urlscan.io logo urlscan.io
SecurityTrails logo

semidesru.com Open in urlscan Pro
2606:4700:3032::6815:5760  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nxqet.d9betlink.co/4TwQej1895DZbZ224lsxysoluly14430FVNWLFGECWTTRIS234305TDRA7722i13
Effective URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=142744...
Submission: On December 02 via manual from PH — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3032::6815:5760, located in and belongs to . The main domain is semidesru.com.
TLS certificate: Issued by GTS CA 1P5 on November 6th 2023. Valid for: 3 months.
This is the only time semidesru.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

2    185.246.86.158 (France)

ASN21409 (IKOULA, FR)
PTR: frhb79935ds.ikexpress.com
nxqet.d9betlink.co
1    185.140.54.135 (Kyiv, Ukraine)

ASN200514 (KNOWNSRV, GB)
jinxmux.com
1    50.115.174.121 (None, )

ASN- ()
rhapsodji.com
18    2606:4700:3032::6815:5760 (None, )

ASN- ()
semidesru.com
1    2606:4700:3032::ac43:a954 (None, )

ASN- ()
semidesru.com
1    2606:4700:4400::ac40:93bc (None, )

ASN- ()
kit.fontawesome.com
1    2607:f8b0:4024:c09::5f (None, )

ASN- ()
fonts.googleapis.com
3    2606:4700:e6::ac40:cc14 (None, )

ASN- ()
ka-f.fontawesome.com
2    45.55.126.207 (None, )

ASN- ()
beacon.semidesru.com
Domain Requested by
19 semidesru.com 2 redirects jinxmux.com
semidesru.com
3 ka-f.fontawesome.com kit.fontawesome.com
2 beacon.semidesru.com semidesru.com
2 nxqet.d9betlink.co nxqet.d9betlink.co
1 fonts.googleapis.com semidesru.com
1 kit.fontawesome.com semidesru.com
1 rhapsodji.com 1 redirects
1 jinxmux.com nxqet.d9betlink.co
0 beacon2.profiledatasolutions.com Failed semidesru.com
0 virtualpushplatform.com Failed semidesru.com
31 10

This site contains no links.

Subject Issuer Validity Valid
jinxmux.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-20 -
2024-09-19		 a year crt.sh
semidesru.com
GTS CA 1P5		 2023-11-06 -
2024-02-04		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2023-11-08 -
2024-02-06		 3 months crt.sh
beacon.semidesru.com
R3		 2023-11-14 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Frame ID: 5A7FE65992EFEA7C514B8BDB8EF4463E
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://nxqet.d9betlink.co/4TwQej1895DZbZ224lsxysoluly14430FVNWLFGECWTTRIS234305TDRA7722i13 Page URL
  2. http://nxqet.d9betlink.co/t/4TwQej1895DZbZ224lsxysoluly14430FVNWLFGECWTTRIS234305TDRA7722i13 Page URL
  3. https://jinxmux.com/100835e9e4f5594e000/13/224-1895/14430-234305-7722 Page URL
  4. https://rhapsodji.com/r/6c6b8c37-e224-42e0-9ef8-427f8610b47c/473183/1427446290/13 HTTP 302
    https://semidesru.com/sf/tpl40?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6... HTTP 301
    http://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e... HTTP 301
    https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

31
Requests

81 %
HTTPS

56 %
IPv6

8
Domains

10
Subdomains

8
IPs

2
Countries

464 kB
Transfer

1619 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nxqet.d9betlink.co/4TwQej1895DZbZ224lsxysoluly14430FVNWLFGECWTTRIS234305TDRA7722i13 Page URL
  2. http://nxqet.d9betlink.co/t/4TwQej1895DZbZ224lsxysoluly14430FVNWLFGECWTTRIS234305TDRA7722i13 Page URL
  3. https://jinxmux.com/100835e9e4f5594e000/13/224-1895/14430-234305-7722 Page URL
  4. https://rhapsodji.com/r/6c6b8c37-e224-42e0-9ef8-427f8610b47c/473183/1427446290/13 HTTP 302
    https://semidesru.com/sf/tpl40?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290 HTTP 301
    http://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290 HTTP 301
    https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
4TwQej1895DZbZ224lsxysoluly14430FVNWLFGECWTTRIS234305TDRA7722i13
nxqet.d9betlink.co/ 		458 B
710 B 		Document
General
Check archive.org
Download Go to
Full URL
http://nxqet.d9betlink.co/4TwQej1895DZbZ224lsxysoluly14430FVNWLFGECWTTRIS234305TDRA7722i13
Protocol
HTTP/1.1
Server
185.246.86.158 , France, ASN21409 (IKOULA, FR),
Reverse DNS
frhb79935ds.ikexpress.com
Software
/
Resource Hash
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
458
Content-Type
text/html; charset=utf-8
Date
Sat, 02 Dec 2023 22:55:27 GMT
X-Address
gin_throttle_mw_360000000000_38.132.118.77
X-Ratelimit-Limit
10
X-Ratelimit-Remaining
9
X-Ratelimit-Reset
1701561327
4TwQej1895DZbZ224lsxysoluly14430FVNWLFGECWTTRIS234305TDRA7722i13
nxqet.d9betlink.co/t/ 		264 B
516 B 		Document
General
Check archive.org
Download Go to
Full URL
http://nxqet.d9betlink.co/t/4TwQej1895DZbZ224lsxysoluly14430FVNWLFGECWTTRIS234305TDRA7722i13
Requested by
Host: nxqet.d9betlink.co
URL: http://nxqet.d9betlink.co/4TwQej1895DZbZ224lsxysoluly14430FVNWLFGECWTTRIS234305TDRA7722i13
Protocol
HTTP/1.1
Server
185.246.86.158 , France, ASN21409 (IKOULA, FR),
Reverse DNS
frhb79935ds.ikexpress.com
Software
/
Resource Hash
9bd5da9f6c115b66ea9e0d417d037c0a87e74c9cfe6d4dac19e5134ea3826545

Request headers

Referer
http://nxqet.d9betlink.co/4TwQej1895DZbZ224lsxysoluly14430FVNWLFGECWTTRIS234305TDRA7722i13
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
264
Content-Type
text/html; charset=utf-8
Date
Sat, 02 Dec 2023 22:55:29 GMT
X-Address
gin_throttle_mw_360000000000_38.132.118.77
X-Ratelimit-Limit
10
X-Ratelimit-Remaining
8
X-Ratelimit-Reset
1701561327
14430-234305-7722
jinxmux.com/100835e9e4f5594e000/13/224-1895/ 		144 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jinxmux.com/100835e9e4f5594e000/13/224-1895/14430-234305-7722
Requested by
Host: nxqet.d9betlink.co
URL: http://nxqet.d9betlink.co/t/4TwQej1895DZbZ224lsxysoluly14430FVNWLFGECWTTRIS234305TDRA7722i13
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.140.54.135 Kyiv, Ukraine, ASN200514 (KNOWNSRV, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
http://nxqet.d9betlink.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
144
Content-Type
text/html; charset=UTF-8
Date
Sat, 02 Dec 2023 22:55:33 GMT
Server
Apache
Primary Request /
semidesru.com/sf/tpl40/
Redirect Chain
  • https://rhapsodji.com/r/6c6b8c37-e224-42e0-9ef8-427f8610b47c/473183/1427446290/13
  • https://semidesru.com/sf/tpl40?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
  • http://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
  • https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
47 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Requested by
Host: jinxmux.com
URL: https://jinxmux.com/100835e9e4f5594e000/13/224-1895/14430-234305-7722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
edba09b37f92791a1a25e88dc48f763937290e608e00ae4f4a05571c4d0c5b7f

Request headers

Referer
https://jinxmux.com/100835e9e4f5594e000/13/224-1895/14430-234305-7722
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82f728813d9409ea-MIA
content-encoding
br
content-type
text/html
date
Sat, 02 Dec 2023 22:55:34 GMT
last-modified
Wed, 29 Nov 2023 10:41:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wqto6oagFbG8qih3lAI9AAjJmhHXktw2Vq8%2Ffg06LDzWdQFnA9BB57c9mAHbPGby7%2BhfnzCu%2BDmtM%2FqFjXcQMDTqXcAwAYrs%2Fkz%2FkxnmV2kSm0sU64xM2%2BtAfTwziyOjKF0NrCVG9WWbu04R"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex

Redirect headers

CF-RAY
82f72880eb33495a-MIA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 02 Dec 2023 22:55:34 GMT
Expires
Sat, 02 Dec 2023 23:55:34 GMT
Location
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhmgsGvCY9NkRTAhRRiYFBn5sAxd5cL3ld7AVqkah1vUptdLuExViTmq8xGLU%2BtW0fCxuI3JyAXu9ud8SLp5xwZ9ECk9TbJ8Av0U%2F43u7no5KN2de6murNaXHJVn1Dzt%2FqzKT%2FzJBH%2BF87er"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
268a7048dd.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/268a7048dd.js
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3bd0bb9c81300549973c534de26accf7b6104bed7bee20c8bf0371022dd7c2e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
7
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
82f72882decb0a16-MIA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F5yEZIHnVxL1urJpHA_C
bundle.ee569e5589d457589980.css
semidesru.com/sf/tpl40/ 		96 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://semidesru.com/sf/tpl40/bundle.ee569e5589d457589980.css?t=1701254477189
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b3214f8f7ed43389eb7210cd97475bea937963b740f9e34ec9416f3027ce419e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 10:41:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20286
etag
W/"65671577-17f67"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qqok2WV%2FGnGSjoJsvZQd0YMIYoP7IEuYWOoFlbglKXTG3PdFW26vmuea%2FqYJZ1f3kaDwzJ0gy43mzgAEC42GGmBGD5q%2FfuHm8bKJRbIBYWewvQ4CxBJKN%2B0bQqn8YD2j%2Fxbe%2FRdsfKXwt22R"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
82f728826aff7472-MIA
alt-svc
h3=":443"; ma=86400
expires
Sun, 01 Dec 2024 17:17:11 GMT
us.png
semidesru.com/sf/tpl40/public/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://semidesru.com/sf/tpl40/public/us.png
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cc843ed770419b304f172cb3e3e6181a3000ff813f5e5768d373cc2973f1ab13

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20286
alt-svc
h3=":443"; ma=86400
content-length
11684
last-modified
Wed, 29 Nov 2023 10:41:59 GMT
server
cloudflare
etag
"65671577-2da4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ficb28SuYKBr6VNFrXzWaickaE5E6WbUiKeC%2B5LghaQnqUnUOTokg8S9wom1rqLBZ6ndu49rGXoXsGSBY5sYteYii4Hh9Z9ld%2FhfPhm9hFeFpFLjQmus66T%2BdBoIPYS5zuwSla3zHnzAMwk%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82f728826b027472-MIA
expires
Sun, 01 Dec 2024 17:17:11 GMT
harbor_freight.png
semidesru.com/sf/tpl40/public/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://semidesru.com/sf/tpl40/public/harbor_freight.png
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7ec8133acf0ff012b93ad0e593ff466b94c5609bf3cd54122fb5ac9f572af555

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20282
alt-svc
h3=":443"; ma=86400
content-length
28806
last-modified
Wed, 29 Nov 2023 10:41:59 GMT
server
cloudflare
etag
"65671577-7086"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CkhUO33SbNN7d3mmlQLnsHOzfBGK77NiTW8WAg9%2B08i0NRHHsJO4F7iGy4NueMUwROz%2F9yMOLoM7vqm%2BimCk%2BkTMSdu%2F9JdoXWEsVmA6c%2FuTEA8JBbkaiNAVaxHYKW8WKGuEzZ8E3t88GTD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82f728826b037472-MIA
expires
Sun, 01 Dec 2024 17:17:16 GMT
1.png
semidesru.com/sf/tpl40/public/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://semidesru.com/sf/tpl40/public/1.png
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad0615765bf17bdb85ae307eb8f9eee2e1fb0b600117bdd991a1efe9c834078

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19870
alt-svc
h3=":443"; ma=86400
content-length
1385
last-modified
Wed, 29 Nov 2023 10:41:59 GMT
server
cloudflare
etag
"65671577-569"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WM42uh9Mn7fW%2FvebkWSITHmptGaJ6dU5ut2%2Btd0JMFn7BHSvQ6qWk5R124M4GriWva5%2Bpyhe6CBSEnUWs%2F7UEGdcaRbyBwKanbg4jNG%2BAnTyizgKvk%2BeziH%2BCpvuI8s8PXkvryRJcZwcnYki"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82f728827b3c7472-MIA
expires
Sun, 01 Dec 2024 17:24:07 GMT
vicon.png
semidesru.com/sf/tpl40/public/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://semidesru.com/sf/tpl40/public/vicon.png
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19870
alt-svc
h3=":443"; ma=86400
content-length
8047
last-modified
Wed, 29 Nov 2023 10:41:59 GMT
server
cloudflare
etag
"65671577-1f6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2UqvgSXoUDAvBc8%2BT2KnKikBb5Uoq%2Bcad4PSIBRliZyQm0UFt77KQ3CIYmbTqNhH7VpwvE3ZW9xCqwt19GKnYyhhhxzNbGrybnEZlvzRMhxxpR8%2FEMehFVSn5QvTJWvQS4wg4KF44MFbuws"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82f728827b3e7472-MIA
expires
Sun, 01 Dec 2024 17:24:07 GMT
rate.png
semidesru.com/sf/tpl40/public/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://semidesru.com/sf/tpl40/public/rate.png
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
01244be753151d3f79f3fcb8ee8890e0f1f0c4a7c973381055211ac08fcea5e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19869
alt-svc
h3=":443"; ma=86400
content-length
1865
last-modified
Wed, 29 Nov 2023 10:41:59 GMT
server
cloudflare
etag
"65671577-749"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDsLkLf08NsHML6bfWxkqvXz0P0WdOcAhjuy%2B4zvdMkpWSOGB8H3z6ypHJQqZ0Gdabw8cZItp1qOuSoJxAzcZoNMgWnTuwV1O8stffQUcKc1AA8yPWm0P25%2BDhhAe5FfzsXNLKxw53W%2Ba2cs"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82f728827b407472-MIA
expires
Sun, 01 Dec 2024 17:24:09 GMT
like.png
semidesru.com/sf/tpl40/public/ 		574 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://semidesru.com/sf/tpl40/public/like.png
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
0558b5f0fc535b095184427608371bc64d258f7016b31158795ac5a9d1af7d4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
976290
alt-svc
h3=":443"; ma=86400
content-length
574
last-modified
Tue, 21 Nov 2023 14:06:49 GMT
server
cloudflare
etag
"655cb979-23e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAu07c3nZHhG%2FAA%2B5U0rCUAGY%2Fp%2B%2BMkS4ZKcYsAbI7U9Ppax58NxXpYNJEDM%2BYazwzuO6vSE85ONTxAJVi91icCtd8JMt3dpnBLCLQ9BqmAu1by3UpMAOS%2BOsTTldMtIqBnhhbrtgJMsCU1u"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82f728827b4f7472-MIA
expires
Wed, 20 Nov 2024 15:43:59 GMT
4.png
semidesru.com/sf/tpl40/public/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://semidesru.com/sf/tpl40/public/4.png
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4604e524a2131ee561e13c9fe760267a0bbc64ca91027ab92fd355ff4dc1514d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19870
alt-svc
h3=":443"; ma=86400
content-length
1120
last-modified
Wed, 29 Nov 2023 10:41:59 GMT
server
cloudflare
etag
"65671577-460"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bn21RrBeRuYqKg8uqdWfNyHTdwAnuzr3Bey5F0mlTFxSZXnscdN%2FkDWVJJVsZRmUwkbia5BXCPaz6zA70MfH1ynRXK0f5jkB9Byc7IfRT6vchlM%2BnyYPVWJ0lwYxTgvZzbL5sE1zvrdBrf%2BW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82f728827b537472-MIA
expires
Sun, 01 Dec 2024 17:24:08 GMT
haha.png
semidesru.com/sf/tpl40/public/ 		652 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://semidesru.com/sf/tpl40/public/haha.png
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
0a1c3f998326b59f462d9ae5bb12a05383666fd45daea3b718762b9fc584f281

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19870
alt-svc
h3=":443"; ma=86400
content-length
652
last-modified
Wed, 29 Nov 2023 10:41:59 GMT
server
cloudflare
etag
"65671577-28c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BePwz9UfsYvLrzd8QoeVt38BTXvJuoHitY8Yl05Tpyk9QcMfEaC2SZIdg9p%2Ft1dspghVbb1mLSlUYWQiFfKRP1ngjHBrB7%2B1Lc5GkcyfWx%2Bd3bPMct4Jl6E1w8r42l3dN09T4claKgAfzSt1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82f728827b587472-MIA
expires
Sun, 01 Dec 2024 17:24:08 GMT
3.png
semidesru.com/sf/tpl40/public/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://semidesru.com/sf/tpl40/public/3.png
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7a15c7fd6cff51cb3a08a1b705e578578f16f316835547063e9298a27257936b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19870
alt-svc
h3=":443"; ma=86400
content-length
1399
last-modified
Wed, 29 Nov 2023 10:41:59 GMT
server
cloudflare
etag
"65671577-577"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwdfeYkukS%2FLA%2BTaI%2Fkf1CJVwkkRQ9dQ4%2FICBODvffvGfrPpYsCpwsRLXOcLrSj0hSzY5HnMyQks5HEUxGOo9Tv1lpMQ5SBF7vJ95O5upWo8uDtTwJZpevOjbSV67I3rlpUWLvd5bnVfJkBU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82f728827b5d7472-MIA
expires
Sun, 01 Dec 2024 17:24:08 GMT
heart.png
semidesru.com/sf/tpl40/public/ 		637 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://semidesru.com/sf/tpl40/public/heart.png
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cb3594c88229ba8f2c6d6e982669d4711e4a036affcde2b3251c4df991c315d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19870
alt-svc
h3=":443"; ma=86400
content-length
637
last-modified
Wed, 29 Nov 2023 10:41:59 GMT
server
cloudflare
etag
"65671577-27d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7Nbq50Z68fQLuyjkMb%2F13H2NK5f7B72qMI2NKNC73bP1Vv1cxjCwQbEeXhx5I0QONoIow5ls5ZkV4MGbiWb79bZ7lKW4M%2BcFx0ZENhZM3ZBH247MDWqFRRtkQ9JMHlrfFzgART1AFrWmTo7"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82f728827b5f7472-MIA
expires
Sun, 01 Dec 2024 17:24:08 GMT
visas.png
semidesru.com/sf/tpl40/public/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://semidesru.com/sf/tpl40/public/visas.png
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
597fb65af1d452e7346e3d24adead2908ddf2c3bae4a6ae5c4e7440e33bd39b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19869
alt-svc
h3=":443"; ma=86400
content-length
3947
last-modified
Wed, 29 Nov 2023 10:41:59 GMT
server
cloudflare
etag
"65671577-f6b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuO2fQVK3r6vI4hYE9nubwR3R7uk%2Bqm3gwRrybfoEIslyC2JgvnZPQzROoj%2FCYJnfghj29mOvXy3kaKg0mC8COkHV%2BK%2FBQFCGc7WEnnXN6wJrGirMd4%2BmMRSuXG0i%2FTRv%2FYvfcPRUKgJ3Soi"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82f728827b627472-MIA
expires
Sun, 01 Dec 2024 17:24:09 GMT
email-decode.min.js
semidesru.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://semidesru.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Nov 2023 16:06:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65660ffd-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hesHcMIdW5DqEbt9rDR2vCNLHy5%2F26UE5xCNfkt4cC8f8LsPjTEtCovyE0u86SdwLot4EKDNIRKwGwoIPdWJnldUyJgjLxTDFyxKxrDz7JKsmrEPwrgbL07UZVLttnluQDPwzR%2FgZioa4CSY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
82f728827b417472-MIA
expires
Mon, 04 Dec 2023 22:55:34 GMT
12.367db3ae.chunk.js
semidesru.com/sf/tpl40/js/ 		390 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://semidesru.com/sf/tpl40/js/12.367db3ae.chunk.js
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d67d75bba444a91bb1d38790a8778e2304f2e324c62364bc5e23b26b9518204e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 10:41:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20286
etag
W/"65671577-616be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OOI94OYA5k40MCBJyDnvEtIi3df%2Biw6vpJdMWscCMKEzStU%2F5DYhvMCusmQFtVP3nVyxcMdw8Xv0q5oLjSRdVZPHPz1iBT1o4Wal9satPbq7vaAV9TS4MgeYl%2B3P6zt65Fht5mAPjNbxyZ%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
82f728827b437472-MIA
alt-svc
h3=":443"; ma=86400
expires
Sun, 01 Dec 2024 17:17:11 GMT
app.9cb6b331.js
semidesru.com/sf/tpl40/js/ 		855 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://semidesru.com/sf/tpl40/js/app.9cb6b331.js
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8aa8442498cead700ff515f8e70a8ee4f46fd1e1427862bec9ac642743544a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/sf/tpl40/?logo=214w&item=QN0J&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f&hpcid=1427446290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 10:41:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20286
etag
W/"65671577-d5ab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVjqFQY5GANJ3rwzuP6zhY63dzs3ZHg2S6bQEyUfH3aWA8Uy1ZkNqD2wImLYV3u9DV28kEQI3TVdF2VdGbdI9x5cGZhuM4PalWa8gwzQlxaMMX7LHwQ%2FYFaXk1zU0LCMLd%2BopqynLi9hjZPn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
82f728827b497472-MIA
alt-svc
h3=":443"; ma=86400
expires
Sun, 01 Dec 2024 17:17:11 GMT
css2
fonts.googleapis.com/ 		2 KB
848 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/bundle.ee569e5589d457589980.css?t=1701254477189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4024:c09::5f -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
0cee972f52f443216ed569505738e89b08925201f31b5d7a51783ee9a0dcc785
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Dec 2023 22:55:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 22:21:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Dec 2023 22:55:34 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cc14 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
via
1.1 cebfdc6d2f4a814559743884c0ccf616.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
age
20911
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZ48TB6dvHPpnCIxtBmkmpnYjmJiIhA53Mm8%2FvPJfflDO02%2FyQPO77%2BXB%2BCi7PwxIvUFCaIMvMubjrCEl%2BCh0MPcBqA142gSWCB9PEJ%2FfiIWczUwbjlkqRH098PQEGKctLIXREBWQhLaGT9gTyMHe7cQaA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
82f728839c7e09ba-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
O-3alrFAcPSsOyDV2I1M0jIaeRC2psHNcmuZVmP5Nz5OrCQcmTIZKQ==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cc14 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
via
1.1 d7db6b9cdf796f6ea0cdbe5b3a75c84a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
age
20911
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kAPHj1LeuiqQdRYOVN8hZ24UDMfrfjTZH1TIw5UxUUqlzwAIiDR8FSBMEY2in%2Bopl1DAC7Y%2B5WJoeuYRAMDMvAdeqMOGcXTGSYl2BKYgxMJPDQnC8D6sg8AF150Zqn4hmFNnZSeL2d9MldGueAYfFIOsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
82f728839c7d09ba-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
6wEI0dYpN0a22i4z5kTOjupDYdFuIxqz5Lc12n-IG1FFEflDCYN62w==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cc14 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
via
1.1 221c16f6368b9673111421e368023144.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
age
20911
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2Frr8L3Q3BGaoCWhHA%2FtoHB%2FOLtg%2B3Zl3mSxOdkPosKVwVfzxLXlQWqRzMCnWb2v%2FMFvk6ajVKmXCVN9djpeJFhttL%2BuM0quKr7ioZ%2BTzbIxwCfinrChmVoSXsvYIE9HIRydg1VW%2FLWHxYUYv8h4LCrjcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
82f728839c7c09ba-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
fdoiHr9YoFbWSf0kThpBvP2x92ZKRmYbxlfDO1V0_3gQ1EeTWJWurw==
ace-push.js
virtualpushplatform.com/ 		0
0
walmartv3.png
semidesru.com/sf/tpl40/public/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://semidesru.com/sf/tpl40/public/walmartv3.png
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/bundle.ee569e5589d457589980.css?t=1701254477189
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5760 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
17af54a6c3ee0e09f3d95e6832b43ec4dabf95c6b5f4a64986e21f01f7998004

Request headers

accept-language
en-US,en;q=0.9
Referer
https://semidesru.com/sf/tpl40/bundle.ee569e5589d457589980.css?t=1701254477189
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
969645
alt-svc
h3=":443"; ma=86400
content-length
70773
last-modified
Tue, 21 Nov 2023 14:06:49 GMT
server
cloudflare
etag
"655cb979-11475"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbnoUyCizzApk52Ydl2GxHstJteB5M%2BboWa6ftUlvE2AMT04jIHh%2F%2BNkdDUiCDt%2FCKZl9ojWy7dNr98pRcyyYh3r1F%2Bfq5QiVq0ofm%2B1HC5nrE%2BlxK6IbyYdCee1E61mVNkY1tgjSOlEnDmi"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82f72884af8b7472-MIA
expires
Wed, 20 Nov 2024 17:34:45 GMT
summary
beacon.semidesru.com/geo/ 		128 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.semidesru.com/geo/summary
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/js/12.367db3ae.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.55.126.207 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
30e1a7dcc02f0d55bda0db72d1d6fe2489c3fff4ad861bbd3b0150f1b7abc319
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://semidesru.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
8d2bf684-a4ef-4694-8295-66b74d90b48d
beacon.semidesru.com/g/ 		113 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.semidesru.com/g/8d2bf684-a4ef-4694-8295-66b74d90b48d?logo=walmartv3&hpcid=1427446290&item=QN0J&logo=214w&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f
Requested by
Host: semidesru.com
URL: https://semidesru.com/sf/tpl40/js/12.367db3ae.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.55.126.207 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
2c6b85bf41efd08978b22659f143f1c534827ba755c26be4f82aa658d8dc12ec
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://semidesru.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:55:34 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
lastActivity
beacon2.profiledatasolutions.com/an/ 		0
0
fe02ca4b-c933-4797-b1ea-a6969f51e9a9
beacon.semidesru.com/s/ 		0
0
fe02ca4b-c933-4797-b1ea-a6969f51e9a9
beacon.semidesru.com/s/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
virtualpushplatform.com
URL
https://virtualpushplatform.com/ace-push.js
Domain
beacon2.profiledatasolutions.com
URL
https://beacon2.profiledatasolutions.com/an/lastActivity?id=1427446290
Domain
beacon.semidesru.com
URL
https://beacon.semidesru.com/s/fe02ca4b-c933-4797-b1ea-a6969f51e9a9?requestid=WN5mXlg1-n&destinationid=3242112490&hpcid=1427446290&item=QN0J&logo=214w&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f
Domain
beacon.semidesru.com
URL
https://beacon.semidesru.com/s/fe02ca4b-c933-4797-b1ea-a6969f51e9a9?requestid=WN5mXlg1-n&destinationid=3242112490&hpcid=1427446290&item=QN0J&logo=214w&sub1=473183&sub3=2c23d861-c639-4476-8523-b154e6a1a24f

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Domain/Path Name / Value
jinxmux.com/ Name: uid26604
Value: 1427446290-20231202165533-8afa350a13f6422a7d8358ada7ede90b-

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.semidesru.com
beacon2.profiledatasolutions.com
fonts.googleapis.com
jinxmux.com
ka-f.fontawesome.com
kit.fontawesome.com
nxqet.d9betlink.co
rhapsodji.com
semidesru.com
virtualpushplatform.com
beacon.semidesru.com
beacon2.profiledatasolutions.com
virtualpushplatform.com
185.140.54.135
185.246.86.158
2606:4700:3032::6815:5760
2606:4700:3032::ac43:a954
2606:4700:4400::ac40:93bc
2606:4700:e6::ac40:cc14
2607:f8b0:4024:c09::5f
45.55.126.207
50.115.174.121
01244be753151d3f79f3fcb8ee8890e0f1f0c4a7c973381055211ac08fcea5e4
0558b5f0fc535b095184427608371bc64d258f7016b31158795ac5a9d1af7d4b
0a1c3f998326b59f462d9ae5bb12a05383666fd45daea3b718762b9fc584f281
0ad0615765bf17bdb85ae307eb8f9eee2e1fb0b600117bdd991a1efe9c834078
0cee972f52f443216ed569505738e89b08925201f31b5d7a51783ee9a0dcc785
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a
17af54a6c3ee0e09f3d95e6832b43ec4dabf95c6b5f4a64986e21f01f7998004
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c6b85bf41efd08978b22659f143f1c534827ba755c26be4f82aa658d8dc12ec
30e1a7dcc02f0d55bda0db72d1d6fe2489c3fff4ad861bbd3b0150f1b7abc319
4604e524a2131ee561e13c9fe760267a0bbc64ca91027ab92fd355ff4dc1514d
597fb65af1d452e7346e3d24adead2908ddf2c3bae4a6ae5c4e7440e33bd39b4
5c8aa8442498cead700ff515f8e70a8ee4f46fd1e1427862bec9ac642743544a
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7a15c7fd6cff51cb3a08a1b705e578578f16f316835547063e9298a27257936b
7ec8133acf0ff012b93ad0e593ff466b94c5609bf3cd54122fb5ac9f572af555
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
9bd5da9f6c115b66ea9e0d417d037c0a87e74c9cfe6d4dac19e5134ea3826545
b3214f8f7ed43389eb7210cd97475bea937963b740f9e34ec9416f3027ce419e
cb3594c88229ba8f2c6d6e982669d4711e4a036affcde2b3251c4df991c315d3
cc843ed770419b304f172cb3e3e6181a3000ff813f5e5768d373cc2973f1ab13
d67d75bba444a91bb1d38790a8778e2304f2e324c62364bc5e23b26b9518204e
e3bd0bb9c81300549973c534de26accf7b6104bed7bee20c8bf0371022dd7c2e
edba09b37f92791a1a25e88dc48f763937290e608e00ae4f4a05571c4d0c5b7f
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda