.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

3021fb252ad35d85b4528031714d988ae09b0b3eb118ccf2426c56f0ba4f84ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:19:03 GMT
server: nginx
etag: "626cff07-24a"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 586
expires: Wed, 01 May 2024 09:04:04 GMT

GET
H2 200 gou.gif
s1x3d.mexicorecreation.com/tp/ Frame 7491 603 B
808 B 635ms
482ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/gou.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

5754a557446c93493bac7a65f4b3ec1e9bce67e2da63ffa61a32b174a9cc6671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:52 GMT
server: nginx
etag: "626cfefc-25b"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 603
expires: Wed, 01 May 2024 09:04:04 GMT

GET
H2 200 ji.gif
s1x3d.mexicorecreation.com/tp/ Frame 7491 753 B
958 B 637ms
484ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/ji.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

daf6d005b90cef0c3554059480c79555bcb6ec6968ee5392889fdd15dc6eb7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:55 GMT
server: nginx
etag: "626cfeff-2f1"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 753
expires: Wed, 01 May 2024 09:04:04 GMT

GET
H2 200 hou.gif
s1x3d.mexicorecreation.com/tp/ Frame 7491 777 B
982 B 637ms
485ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/hou.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

c131eeb45d5ef0c50bbd376d618ac73fc3eb31d9fa0a21398a474748091d48e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:53 GMT
server: nginx
etag: "626cfefd-309"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 777
expires: Wed, 01 May 2024 09:04:04 GMT

GET
H2 200 yang.gif
s1x3d.mexicorecreation.com/tp/ Frame 7491 641 B
846 B 638ms
486ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/yang.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

3dd447444516a3a7bb51016f53b9d5e51f5e2630382cd45e7cd7aa4f7d73210e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:19:02 GMT
server: nginx
etag: "626cff06-281"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 641
expires: Wed, 01 May 2024 09:04:04 GMT

GET
H2 200 ma.gif
s1x3d.mexicorecreation.com/tp/ Frame 7491 600 B
805 B 639ms
487ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/ma.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

c3e192e3723193ba163c47df28401d03a95b20a26cebc13cad1025f23dc9b0b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:57 GMT
server: nginx
etag: "626cff01-258"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 600
expires: Wed, 01 May 2024 09:04:04 GMT

GET
H2 200 she.gif
s1x3d.mexicorecreation.com/tp/ Frame 7491 572 B
777 B 640ms
488ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/she.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

b3c1487a4dc0bb8f182ae99cdbc7ae6d50e78fc4ae12aad752704f47cf482eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:59 GMT
server: nginx
etag: "626cff03-23c"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 572
expires: Wed, 01 May 2024 09:04:04 GMT

GET
H/1.1 200
OK 712x45.gif
9831tc.com/tp/ Frame 9DAF 254 KB
255 KB 829ms
539ms Image
image/gif 192.74.227.226
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9831tc.com/tp/712x45.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.227.226 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 2c38ff94e9acc4d3c3e7c23f8b3e77928735ccb963b7852845c1897e1cb8397f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311034054
Last-Modified: Sun, 31 Mar 2024 08:17:33 GMT
Server: openresty
ETag: "66091c1d-3f9f2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 260594
Expires: Tue, 30 Apr 2024 08:19:59 GMT

GET
H3 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame 9DAF 282 KB
283 KB 75ms
46ms Image
image/gif 172.67.155.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.155.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 854457
alt-svc: h3=":443"; ma=86400
content-length: 289258
last-modified: Wed, 31 Jan 2024 16:12:40 GMT
server: cloudflare
etag: "65ba7178-469ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Aw4aYi7kRJSKzN7JvZ4QKXZ8TobNkEMUWyqrfQfeyxaChUbqolWsK8P6LpROjMQgWvNdL9KqVak4a5O2bEEwGPjWYF4ZRp2tAcTSMTB8zgXRmHbEMTkSsiqRYXXFEMmUngR2CQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86d768d05cdf3359-MIA
expires: Wed, 10 Apr 2024 16:18:33 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame 9DAF 300 KB
301 KB 280ms
110ms Image
image/gif 38.145.218.136
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.145.218.136 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 136.218-145-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: 294097.47935.sys.ipv4.io
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 307646
Expires: Fri, 26 Apr 2024 16:13:05 GMT

GET
H/1.1 200
OK 712x45.gif
c7575tp.com/tp/ Frame 9DAF 151 KB
151 KB 241ms
107ms Image
image/gif 198.2.204.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c7575tp.com/tp/712x45.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.2.204.100 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

0414a80b05b71cf0d7ac2e0d83b57bb02a1e88fc2dd63beb72b194878704c095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311201087
Last-Modified: Fri, 15 Mar 2024 07:36:13 GMT
Server: openresty
ETag: "65f3fa6d-25aa2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 154274
Expires: Mon, 29 Apr 2024 07:40:14 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/yh2023/ Frame 9DAF 452 KB
453 KB 607ms
561ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7c2e91e0c01dedc90326bb79e88f933ddec44c0404cdb8975500eb206bba4dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 24 Mar 2024 10:12:52 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 687070
x-cache: Hit from cloudfront
content-length: 463187
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jan 2024 09:55:23 GMT
server: nginx
etag: "65b0de8b-71153"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 5r30VyLrPIyfzxA757kzt7rbo3pWp2ZVxXFuNm7jAAPBut_PKW_GMw==
expires: Tue, 23 Apr 2024 10:12:52 GMT

GET
H/1.1 200
OK 96.gif
www.gggttt888.com/ Frame 9DAF 266 KB
266 KB 383ms
209ms Image
image/gif 149.104.32.243
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gggttt888.com/96.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

149.104.32.243 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx/onex /

Resource Hash

7e6a8c633bcc65aff1d931ecae80b99d3a3e4323387a96c13ec959c6fcfe791a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-One-Cache: HIT
Date: Mon, 01 Apr 2024 09:04:03 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 23 Feb 2024 07:15:45 GMT
Server: nginx/onex
ETag: "65d84621-426d8"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 272088
Expires: Sun, 28 Apr 2024 07:16:18 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame 9DAF 405 KB
405 KB 612ms
208ms Image
image/gif 137.175.69.133
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c8932888tp.com/tp/bht60.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

137.175.69.133 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

01fba89e81cfb0d43eb6493527805b3c3f27542c84e01a1248d8b86a7a2ce6c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311265259
Last-Modified: Sat, 23 Mar 2024 08:29:47 GMT
Server: openresty
ETag: "65fe92fb-65464"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 414820
Expires: Mon, 22 Apr 2024 08:32:11 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame 9DAF 375 KB
376 KB 298ms
148ms Image
image/gif 198.2.209.177
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.209.177 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311201973
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 384496
Expires: Tue, 09 Apr 2024 18:31:19 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame 9DAF 223 KB
224 KB 415ms
377ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pjkbv034cbdft6qwd.com/0343.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.204.238.227 , United States, ASN33387 (NOCIX, US),

Reverse DNS

Software

nginx /

Resource Hash

0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Wed, 01 May 2024 09:04:02 GMT

GET
H/1.1 200
OK 7bw50-1.gif
www.8122888tp.com/ Frame 9DAF 161 KB
161 KB 701ms
223ms Image
image/gif 107.148.194.12
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.8122888tp.com/7bw50-1.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.12 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 7f20f879aa61a695f2ead08efc741e3749e4866926f11ce930505b1d9f4d6b34

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202310298740
Last-Modified: Mon, 05 Feb 2024 10:00:55 GMT
Server: openresty
ETag: "65c0b1d7-283d6"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164822
Expires: Tue, 09 Apr 2024 18:32:02 GMT

GET
H/1.1 200
OK 750-50.gif
www.7859888tp.com/ Frame 9DAF 184 KB
184 KB 1943ms
1467ms Image
image/gif 142.4.127.78
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.7859888tp.com/750-50.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.127.78 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: aeb12ddd33057f62b5b58d203d40947ddc711feefa77c62e0998ecb5b61b69bc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311058517
Last-Modified: Mon, 05 Feb 2024 06:59:03 GMT
Server: openresty
ETag: "65c08737-2de40"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187968
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/mt2023/ Frame 9DAF 439 KB
440 KB 1260ms
1219ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 02 Mar 2024 10:58:35 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 2585127
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:26 GMT
server: nginx
etag: "65843a32-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: cjAbrU7w6oJamLbGeyL3Ct5KBNa-cYKvDURnfJVAAj5hdy_n222DzA==
expires: Mon, 01 Apr 2024 10:58:35 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/jnc2023/ Frame 9DAF 842 KB
844 KB 1321ms
1280ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 16 Mar 2024 07:20:45 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 1388596
x-cache: Hit from cloudfront
content-length: 862690
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:24:07 GMT
server: nginx
etag: "6502fb67-d29e2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: psvdm5wlX9bhNCXJtQ8lnw_pIPe_lEOILCqp_RnWua-0Xb99vCAwFw==
expires: Mon, 15 Apr 2024 07:20:45 GMT

GET
H/1.1 200
OK 960x60.gif
9216tp.com/7780/ Frame 9DAF 225 KB
225 KB 734ms
228ms Image
image/gif 107.148.195.241
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp.com/7780/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.195.241 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 93c462ff86304122941c8587eddf51f3dd58f84b7660e6df58d4432768a9881b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: 107.148.195.240
Last-Modified: Wed, 20 Mar 2024 06:33:13 GMT
Server: openresty
ETag: "65fa8329-382ee"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 230126
Expires: Tue, 30 Apr 2024 13:59:50 GMT

GET
H/1.1 200
OK 960x60.gif
9323tp.cc/tp/ Frame 9DAF 148 KB
148 KB 785ms
212ms Image
image/gif 192.74.232.140
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tp.cc/tp/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.232.140 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: dc275b7fde01a28c190c792ec1d1e3fe80972043854c0a4d231e23a6069f2583

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311041118
Last-Modified: Fri, 08 Mar 2024 04:43:09 GMT
Server: openresty
ETag: "65ea975d-24fca"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 151498
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H3 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame 9DAF 662 KB
663 KB 2514ms
2489ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 13:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301804
etag: "6569e283-a5894"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7J%2BuSEG%2FwwL5fPSkzkZO0uR8RAI46q9xPN6GV67V5kX%2F29V%2F0fPniEMmF1iosmJfHvWzLWvpLWeUdUuQ5GckydNWD7rcd22Y7RT1SAj%2B5K%2FeLEuy2FqIhpzYurmRrGWrFL6cVfFRmieCLuGM6ndPXa7nJTUx"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768d0681f5c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H2 200 lhgg.gif
tutu.facaiimage.com/ Frame 9DAF 17 KB
17 KB 269ms
232ms Image
image/gif 199.180.100.129
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tutu.facaiimage.com/lhgg.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.180.100.129 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

nginx /

Resource Hash

38a61d4dc9225e1e5238802b7ad3ce36952ededf39b0ce6509a3a210555bc42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23 Jan 2024 11:58:12 GMT
server: nginx
etag: "65afa9d4-4345"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17221
expires: Wed, 01 May 2024 09:04:02 GMT

GET
H3 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame 9DAF 810 KB
811 KB 2931ms
2907ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 12:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301804
etag: "658d6b0d-ca80e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KfRYyQzSASAacqYKR3Wyz4J41WdX4DaD4terOTxMpN1IVM62tVTM7LtV3A2UoxrwxxDQsTXlJY%2B9%2Bvz46Ao54wkE2ZMKI2oCoatUiVZRtGb%2ByQkjMX0fdWtuMAbneXN8WhIXUXVVkhftuWfLduTmPYzOAn02"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768d068205c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame 9DAF 272 KB
272 KB 326ms
302ms Image
image/gif 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899926
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SBg6IV1Oo0vY%2BTIYGUrdP9LnpDez%2BXd2qoPhc2SQtDH4OKvqXsNGWmoUM%2BUbaM931enYHlQO3O6dmbdQu4Ts4J4DMrW1mTiquRG7BcBJWYaY%2B3BwO3h5%2FxUkR2rX3wcd%2BREF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86d768d0682509f2-MIA
priority: u=3,i
expires: Wed, 26 Feb 2025 19:31:55 GMT

GET
H/1.1 200
OK 960x601.gif
5698tp.com/tp/ Frame 9DAF 177 KB
177 KB 207ms
109ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/960x601.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311127594
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181320
Expires: Tue, 09 Apr 2024 18:31:17 GMT

GET
H3 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame 9DAF 50 KB
50 KB 2489ms
2465ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899931
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Tue, 27 Feb 2024 19:31:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dZuS%2BBnF1AUHtJUPQXTVIzshgfYSTw3FB4fduJ96Rc2HgfWHzdR2xKFrpjPhcAm7JYLzpqs0HHM1yq7b7BS6hGdXcjPtccdHkuKAQdCjY18JAoimj6XrbBxg"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86d768d06b110a2a-MIA
expires: Wed, 26 Feb 2025 19:31:51 GMT

GET
H3 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame 9DAF 665 KB
666 KB 3371ms
3347ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 126057
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CNbqV9YqS%2FMEOVfNbEdAXU6r%2FuHeLu0FGQ%2B8%2BBUDCQGXvXsOpkQbKXYN1vhwI%2FIhfC7bNBKWuYc4nAXpBXbpXzNboW9asO%2Fi4gCoFCGeN%2FP4%2F1u%2BtvbvcfRnoiZ5jhk8RDhiRMRTV7EaXlST4FLG4OxFJTN9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768d068215c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Mar 2024 04:06:19 GMT

GET
H/1.1 200
OK 8yustaoza.gif
5698tp.com/tp/ Frame 9DAF 193 KB
193 KB 235ms
108ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/8yustaoza.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311127594
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 197728
Expires: Tue, 09 Apr 2024 18:31:16 GMT

GET
H3 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame 9DAF 49 KB
49 KB 2700ms
2676ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2903791
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Tue, 27 Feb 2024 18:27:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HQdaEHkpjDgfLt9BQZYXlNuJIsYUuqvL6lEJl5X615ryHrXlWtrqucRRhJt%2FHao31n%2FHoXI%2BRVsGBRJVBqzX%2FiwclgLXpYufMTYGyKKwcTHPj57%2FofUWPa5D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86d768d06b120a2a-MIA
expires: Wed, 26 Feb 2025 18:27:31 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame 9DAF 156 KB
156 KB 320ms
121ms Image
image/gif 192.74.245.123
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.245.123 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 375df959b600f852811683d290fa3cb6e90cedf389ff9cb277b804ff5f68b4dd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: 192.74.245.115
Last-Modified: Wed, 20 Mar 2024 04:31:54 GMT
Server: openresty
ETag: "65fa66ba-26fbf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 159679
Expires: Fri, 19 Apr 2024 04:32:48 GMT

GET e20212307abf2gg1234kj.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame 9DAF 0
0

GET 999656bd7cb3cgg1233.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame 9DAF 0
0

GET
H3 200 75070.gif
img.ooo-09.ltd/facaile/ Frame 9DAF 555 KB
555 KB 176ms
153ms Image
image/gif 172.67.178.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ooo-09.ltd/facaile/75070.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 418904
alt-svc: h3=":443"; ma=86400
content-length: 568016
last-modified: Wed, 06 Mar 2024 07:50:29 GMT
server: cloudflare
etag: "65e82045-8aad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOZ5ARI32CpQJ3E4dkJngG9KkAqwqZ3d2csM1P%2F1iGA147zwKuzVPjNwVVfnjUU5jgs7VTUY0F9TKUKx635gO%2Ff5Nv6RODuuGVz73oOYulRxvlY1xoVPjLzJVoYeUjBrow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86d768d06e312604-MIA
expires: Fri, 26 Apr 2024 12:00:59 GMT

GET
H3 200 712x45.gif
v.tu05v46466.ltd/40/ Frame 9DAF 247 KB
247 KB 73ms
50ms Image
image/gif 172.67.199.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.tu05v46466.ltd/40/712x45.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.199.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 22 Mar 2024 06:55:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 862419
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zxXc5BYfd87euz1BWMLtJEzO%2BQQSHQIPrQqzFiouuh6CjS2FTx4TymRC4u9iBnJA1B0FwXA0Nwt63SVp%2F7654gek3%2BMzosYKP9y63FqPdFlYx1LsFnaqZCSDYdU2aVUUk9dT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768d068603364-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Apr 2024 06:55:59 GMT

GET
H3 200 712x45
imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/ Frame 9DAF 560 KB
561 KB 623ms
600ms Image
image/gif 104.18.2.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/712x45

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.2.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6827fad733b3b1ae8c84f554c4cdcfafcf5d80f9e81886f587390eac72cbf5a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=18+928 c=0+0 v=2024.3.2 l=573906
date: Mon, 01 Apr 2024 09:04:02 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 573906
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cf4eIMro_COxK4V4wILx0bOPfM4ZE98CIV-dmMU-nGDQ"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported", cf-images 299 "original is 5452B smaller"
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 86d768d0694f875b-MIA
priority: u=1;i=?0,cf-chb=(782;u=3;i=?0 1953;u=3;i=?0 15722;u=5;i=?0)

GET
H/1.1 200
OK 712x45.gif
9831tc.com/tp/ Frame F9D3 254 KB
255 KB 689ms
226ms Image
image/gif 192.74.227.226
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9831tc.com/tp/712x45.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.227.226 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 2c38ff94e9acc4d3c3e7c23f8b3e77928735ccb963b7852845c1897e1cb8397f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311034054
Last-Modified: Sun, 31 Mar 2024 08:17:33 GMT
Server: openresty
ETag: "66091c1d-3f9f2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 260594
Expires: Tue, 30 Apr 2024 08:19:59 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame F9D3 300 KB
301 KB 376ms
107ms Image
image/gif 38.145.218.136
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.145.218.136 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 136.218-145-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Via: 294097.47935.sys.ipv4.io
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 307646
Expires: Fri, 26 Apr 2024 16:13:05 GMT

GET
H/1.1 200
OK 712x45.gif
c7575tp.com/tp/ Frame F9D3 151 KB
151 KB 298ms
139ms Image
image/gif 198.2.204.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c7575tp.com/tp/712x45.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.2.204.100 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

0414a80b05b71cf0d7ac2e0d83b57bb02a1e88fc2dd63beb72b194878704c095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311201087
Last-Modified: Fri, 15 Mar 2024 07:36:13 GMT
Server: openresty
ETag: "65f3fa6d-25aa2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 154274
Expires: Mon, 29 Apr 2024 07:40:14 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/yh2023/ Frame F9D3 452 KB
453 KB 2327ms
2194ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7c2e91e0c01dedc90326bb79e88f933ddec44c0404cdb8975500eb206bba4dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 24 Mar 2024 10:12:52 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 687071
x-cache: Hit from cloudfront
content-length: 463187
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jan 2024 09:55:23 GMT
server: nginx
etag: "65b0de8b-71153"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 1_U7k4SjnW7UersLvjo3Xkpl2gy9EtC6xD2Ld6Gh-jodE35hZpzJbg==
expires: Tue, 23 Apr 2024 10:12:52 GMT

GET
H/1.1 200
OK 96.gif
www.gggttt888.com/ Frame F9D3 266 KB
266 KB 133ms
131ms Image
image/gif 149.104.32.243
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gggttt888.com/96.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

149.104.32.243 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx/onex /

Resource Hash

7e6a8c633bcc65aff1d931ecae80b99d3a3e4323387a96c13ec959c6fcfe791a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-One-Cache: HIT
Date: Mon, 01 Apr 2024 09:04:04 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 23 Feb 2024 07:15:45 GMT
Server: nginx/onex
ETag: "65d84621-426d8"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 272088
Expires: Sun, 28 Apr 2024 07:16:18 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame F9D3 405 KB
405 KB 117ms
111ms Image
image/gif 137.175.69.133
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c8932888tp.com/tp/bht60.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

137.175.69.133 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

01fba89e81cfb0d43eb6493527805b3c3f27542c84e01a1248d8b86a7a2ce6c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311265259
Last-Modified: Sat, 23 Mar 2024 08:29:47 GMT
Server: openresty
ETag: "65fe92fb-65464"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 414820
Expires: Mon, 22 Apr 2024 08:32:11 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame F9D3 375 KB
376 KB 335ms
218ms Image
image/gif 198.2.209.177
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.209.177 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311201973
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 384496
Expires: Tue, 09 Apr 2024 18:31:19 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame F9D3 223 KB
224 KB 1065ms
928ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pjkbv034cbdft6qwd.com/0343.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.204.238.227 , United States, ASN33387 (NOCIX, US),

Reverse DNS

Software

nginx /

Resource Hash

0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Wed, 01 May 2024 09:04:03 GMT

GET
H/1.1 200
OK 7bw50-1.gif
www.8122888tp.com/ Frame F9D3 161 KB
161 KB 187ms
154ms Image
image/gif 107.148.194.12
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.8122888tp.com/7bw50-1.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.12 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 7f20f879aa61a695f2ead08efc741e3749e4866926f11ce930505b1d9f4d6b34

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Via: s202310298740
Last-Modified: Mon, 05 Feb 2024 10:00:55 GMT
Server: openresty
ETag: "65c0b1d7-283d6"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164822
Expires: Tue, 09 Apr 2024 18:32:02 GMT

GET
H/1.1 200
OK 750-50.gif
www.7859888tp.com/ Frame F9D3 184 KB
184 KB 150ms
120ms Image
image/gif 142.4.127.78
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.7859888tp.com/750-50.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.127.78 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: aeb12ddd33057f62b5b58d203d40947ddc711feefa77c62e0998ecb5b61b69bc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Via: s202311058517
Last-Modified: Mon, 05 Feb 2024 06:59:03 GMT
Server: openresty
ETag: "65c08737-2de40"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187968
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/mt2023/ Frame F9D3 439 KB
440 KB 2845ms
2716ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 02 Mar 2024 10:58:35 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 2585128
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:26 GMT
server: nginx
etag: "65843a32-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: vteP4pHpFmbYaid02yBgECTV9gbn7VViyQOgpYcw5Yn90u8MhTwsVg==
expires: Mon, 01 Apr 2024 10:58:35 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/jnc2023/ Frame F9D3 842 KB
844 KB 3189ms
3065ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 16 Mar 2024 07:20:45 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 1388597
x-cache: Hit from cloudfront
content-length: 862690
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:24:07 GMT
server: nginx
etag: "6502fb67-d29e2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: AUnESM9LvoJ9nb8Ek0Q4PZd7r8g_Xp1SrJQY1QShnCVIODmik6T93Q==
expires: Mon, 15 Apr 2024 07:20:45 GMT

GET
H/1.1 200
OK 960x60.gif
9216tp.com/7780/ Frame F9D3 225 KB
225 KB 162ms
156ms Image
image/gif 107.148.195.241
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp.com/7780/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.195.241 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 93c462ff86304122941c8587eddf51f3dd58f84b7660e6df58d4432768a9881b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Via: 107.148.195.240
Last-Modified: Wed, 20 Mar 2024 06:33:13 GMT
Server: openresty
ETag: "65fa8329-382ee"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 230126
Expires: Tue, 30 Apr 2024 13:59:50 GMT

GET
H/1.1 200
OK 960x60.gif
9323tp.cc/tp/ Frame F9D3 148 KB
148 KB 350ms
116ms Image
image/gif 192.74.232.140
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tp.cc/tp/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.232.140 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: dc275b7fde01a28c190c792ec1d1e3fe80972043854c0a4d231e23a6069f2583

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Via: s202311041118
Last-Modified: Fri, 08 Mar 2024 04:43:09 GMT
Server: openresty
ETag: "65ea975d-24fca"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 151498
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H3 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame F9D3 662 KB
663 KB 4311ms
4237ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 13:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301805
etag: "6569e283-a5894"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q2kKcybDVbT6IUBJrYe0d%2BwmfUTpdqkGswIwqBsVnY5WUrp8DFWrD%2BaNmXl5X3YDSw%2BXz3Zfq6NgGOWxLYHMCEmXDvHWVKd7FoJsh8BHDv3XTbrGZxhh9vyST38CnVg40rl%2BSIom3Ixqe55Yy%2BD1fZZE5efH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768d399e15c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H3 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame F9D3 810 KB
811 KB 4621ms
4546ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 12:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301805
etag: "658d6b0d-ca80e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1PYETiUewsT46J%2FQ8cw%2BU5Em0KXWugxFKlPFlViNFSB%2BBmil99xBkR6BWi9%2BiNPeiHAYLYTPIZwOItNPuPD1PdsQXseCjPu6i%2FYOSspPK%2BPbVAOKpgvKzXaaoitLLSLXNiSmDAlyE5nn22vTksfjA7g8NjVg"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768d399e25c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame F9D3 272 KB
272 KB 230ms
161ms Image
image/gif 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899927
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWghljlNLcEY65l%2FsQsK9Xc2GnVO55UwkW2KXKFkCTPFlrN0TWov9%2F9bBQAlXoEBuJ%2BhtjP5xzUsryYMwhrcSSD4IH%2BsA7gcKJyoytLdFrp%2FFp2HFmHgYFhiXVl8LjOul%2Bj%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86d768d3998209f2-MIA
priority: u=3,i
expires: Wed, 26 Feb 2025 19:31:55 GMT

GET
H/1.1 200
OK 960x601.gif
5698tp.com/tp/ Frame F9D3 177 KB
177 KB 126ms
104ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/960x601.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Via: s202311127594
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181320
Expires: Tue, 09 Apr 2024 18:31:17 GMT

GET
H3 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame F9D3 50 KB
50 KB 2657ms
2588ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899932
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Tue, 27 Feb 2024 19:31:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hjZ%2BndFYXcMC4iQMrTdzqrJu6SPUllRN1FPW8soPggXhSnBL683gBPNuMcEpLvHUGJxDrkS7%2BpTF8DLKsx2QbMhwdRnkl6PexqT8vevHjWr7UKrxIKkReTFz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86d768d39c620a2a-MIA
expires: Wed, 26 Feb 2025 19:31:51 GMT

GET
H3 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame F9D3 665 KB
666 KB 4883ms
4814ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 126058
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2BcKm4IOtC2hnvyyXkVwQrE14GaSk11Ug9hRQWcvhAawP9kwx9VCoyBK7yAsdNT4zl8hbS5I6ge73MTcSo9QloCTnCiG%2FYeAKBcaXNZ%2FC955UaOhAXQOrNdrLWQijlXsQNhrV5JrcTAOtT4M4D623a58BVp8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768d399e35c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Mar 2024 04:06:19 GMT

GET
H/1.1 200
OK 8yustaoza.gif
5698tp.com/tp/ Frame F9D3 193 KB
193 KB 128ms
106ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/8yustaoza.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Via: s202311127594
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 197728
Expires: Tue, 09 Apr 2024 18:31:16 GMT

GET
H3 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame F9D3 49 KB
49 KB 2769ms
2701ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2903792
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Tue, 27 Feb 2024 18:27:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lU2AP4SDjnC2hgOXNJOvUo8Ttvu7KKj%2FNechen2MSngdmbepFQjhGZIoYHv8Rx%2F%2B2FcRRiGeUdtc8uPeVPgRH3yFDDd2bEsNbffG8YQPCo9Cjjpr9v4z1ZA2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86d768d39c630a2a-MIA
expires: Wed, 26 Feb 2025 18:27:31 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame F9D3 156 KB
156 KB 477ms
215ms Image
image/gif 192.74.245.123
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.245.123 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 375df959b600f852811683d290fa3cb6e90cedf389ff9cb277b804ff5f68b4dd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: 192.74.245.115
Last-Modified: Wed, 20 Mar 2024 04:31:54 GMT
Server: openresty
ETag: "65fa66ba-26fbf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 159679
Expires: Fri, 19 Apr 2024 04:32:48 GMT

GET e20212307abf2gg1234kj.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame F9D3 0
0

GET 999656bd7cb3cgg1233.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame F9D3 0
0

GET
H3 200 75070.gif
img.ooo-09.ltd/facaile/ Frame F9D3 555 KB
555 KB 917ms
854ms Image
image/gif 172.67.178.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ooo-09.ltd/facaile/75070.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 418905
alt-svc: h3=":443"; ma=86400
content-length: 568016
last-modified: Wed, 06 Mar 2024 07:50:29 GMT
server: cloudflare
etag: "65e82045-8aad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1j%2BZO8bnbkU1VCkVQcyKfgcgidOgI63uUeb87aq2Clcsr9GlKa0bxzLPnie4qo81TxS5krY8WX1UMd2bcjCfodw4dWrm5zn9GLDStXbzfel2EEZRCrWptSEtbijldFeuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86d768d3982e2604-MIA
expires: Fri, 26 Apr 2024 12:00:59 GMT

GET
H3 200 712x45.gif
v.tu05v46466.ltd/40/ Frame F9D3 247 KB
247 KB 144ms
81ms Image
image/gif 172.67.199.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.tu05v46466.ltd/40/712x45.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.199.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:03 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 22 Mar 2024 06:55:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 862420
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LSWMPOyOel7ULnC%2B%2BWpMQBu%2F7YPIo5PQY8BwZ7%2BgrSLXxv877W%2F1SBSj0FT8tsceKF3qIAmrQKahMY5hwMZMoR0MIYPYcyp90zRtmAu5JZ%2BDP9xq8opfFbqRT3V6TS9TphyD"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768d39a9c3364-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Apr 2024 06:55:59 GMT

GET
H3 200 712x45
imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/ Frame F9D3 560 KB
561 KB 1353ms
1290ms Image
image/gif 104.18.2.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/712x45

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.2.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6827fad733b3b1ae8c84f554c4cdcfafcf5d80f9e81886f587390eac72cbf5a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=18+928 c=0+0 v=2024.3.2 l=573906
date: Mon, 01 Apr 2024 09:04:03 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 573906
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cf4eIMro_COxK4V4wILx0bOPfM4ZE98CIV-dmMU-nGDQ"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported", cf-images 299 "original is 5452B smaller"
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 86d768d39ac3875b-MIA
priority: u=1;i=?0,cf-chb=(782;u=3;i=?0 1953;u=3;i=?0 15722;u=5;i=?0)

GET
H/1.1 200
OK 712x45.gif
9831tc.com/tp/ Frame C219 254 KB
255 KB 126ms
117ms Image
image/gif 192.74.227.226
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9831tc.com/tp/712x45.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.227.226 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 2c38ff94e9acc4d3c3e7c23f8b3e77928735ccb963b7852845c1897e1cb8397f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:03 GMT
Via: s202311034054
Last-Modified: Sun, 31 Mar 2024 08:17:33 GMT
Server: openresty
ETag: "66091c1d-3f9f2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 260594
Expires: Tue, 30 Apr 2024 08:19:59 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame C219 300 KB
301 KB 241ms
218ms Image
image/gif 38.145.218.136
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.145.218.136 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 136.218-145-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Via: 294097.47935.sys.ipv4.io
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 307646
Expires: Fri, 26 Apr 2024 16:13:05 GMT

GET
H/1.1 200
OK 712x45.gif
c7575tp.com/tp/ Frame C219 151 KB
151 KB 144ms
122ms Image
image/gif 198.2.204.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c7575tp.com/tp/712x45.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.2.204.100 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

0414a80b05b71cf0d7ac2e0d83b57bb02a1e88fc2dd63beb72b194878704c095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311201087
Last-Modified: Fri, 15 Mar 2024 07:36:13 GMT
Server: openresty
ETag: "65f3fa6d-25aa2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 154274
Expires: Mon, 29 Apr 2024 07:40:14 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/yh2023/ Frame C219 452 KB
453 KB 3511ms
3355ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7c2e91e0c01dedc90326bb79e88f933ddec44c0404cdb8975500eb206bba4dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 24 Mar 2024 10:12:52 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 687072
x-cache: Hit from cloudfront
content-length: 463187
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jan 2024 09:55:23 GMT
server: nginx
etag: "65b0de8b-71153"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: X7Qn5VY2OtBdN9tqCWGCgfaF4aWlBC8LHz4-BdFXmHDvx9wuBnl70g==
expires: Tue, 23 Apr 2024 10:12:52 GMT

GET
H/1.1 200
OK 96.gif
www.gggttt888.com/ Frame C219 266 KB
266 KB 161ms
143ms Image
image/gif 149.104.32.243
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gggttt888.com/96.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

149.104.32.243 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx/onex /

Resource Hash

7e6a8c633bcc65aff1d931ecae80b99d3a3e4323387a96c13ec959c6fcfe791a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-One-Cache: HIT
Date: Mon, 01 Apr 2024 09:04:04 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 23 Feb 2024 07:15:45 GMT
Server: nginx/onex
ETag: "65d84621-426d8"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 272088
Expires: Sun, 28 Apr 2024 07:16:18 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame C219 405 KB
405 KB 122ms
112ms Image
image/gif 137.175.69.133
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c8932888tp.com/tp/bht60.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

137.175.69.133 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

01fba89e81cfb0d43eb6493527805b3c3f27542c84e01a1248d8b86a7a2ce6c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311265259
Last-Modified: Sat, 23 Mar 2024 08:29:47 GMT
Server: openresty
ETag: "65fe92fb-65464"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 414820
Expires: Mon, 22 Apr 2024 08:32:11 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame C219 375 KB
376 KB 151ms
130ms Image
image/gif 198.2.209.177
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.209.177 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Via: s202311201973
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 384496
Expires: Tue, 09 Apr 2024 18:31:19 GMT

GET
H/1.1 200
OK 712x45.gif
9831tc.com/tp/ Frame C219 254 KB
255 KB 222ms
219ms Image
image/gif 192.74.227.226
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9831tc.com/tp/712x45.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.227.226 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 2c38ff94e9acc4d3c3e7c23f8b3e77928735ccb963b7852845c1897e1cb8397f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Via: s202311034054
Last-Modified: Sun, 31 Mar 2024 08:17:33 GMT
Server: openresty
ETag: "66091c1d-3f9f2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 260594
Expires: Tue, 30 Apr 2024 08:19:59 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame C219 223 KB
224 KB 953ms
844ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pjkbv034cbdft6qwd.com/0343.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.204.238.227 , United States, ASN33387 (NOCIX, US),

Reverse DNS

Software

nginx /

Resource Hash

0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Wed, 01 May 2024 09:04:04 GMT

GET
H3 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame C219 282 KB
283 KB 114ms
51ms Image
image/gif 172.67.155.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.155.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 854459
alt-svc: h3=":443"; ma=86400
content-length: 289258
last-modified: Wed, 31 Jan 2024 16:12:40 GMT
server: cloudflare
etag: "65ba7178-469ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q8eFRSxHzEeTUB1OWeSP5amw2EMp3eisAtA0lMJP1SM%2FRrSEUnaOHuAqyplslKJzlft7RB8PuvJzrIk8TCoCsXysGeJvjA2jqtVeFaTdi%2FUVqPThA7gsQxjBexHt%2BiVItmfKpy4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86d768dcac6c3359-MIA
expires: Wed, 10 Apr 2024 16:18:33 GMT

GET
H/1.1 200
OK 7bw50-1.gif
www.8122888tp.com/ Frame C219 161 KB
161 KB 285ms
249ms Image
image/gif 107.148.194.12
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.8122888tp.com/7bw50-1.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.12 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 7f20f879aa61a695f2ead08efc741e3749e4866926f11ce930505b1d9f4d6b34

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Via: s202310298740
Last-Modified: Mon, 05 Feb 2024 10:00:55 GMT
Server: openresty
ETag: "65c0b1d7-283d6"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164822
Expires: Tue, 09 Apr 2024 18:32:02 GMT

GET
H/1.1 200
OK 750-50.gif
www.7859888tp.com/ Frame C219 184 KB
184 KB 169ms
112ms Image
image/gif 142.4.127.78
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.7859888tp.com/750-50.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.127.78 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: aeb12ddd33057f62b5b58d203d40947ddc711feefa77c62e0998ecb5b61b69bc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:05 GMT
Via: s202311058517
Last-Modified: Mon, 05 Feb 2024 06:59:03 GMT
Server: openresty
ETag: "65c08737-2de40"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187968
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/mt2023/ Frame C219 439 KB
440 KB 3231ms
3138ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 02 Mar 2024 10:58:35 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 2585129
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:26 GMT
server: nginx
etag: "65843a32-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: WuGdEM6p_4vJNf3OWLsQoq8X39DAIhErgNKFYBTH7U9FmE8Y31tF5g==
expires: Mon, 01 Apr 2024 10:58:35 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/jnc2023/ Frame C219 842 KB
844 KB 3377ms
3284ms Image
image/gif 2600:9000:2209:d800:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm2.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 16 Mar 2024 07:20:45 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 1388598
x-cache: Hit from cloudfront
content-length: 862690
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:24:07 GMT
server: nginx
etag: "6502fb67-d29e2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 2lMVGTp2jlS1l_6xupIW45kNV5vsMQPfK9M4idJf8jN20DIMsePbhg==
expires: Mon, 15 Apr 2024 07:20:45 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame C219 300 KB
301 KB 113ms
101ms Image
image/gif 38.145.218.136
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.145.218.136 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS: 136.218-145-38.rdns.scalabledns.com
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:05 GMT
Via: 294097.47935.sys.ipv4.io
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 307646
Expires: Fri, 26 Apr 2024 16:13:05 GMT

GET
H/1.1 200
OK 960x60.gif
9216tp.com/7780/ Frame C219 225 KB
225 KB 266ms
257ms Image
image/gif 107.148.195.241
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp.com/7780/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.195.241 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 93c462ff86304122941c8587eddf51f3dd58f84b7660e6df58d4432768a9881b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:05 GMT
Via: 107.148.195.240
Last-Modified: Wed, 20 Mar 2024 06:33:13 GMT
Server: openresty
ETag: "65fa8329-382ee"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 230126
Expires: Tue, 30 Apr 2024 13:59:50 GMT

GET
H/1.1 200
OK 960x60.gif
9323tp.cc/tp/ Frame C219 148 KB
148 KB 133ms
124ms Image
image/gif 192.74.232.140
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tp.cc/tp/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.232.140 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: dc275b7fde01a28c190c792ec1d1e3fe80972043854c0a4d231e23a6069f2583

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:05 GMT
Via: s202311041118
Last-Modified: Fri, 08 Mar 2024 04:43:09 GMT
Server: openresty
ETag: "65ea975d-24fca"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 151498
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H3 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame C219 662 KB
663 KB 4275ms
4231ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 13:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301806
etag: "6569e283-a5894"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AWszNFkSPjXxSyjHQxgsHwHsU1oAOqfiZ5%2BUqfNXsHCBwPDb%2BoomVgDSwrup3YfP5Aj7qBGY6G23U6gQJC8NCPgSCXSpDo5eRYd8RhK4IzrfLqQCVh6ojoqPiuCQvFK726XIzbutR%2BleLLM1lCiRnFXkL5%2B%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768dcae655c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H2 200 lhgg.gif
tutu.facaiimage.com/ Frame C219 17 KB
17 KB 676ms
594ms Image
image/gif 199.180.100.129
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tutu.facaiimage.com/lhgg.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.180.100.129 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

nginx /

Resource Hash

38a61d4dc9225e1e5238802b7ad3ce36952ededf39b0ce6509a3a210555bc42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23 Jan 2024 11:58:12 GMT
server: nginx
etag: "65afa9d4-4345"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17221
expires: Wed, 01 May 2024 09:04:04 GMT

GET
H3 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame C219 810 KB
811 KB 4443ms
4399ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 12:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 301806
etag: "658d6b0d-ca80e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ttqi4no33ChY%2BpetUJ9CB661%2FSKdOjteEdqg5mP52nUTFwZGW0uZHFhHC1BcBVxbPDBeCCTuiI7Y9ThvQnUqcF5YwOJrcm0wtXE7kfV%2F8JkPcZAA4hgMoO7onb%2FfETviqfMJxqGcL%2BYjvcnmkWGoU0%2BwjXcv"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768dcbe695c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame C219 272 KB
272 KB 100ms
57ms Image
image/gif 104.21.235.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899928
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Lw2qgfM5PPh3jZcUeyMgPw%2B917Fnru8XAZ5CS1JHpUPZ7oQsld8ltqE6NGBr3srRyb8IlhKNZNyIs9fLkM0x6D7Gvpy%2BDuA1r8j7j8bya8TD18EqxLBKofsyWOTj8tAz6%2Fn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86d768dcbd3a09f2-MIA
priority: u=3,i
expires: Wed, 26 Feb 2025 19:31:55 GMT

GET
H/1.1 200
OK 960x601.gif
5698tp.com/tp/ Frame C219 177 KB
177 KB 131ms
123ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/960x601.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:05 GMT
Via: s202311127594
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181320
Expires: Tue, 09 Apr 2024 18:31:17 GMT

GET
H3 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame C219 50 KB
50 KB 1536ms
1494ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2899933
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Tue, 27 Feb 2024 19:31:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6HgHn5o85z7HdAeqRaB1QnxA48a5ZF95sFFL7WQNeScIDjk%2BkR%2Big1oFXhnqwDlWUnGNQSwfmWLUxo%2BIciLdswbspI85g3%2FLLe4zsRx1frm5KQcep3A8N%2BSV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86d768dcb89c0a2a-MIA
expires: Wed, 26 Feb 2025 19:31:51 GMT

GET
H3 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame C219 665 KB
666 KB 4655ms
4613ms Image
image/gif 172.67.156.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.156.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 126059
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGNJTK30IKk0L3IA8DVNtbwRDToGCmtcUH9dzVJM3YFjgLYwGjhmGZcH93E8mzkcM1bIxjG7n2QfO32IdHMNUZqAVVEHn%2Bu2i28WB1yEP6LSgO4G6VhxRhVUoI3GnEGrShhVRhB8IhN81Qe9kwelTQTe5AmM"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768dcbe6b5c71-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Mar 2024 04:06:19 GMT

GET
H/1.1 200
OK 8yustaoza.gif
5698tp.com/tp/ Frame C219 193 KB
193 KB 129ms
122ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/8yustaoza.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:05 GMT
Via: s202311127594
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 197728
Expires: Tue, 09 Apr 2024 18:31:16 GMT

GET
H3 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame C219 49 KB
49 KB 1601ms
1561ms Image
image/gif 104.21.234.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2903793
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Tue, 27 Feb 2024 18:27:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rMFk8TeHjTCm1LbGCMP4FKLNKPIgRhcSEFvFoyN2OPUW7wB%2B2BMgBxfNa22OhaR9ynWSR0seDYFdJqQBh%2BgmZnVGhdQToiUn2o4VeY%2F00jJC54CZeDPNCsdM"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86d768dcb89e0a2a-MIA
expires: Wed, 26 Feb 2025 18:27:31 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame C219 156 KB
156 KB 162ms
126ms Image
image/gif 192.74.245.123
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.245.123 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 375df959b600f852811683d290fa3cb6e90cedf389ff9cb277b804ff5f68b4dd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 09:04:04 GMT
Via: 192.74.245.115
Last-Modified: Wed, 20 Mar 2024 04:31:54 GMT
Server: openresty
ETag: "65fa66ba-26fbf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 159679
Expires: Fri, 19 Apr 2024 04:32:48 GMT

GET e20212307abf2gg1234kj.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame C219 0
0

GET 999656bd7cb3cgg1233.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame C219 0
0

GET
H3 200 75070.gif
img.ooo-09.ltd/facaile/ Frame C219 555 KB
555 KB 148ms
109ms Image
image/gif 172.67.178.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ooo-09.ltd/facaile/75070.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 418906
alt-svc: h3=":443"; ma=86400
content-length: 568016
last-modified: Wed, 06 Mar 2024 07:50:29 GMT
server: cloudflare
etag: "65e82045-8aad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=94UxMW3KkBbUQakqdMLndf75DeACbvlIsJL1FMdJIDD5LuC1MrHl4DkPMA32SKe8Rl2WnW0jF6laQ5UOvC0tuBvs%2BkvI8rOeoyr%2BhVXpdpPxTTymA3T6SazEFqKpyPuW%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86d768dcbc8b2604-MIA
expires: Fri, 26 Apr 2024 12:00:59 GMT

GET
H3 200 712x45.gif
v.tu05v46466.ltd/40/ Frame C219 247 KB
247 KB 91ms
52ms Image
image/gif 172.67.199.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.tu05v46466.ltd/40/712x45.gif

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.199.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 22 Mar 2024 06:55:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 862421
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mBOBsX8MLsqSz%2B1Qi4rSy7vAnlGz1HArdF4P%2BYJvG7tXH296D9lD%2F3NdlFT9KXkrHS9nkhxqYa9Oe9L1F74%2FThAGsAduyIU%2BbDYhj%2F2toq2yyAhjXWNkvTEmgTY2fGwMgg4f"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 86d768dcb8363364-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Apr 2024 06:55:59 GMT

GET
H3 200 712x45
imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/ Frame C219 560 KB
561 KB 803ms
763ms Image
image/gif 104.18.2.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/XD66EvJKw_ZmQdp5Is5YAw/bce795d2-fd1a-470e-e419-80d7b9c9e400/712x45

Requested by

Host: z54y-6yqs.semerudiscovery.com
URL: https://z54y-6yqs.semerudiscovery.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.2.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6827fad733b3b1ae8c84f554c4cdcfafcf5d80f9e81886f587390eac72cbf5a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=18+928 c=0+0 v=2024.3.2 l=573906
date: Mon, 01 Apr 2024 09:04:04 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 573906
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cf4eIMro_COxK4V4wILx0bOPfM4ZE98CIV-dmMU-nGDQ"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported", cf-images 299 "original is 5452B smaller"
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 86d768dcbf3c875b-MIA
priority: u=1;i=?0,cf-chb=(782;u=3;i=?0 1953;u=3;i=?0 15722;u=5;i=?0)

GET
H2 200 favicon.ico
z54y-6yqs.semerudiscovery.com/ 4 KB
4 KB 76ms
75ms Other
image/x-icon 66.187.193.68
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://z54y-6yqs.semerudiscovery.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.68 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

15ef4efb4ab43fa39fda5ad4a1b44381278da9d3cced7652fef6520e37535d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://z54y-6yqs.semerudiscovery.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:04:09 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Nov 2021 15:07:54 GMT
server: nginx
etag: "618d31ca-10be"
content-type: image/x-icon
accept-ranges: bytes
content-length: 4286

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: oss118.oss-accelerate.aliyuncs.com
URL: https://oss118.oss-accelerate.aliyuncs.com/231209/e20212307abf2gg1234kj.acc

Domain: oss118.oss-accelerate.aliyuncs.com
URL: https://oss118.oss-accelerate.aliyuncs.com/231209/999656bd7cb3cgg1233.acc

Domain: oss118.oss-accelerate.aliyuncs.com
URL: https://oss118.oss-accelerate.aliyuncs.com/231209/e20212307abf2gg1234kj.acc

Domain: oss118.oss-accelerate.aliyuncs.com
URL: https://oss118.oss-accelerate.aliyuncs.com/231209/999656bd7cb3cgg1233.acc

Domain: oss118.oss-accelerate.aliyuncs.com
URL: https://oss118.oss-accelerate.aliyuncs.com/231209/e20212307abf2gg1234kj.acc

Domain: oss118.oss-accelerate.aliyuncs.com
URL: https://oss118.oss-accelerate.aliyuncs.com/231209/999656bd7cb3cgg1233.acc

Domain: oss118.oss-accelerate.aliyuncs.com
URL: https://oss118.oss-accelerate.aliyuncs.com/231209/e20212307abf2gg1234kj.acc

Domain: oss118.oss-accelerate.aliyuncs.com
URL: https://oss118.oss-accelerate.aliyuncs.com/231209/999656bd7cb3cgg1233.acc

Domain: oss118.oss-accelerate.aliyuncs.com
URL: https://oss118.oss-accelerate.aliyuncs.com/231209/e20212307abf2gg1234kj.acc

Domain: oss118.oss-accelerate.aliyuncs.com
URL: https://oss118.oss-accelerate.aliyuncs.com/231209/999656bd7cb3cgg1233.acc

Domain: oss118.oss-accelerate.aliyuncs.com
URL: https://oss118.oss-accelerate.aliyuncs.com/231209/e20212307abf2gg1234kj.acc

Domain: oss118.oss-accelerate.aliyuncs.com
URL: https://oss118.oss-accelerate.aliyuncs.com/231209/999656bd7cb3cgg1233.acc

Domain: oss118.oss-accelerate.aliyuncs.com
URL: https://oss118.oss-accelerate.aliyuncs.com/231209/e20212307abf2gg1234kj.acc

Domain: oss118.oss-accelerate.aliyuncs.com
URL: https://oss118.oss-accelerate.aliyuncs.com/231209/999656bd7cb3cgg1233.acc

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hm.baidu.com/	1970-01-21 05:08:42	Name: HMACCOUNT_BFESS Value: F40D3BF0D4948745

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://z54y-6yqs.semerudiscovery.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://z54y-6yqs.semerudiscovery.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1325tp.com
5698tp.com
6399tp.com
9216tp.com
9323tp.cc
9831tc.com
c7575tp.com
c8932888tp.com
imagedelivery.net
images.weserv.nl
img.chkaja.com
img.ooo-09.ltd
img10.chkaja.com
img11.chkaja.com
oss118.oss-accelerate.aliyuncs.com
pjkbv034cbdft6qwd.com
pppmmm.tututufafafa.com
s1x3d.mexicorecreation.com
tong--ji.discount-micro.com
tupain2.baitu4lliltvmwelqubyqm.com
tutu.facaiimage.com
v.tu05v46466.ltd
www.3400tupian.com
www.7859888tp.com
www.8122888tp.com
www.9129666tp.com
www.gggttt888.com
x01-49z.discount-micro.com
z4a.net
z54y-6yqs.semerudiscovery.com
ztwyqsgdh.dglietou.com
oss118.oss-accelerate.aliyuncs.com
104.18.2.36
104.21.234.187
104.21.234.235
104.21.235.37
104.21.235.38
107.148.194.12
107.148.195.241
134.195.197.167
134.195.197.62
137.175.69.133
142.4.127.78
149.104.32.243
172.67.155.86
172.67.156.5
172.67.178.87
172.67.199.210
192.74.227.226
192.74.232.140
192.74.245.123
198.2.195.83
198.2.204.100
198.2.209.177
198.204.238.227
199.180.100.129
2600:9000:2209:d800:14:1855:3780:93a1
2606:4700:3038::6815:eaea
38.145.218.136
46.253.6.155
66.187.192.172
66.187.193.68
01fba89e81cfb0d43eb6493527805b3c3f27542c84e01a1248d8b86a7a2ce6c7
0414a80b05b71cf0d7ac2e0d83b57bb02a1e88fc2dd63beb72b194878704c095
079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f
07f1155d221c173368f9664a6f9b5694327020f336f8e9d2db4bbeae6d3f9d7d
0b9ddf988a8320200b6b618aa65eec4a4df40438c9a385b7bea7bd1630e5618a
0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74
0e5657cc2ec3ecac3778320c237fddff1088d196dd598f11cef88d7af6ba9d02
0fada6383084eea37080722a0b38e8bbb5c22b5e96c5c1a30e7132d501bebbfe
1104e712e03efa5a2d26d91c4a5e9c4520565ab74502e2cec9f8bb95331907c1
15ef4efb4ab43fa39fda5ad4a1b44381278da9d3cced7652fef6520e37535d88
1936c27bacc5c82d91f4fd12748ba5ad3350a265e41abf44f62abe9449fd2e1e
1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df
1c2b321436b5c522dba68fc956062153ff87867c777f434d2f2b75c575c91661
2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a
2c38ff94e9acc4d3c3e7c23f8b3e77928735ccb963b7852845c1897e1cb8397f
3021fb252ad35d85b4528031714d988ae09b0b3eb118ccf2426c56f0ba4f84ca
375df959b600f852811683d290fa3cb6e90cedf389ff9cb277b804ff5f68b4dd
37819646264a5a312285098c6f10efd89b050abc62f4faad27888fb001855fc4
379b79374fd85419732e9048da588738ef21b50c15673af1160e98cf44a6fd66
38a61d4dc9225e1e5238802b7ad3ce36952ededf39b0ce6509a3a210555bc42d
3dd447444516a3a7bb51016f53b9d5e51f5e2630382cd45e7cd7aa4f7d73210e
3e6efe0815c9ea5b4502dd6c714ad9b2d6a191c7ca9b6bb15da50201f744edaf
4cdf356ad9f1f5001648aeb99e27f0f78109625b2bf83910e387822c1c024186
52b8837323d9374394d291385c18083fd0cc772fe019fea172d2c3176d2ae1fd
5754a557446c93493bac7a65f4b3ec1e9bce67e2da63ffa61a32b174a9cc6671
5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e
618e8d0e1af3c701b02c897b1353c8c026a785e97eb4f76647342a1c98e32d3a
66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e
670dc3bdc0213b1023bed982cba997a4b219a46642c97d7b51424a5647b02d09
6827fad733b3b1ae8c84f554c4cdcfafcf5d80f9e81886f587390eac72cbf5a3
6ad6a5b9d23c162842eacf0792adb7651d8b232d321207de3bfb0b62dc830864
6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11
6cd8f1af5a0fbf8ad900df3c173f1738929b115a84245b71c945f193d298df2f
7258ca0727e3213dcc632719b008ae0a03845e123214a881be9cf7d6ba0fa125
789fecee97496327e0a92bba6935a848b6b48abbe5b60296d7de8a5aa0bddc73
7aba29366a261480736a289f19748f4c063cb9b1d23440b4ac77f6d797ea070f
7c2e91e0c01dedc90326bb79e88f933ddec44c0404cdb8975500eb206bba4dc5
7e6a8c633bcc65aff1d931ecae80b99d3a3e4323387a96c13ec959c6fcfe791a
7f20f879aa61a695f2ead08efc741e3749e4866926f11ce930505b1d9f4d6b34
93c462ff86304122941c8587eddf51f3dd58f84b7660e6df58d4432768a9881b
9ad7f8d84ca78884cc819bffdbdbd4f9d9c3c9add8a4a91e5e54a6aa6590bddb
9f47cb14e759d2e75e90c421e6f382626c3978cc676b5ec9ff792ae7d09e331a
a34f9448e801cbb09648b7f84b23ed4c99f350d45b388f02eb94619405d06dd9
a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef
ab2cd080a261ee4c75d7677666efcbd3496ab2e3d3595122ff3b98dc9e51cdd5
ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a
aeb12ddd33057f62b5b58d203d40947ddc711feefa77c62e0998ecb5b61b69bc
b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8
b3c1487a4dc0bb8f182ae99cdbc7ae6d50e78fc4ae12aad752704f47cf482eae
b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d
b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409
b74753e038b1e7455a308bc79112beb7615f6b853ae5ffb6bf88e92b81ccc997
b7efb321f18d47784d0acc92b8b29c7f5444f18874f9d28c4fde985f9d488d7a
c131eeb45d5ef0c50bbd376d618ac73fc3eb31d9fa0a21398a474748091d48e1
c3e192e3723193ba163c47df28401d03a95b20a26cebc13cad1025f23dc9b0b5
c45b2b4feb9fee119048ed9262fe42e7633ed8dbc19442e1cef173afd41b33bb
c95eb8a826fb9a101d03b69f2cd6abd2dd58e3298771f9274eabfee620ee7002
d1cdacfca4acb6ba851ec84e1bce56863166d935a784ed89a7c381046cd1417f
d580aa056de9feef2e9d5633d1d10d93b78b3185db715865f4bbc2dd0d733fa6
d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5
d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558
d7a22354aeb342419133a53eab028575c7572dc21461430c719287aa017db547
daf6d005b90cef0c3554059480c79555bcb6ec6968ee5392889fdd15dc6eb7a2
dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd
dc275b7fde01a28c190c792ec1d1e3fe80972043854c0a4d231e23a6069f2583
dce826e006580a87880617fa0f71161975fcc4d5a9839c868e11613fd5820fc7
dfcb757c7bfe5360d79c7e57f83d43e22d2e1d934c1313abfc26f899643edbcd
e1f74045632ee290caf59fb945c1dbd1ef7431e05863c71c4ea05c3800654d40
e4cc67588b583296adfce78f7999d1395eff290ecf1125a76bcab7f09ada2065
faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

z54y-6yqs.semerudiscovery.com Open in urlscan Pro 66.187.193.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

257 Requests

85 %HTTPS

7 %IPv6

28 Domains

31 Subdomains

31 IPs

4 Countries

64827 kBTransfer

64880 kBSize

1 Cookies

1 Outgoing links

Redirected requests

257 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

z54y-6yqs.semerudiscovery.com Open in urlscan Pro
66.187.193.68 Public Scan

Screenshot
Live screenshot

Full Image

257
Requests

85 %
HTTPS

7 %
IPv6

28
Domains

31
Subdomains

31
IPs

4
Countries

64827 kB
Transfer

64880 kB
Size

1
Cookies

257 HTTP transactions
0 data transactions