y7a5c5.com Open in urlscan Pro
104.18.42.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://send-flowers-first.com/
Effective URL:
https://y7a5c5.com/main?ch=40627
Submission: On December 11 via api (December 11th 2024, 10:02:33 am UTC) from BE — Scanned from IL

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 49 HTTP transactions. The main IP is 104.18.42.115, located in and belongs to CLOUDFLARENET, US. The main domain is y7a5c5.com.
TLS certificate: Issued by WE1 on November 18th 2024. Valid for: 3 months.

This is the only time y7a5c5.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.21.48.1 104.21.48.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	104.18.42.115 104.18.42.115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.18.95.41 104.18.95.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.18.36.137 104.18.36.137	() ()
49	6

1 104.21.48.1 (None, )

ASN13335 (CLOUDFLARENET, US)

send-flowers-first.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 104.18.42.115 (None, )

ASN13335 (CLOUDFLARENET, US)

r8m2n7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
y7a5c5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.95.41 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.137 (None, )

ASN- ()

api.ycyd123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	r8m2n7.com r8m2n7.com	263 KB
17	y7a5c5.com y7a5c5.com	894 KB
4	ycyd123.com api.ycyd123.com	582 B
4	cloudflare.com 1 redirects cdnjs.cloudflare.com — Cisco Umbrella Rank: 225 challenges.cloudflare.com — Cisco Umbrella Rank: 3147	119 KB
1	send-flowers-first.com send-flowers-first.com	792 B
49	5

	Domain	Requested by
19	r8m2n7.com	send-flowers-first.com r8m2n7.com
17	y7a5c5.com	r8m2n7.com y7a5c5.com
4	api.ycyd123.com	y7a5c5.com
2	challenges.cloudflare.com	1 redirects y7a5c5.com
2	cdnjs.cloudflare.com	y7a5c5.com cdnjs.cloudflare.com
1	send-flowers-first.com
49	6

This site contains no links.

Subject Issuer	Validity	Valid
send-flowers-first.com WE1	`2024-12-07` - `2025-03-07`	3 months	crt.sh
r8m2n7.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
y7a5c5.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
ycyd123.com WE1	`2024-10-13` - `2025-01-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://y7a5c5.com/main?ch=40627
Frame ID: 1851A9AFBC8712831783259E85D2270A
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://send-flowers-first.com/ Page URL
https://r8m2n7.com/?ch=40627 Page URL
https://y7a5c5.com/main?ch=40627 Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

49
Requests

88 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

1
Countries

1277 kB
Transfer

4165 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://send-flowers-first.com/ Page URL
https://r8m2n7.com/?ch=40627 Page URL
https://y7a5c5.com/main?ch=40627 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
send-flowers-first.com/ 242 B
792 B 679ms
345ms Document
text/html 104.21.48.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://send-flowers-first.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90a3b6078f7b53aa239f595b0899bea095b3bab550566e827f7da1add470a553

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f04a37de8ddc22f-TLV
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Wed, 11 Dec 2024 10:02:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Fxfu0l6Wt5%2BZUcK2OTDiBZcMXpyHPXjwtj2yR4FzCvxr6XCA6jeab%2BFDpoIJyNSRdV%2F%2FUKsQXT1hzelv9YyD6DpOw2Zpj2OSYoYmdZ7SPA7e%2F1cFbY1ZpjSxjIwLQOU8vIaZ%2F9gVgRB"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=4905&min_rtt=4731&rtt_var=1283&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4336&recv_bytes=2297&delivery_rate=697976&cwnd=253&unsent_bytes=0&cid=9150f2a417c0330d&ts=497&x=0"
vary: Accept-Encoding

GET
H2 200 / Show response
r8m2n7.com/ 5 KB
3 KB 1209ms
656ms Document
text/html 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r8m2n7.com/?ch=40627
Requested by: Host: send-flowers-first.com
URL: https://send-flowers-first.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Nuxt
Resource Hash: 2cfe37d3063ac6d84100d02c34cb6cff8b388ce2fac28f21643ea331170fd05f

Request headers

Referer: https://send-flowers-first.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 8f04a385492e7d9a-TLV
content-encoding: br
content-type: text/html;charset=utf-8
date: Wed, 11 Dec 2024 10:02:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gbTtWQyPls6iGf78qE1HYNPayZ%2B4Vi8o32IOoH8HWSZzjjicHpMMZsdy6JAJCgDdZnogxLrJkr5YfmKN%2Fz19BZf9A4WndC6wG4jQ5Iv%2FuxT4zuD3ZeCEGWEZFPha"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=3919&min_rtt=3887&rtt_var=846&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4004&recv_bytes=2363&delivery_rate=994082&cwnd=35&unsent_bytes=0&cid=c103af7d11bf8836&ts=697&x=0"
vary: Accept-Encoding
x-powered-by: Nuxt

GET
H2 200 Cu0HX_AA.js Show response
r8m2n7.com/_nuxt/ 96 KB
40 KB 175ms
128ms Script
application/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/Cu0HX_AA.js

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/?ch=40627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c318e6914f231dbdbc65dfadbce972eb471d1a6f1b6235750b88984ddcfdad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://r8m2n7.com
Referer: https://r8m2n7.com/?ch=40627

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"d4c4f32e8934c0d86765ba10d777675a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qG4rL%2Bb8EHTnumifhPayXZAia2tyK4Ut4%2FULdS%2FURe1BDorB9rbm681UzRu1sKREZWBqlYrdhce8eFof145mit74TlfGJkdE8BDcMzRow%2BXoPAhUeloikUfBlBKD"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38a2eeb7d9a-TLV
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3919&min_rtt=3887&rtt_var=277&sent=34&recv=20&lost=0&retrans=0&sent_bytes=21762&recv_bytes=3033&delivery_rate=1592482&cwnd=40&unsent_bytes=0&cid=c103af7d11bf8836&ts=933&x=0"
date: Wed, 11 Dec 2024 10:02:23 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 YEsMPfrR-legacy.js Show response
r8m2n7.com/_nuxt/ 89 KB
36 KB 157ms
111ms Script
application/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/YEsMPfrR-legacy.js

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/?ch=40627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06190daf3e538daeef217f28691ae6eddccf709cc513e43d8eff1013f0a18862

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://r8m2n7.com
Referer: https://r8m2n7.com/?ch=40627

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"43743563a28103bcae897aac89c4dc0b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uS2E586tbUBpxUO1y9jdhhEEUYx74l%2FMX4ha3DSN%2ByCbnNq8XCxLzlCAUe3e24KCn7ezNQWDZs4gugD5lOxnO5olhecFl3%2B5%2Fa9Sc8YYv4oAMIUJKq53TJyJn%2F1W"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38a2eed7d9a-TLV
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3919&min_rtt=3887&rtt_var=277&sent=18&recv=20&lost=0&retrans=0&sent_bytes=6825&recv_bytes=3033&delivery_rate=1592482&cwnd=40&unsent_bytes=0&cid=c103af7d11bf8836&ts=932&x=0"
date: Wed, 11 Dec 2024 10:02:23 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 BpHzTSm_-legacy.js Show response
r8m2n7.com/_nuxt/ 154 KB
58 KB 324ms
278ms Script
application/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/BpHzTSm_-legacy.js

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/?ch=40627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c196f801ba1d18837279526b9f118930f94e8d8c2d54aa22321c92c9495d85a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://r8m2n7.com
Referer: https://r8m2n7.com/?ch=40627

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"cd86f65c2a8137dd2269402bdd8e7a7d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fM7LV6lkDiwz4u5p7kyl5M3gHvJeZH1gjlXABeU7T4Hl8gEOB6xF8Wn3kgRswL%2BF20cFfSvxN2qct3rDPsiGpyFcygSHr8wXi8Hi2%2FD%2F4JwILAlMLCeLRkpMinEz"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38a2ef17d9a-TLV
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3919&min_rtt=3887&rtt_var=277&sent=58&recv=20&lost=0&retrans=0&sent_bytes=45132&recv_bytes=3033&delivery_rate=1592482&cwnd=40&unsent_bytes=41216&cid=c103af7d11bf8836&ts=936&x=0"
date: Wed, 11 Dec 2024 10:02:23 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 aICu0AXk.js Show response
r8m2n7.com/_nuxt/ 158 KB
61 KB 326ms
280ms Script
application/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/aICu0AXk.js

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/?ch=40627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed4f6dad41ae25e9ed007f23a32449ec63008235363e5cad680768a4e99b12ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://r8m2n7.com
Referer: https://r8m2n7.com/?ch=40627

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"0efb6bcd72325523035fd3c025350f4d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3gn%2F7tuAZtCWUrsHNfxGF1PoWVMT94N%2BGyiMFhawVMgEvB8pElgwfzwjLMnnvh%2F%2FaEBQ5Mt1jpyZF6S%2BbNO39mDE8RUv6BgRdNTnzF7F2wB0HxJMeIkhu4xEnBx"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38a2ef47d9a-TLV
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3978&min_rtt=3887&rtt_var=94&sent=78&recv=26&lost=0&retrans=0&sent_bytes=70892&recv_bytes=3033&delivery_rate=4708247&cwnd=56&unsent_bytes=15456&cid=c103af7d11bf8836&ts=937&x=0"
date: Wed, 11 Dec 2024 10:02:23 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 GGfah0dn.js Show response
r8m2n7.com/_nuxt/ 20 KB
10 KB 261ms
216ms Script
application/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/GGfah0dn.js

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/?ch=40627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1a18be61e193719c44ea1d26f8173df15d630a3e581b5b97231590283f06b55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://r8m2n7.com
Referer: https://r8m2n7.com/?ch=40627

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"32a4be07fb364257203ad81af7542c3c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xhxwdE9qW3ASlzQ8GrdcUhvR%2F0aiiQJYAHpTbpGMBlAphk8%2BIKEVNLC4ZsWBu%2F3f1vg4scs39wXfjQr8V91dlYHqdE2%2FpZ3dj%2Fa7HCs9A8tEhHXyTVm4CLVPghhe"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38a2ef57d9a-TLV
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3919&min_rtt=3887&rtt_var=277&sent=58&recv=20&lost=0&retrans=0&sent_bytes=45132&recv_bytes=3033&delivery_rate=1592482&cwnd=40&unsent_bytes=4631&cid=c103af7d11bf8836&ts=934&x=0"
date: Wed, 11 Dec 2024 10:02:23 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 CMQg-MuX.js Show response
r8m2n7.com/_nuxt/ 13 KB
6 KB 377ms
331ms Script
application/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/CMQg-MuX.js

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/?ch=40627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c7c8e0a60afd5191f348e1de02c091cd885b076875b581a8a6a8bf86b8726f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://r8m2n7.com
Referer: https://r8m2n7.com/?ch=40627

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"965c5a65ddd194e1510fd4c3894b9813"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=32jPUGHsjKg6Yz880xOdIZczcK%2Fe4g%2FyG2oIiZUcBr%2FaKoca%2Feu0J%2FbzLDbGTyLTUFC7gh0bolFrHtktLUZ2K6osgRgLCLcpJtxQtdQsGvOLXIGBv28hbl7%2Bpt%2F%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38a2ef67d9a-TLV
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3944&min_rtt=3887&rtt_var=50&sent=130&recv=34&lost=0&retrans=0&sent_bytes=137342&recv_bytes=3033&delivery_rate=9845213&cwnd=80&unsent_bytes=11481&cid=c103af7d11bf8836&ts=938&x=0"
date: Wed, 11 Dec 2024 10:02:23 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Cj862xVT.js Show response
r8m2n7.com/_nuxt/ 384 B
710 B 259ms
232ms Script
application/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/Cj862xVT.js

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/?ch=40627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15842fe1091a48fce474adc7a25380c2bd5326a9d5a5f5c789f8e9bcc023b947

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://r8m2n7.com
Referer: https://r8m2n7.com/?ch=40627

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"46e0ad9d11e5e50d3c8c373d295a84b3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BfmuWeI%2BIctD5%2B%2F79POyibRC5iECyOtnfj0A3omUGX5drhv0LUzgq86xtR8DXlYpP4vAQPCcKuNIg0kfDIHYccbN3y506zppMVqgTi%2B%2B38GSDlS9kUcNzQojcHqT"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38a2ef77d9a-TLV
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3919&min_rtt=3887&rtt_var=277&sent=58&recv=20&lost=0&retrans=0&sent_bytes=45132&recv_bytes=3033&delivery_rate=1592482&cwnd=40&unsent_bytes=14658&cid=c103af7d11bf8836&ts=934&x=0"
date: Wed, 11 Dec 2024 10:02:23 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 B_Wqv3ta-legacy.js
r8m2n7.com/_nuxt/ 0
10 KB 103ms
102ms Other
application/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/B_Wqv3ta-legacy.js

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/?ch=40627

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://r8m2n7.com
Referer: https://r8m2n7.com/?ch=40627

Response headers

content-encoding: br
etag: W/"110f248784c37700e96ac00c0a38f299"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EjeOmMO0%2FuQbu6XqjfJbPad9kd%2Fc1AwJKQWVDb0tPV2%2Fsk2D2w1OMQXEZ4BSfC6gcfCY1VkVs9L7id1jlA8Mi71IrsBFDwffBTIrDJu0tm0Mw7u6p1yPCNBVCKj1"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=77623&min_rtt=75726&rtt_var=13309&sent=17&recv=18&lost=0&retrans=0&sent_bytes=4381&recv_bytes=8008&delivery_rate=271&cwnd=12000&unsent_bytes=0&cid=7e1876ca818fcc4e&ts=750&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 10:02:24 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=4,i
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38e6c27c233-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 BFfI4Gjz-legacy.js
r8m2n7.com/_nuxt/ 0
6 KB 178ms
178ms Other
application/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/BFfI4Gjz-legacy.js

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/?ch=40627

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://r8m2n7.com
Referer: https://r8m2n7.com/?ch=40627

Response headers

content-encoding: br
etag: W/"61fe9c0e130d333d955077fc9541d8b3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3dEEkZn9e0hBA%2BwgDPn%2BHaabN09dA7tPzJss79a8MsJ2V3vepMDSs6UQZPesZcPUX%2FIPTR8QuVqfJ9Ia5GGWKmyCtlVRk2Mit7NfKG6Sw4wyStvJkRmTaPwe4fyA"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=77623&min_rtt=75726&rtt_var=13309&sent=29&recv=18&lost=0&retrans=0&sent_bytes=16133&recv_bytes=8008&delivery_rate=271&cwnd=12000&unsent_bytes=0&cid=7e1876ca818fcc4e&ts=763&x=1", cfExtPri, cfHdrFlush;dur=64
date: Wed, 11 Dec 2024 10:02:24 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=4,i
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38e7c35c233-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 6igjDNGO-legacy.js
r8m2n7.com/_nuxt/ 0
997 B 99ms
98ms Other
application/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/6igjDNGO-legacy.js

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/?ch=40627

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://r8m2n7.com
Referer: https://r8m2n7.com/?ch=40627

Response headers

content-encoding: br
etag: W/"fec42302af708ae628c1e1aeb479b787"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ncO%2BcPNPuWt0N31AVLbQxtl%2FmZFGVaZF%2FVkK5o%2B6b7KfiiVg8b3gxBMMgcmGFossKYuM8MpqvVYibijgpySFvFSURg621Qh1GRqZQBMlYNvqwxEISbVQzvHFAVWp"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=77623&min_rtt=75726&rtt_var=13309&sent=27&recv=18&lost=0&retrans=0&sent_bytes=15089&recv_bytes=8008&delivery_rate=271&cwnd=12000&unsent_bytes=0&cid=7e1876ca818fcc4e&ts=759&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 10:02:24 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=4,i
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38e7c36c233-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 BzIRJCKp-legacy.js
r8m2n7.com/_nuxt/ 0
14 KB 177ms
176ms Other
application/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/BzIRJCKp-legacy.js

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/?ch=40627

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://r8m2n7.com
Referer: https://r8m2n7.com/?ch=40627

Response headers

content-encoding: br
etag: W/"c70010cb0e49cb95d12da89b4dbe8d67"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQLoKRfmhGTggP%2BDF2j6Rpjhw9NkOc7cmYYMIwRCvuzz8JSKKS77kWysxLOOKWw5x9uPjsQPaf0RZboBib9WQpf7svwMDOCWZdvVRoMZSN3%2BPBEJpJspDX1bQWy5"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=77623&min_rtt=75726&rtt_var=13309&sent=29&recv=18&lost=0&retrans=0&sent_bytes=16133&recv_bytes=8008&delivery_rate=271&cwnd=12000&unsent_bytes=0&cid=7e1876ca818fcc4e&ts=769&x=1", cfExtPri, cfHdrFlush;dur=58
date: Wed, 11 Dec 2024 10:02:24 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=4,i
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38e7c38c233-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 DUbMBqg6-legacy.js
r8m2n7.com/_nuxt/ 0
5 KB 176ms
175ms Other
application/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/DUbMBqg6-legacy.js

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/?ch=40627

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://r8m2n7.com
Referer: https://r8m2n7.com/?ch=40627

Response headers

content-encoding: br
etag: W/"d1851cc0d47d606bad6c18deb36f024c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZAdFWWPQXUuoW6Kykl2m3PuodGFUJWPbmjkCDQBOE6bFTMKyL8dObqbIur1H%2FwD3Nx%2B8LeqojgPAORZdnShRGjIYvKx3UJ%2BhncLXIchtbZCKsfKPpPNzJjBh22ih"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=77623&min_rtt=75726&rtt_var=13309&sent=29&recv=18&lost=0&retrans=0&sent_bytes=16133&recv_bytes=8008&delivery_rate=271&cwnd=12000&unsent_bytes=0&cid=7e1876ca818fcc4e&ts=765&x=1", cfExtPri, cfHdrFlush;dur=62
date: Wed, 11 Dec 2024 10:02:24 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=4,i
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38e7c3bc233-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 uso_ElAT-legacy.js
r8m2n7.com/_nuxt/ 0
3 KB 176ms
175ms Other
application/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/uso_ElAT-legacy.js

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/?ch=40627

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://r8m2n7.com
Referer: https://r8m2n7.com/?ch=40627

Response headers

content-encoding: br
etag: W/"f9e91ff589e6ad8973be05fec6f6b176"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ihP2jHiyZzqrC%2BRCj2JcRR%2BZNsEvAAa4NiPViRGNo98S98uiJXWq5wTpybljrM2lgrjO5M1Qepb55wOI%2Bcihvc08pE2lr0Iu%2BoaRTghjt2Dpae8Xc61%2FdWxfvjk"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=77623&min_rtt=75726&rtt_var=13309&sent=29&recv=18&lost=0&retrans=0&sent_bytes=16133&recv_bytes=8008&delivery_rate=271&cwnd=12000&unsent_bytes=0&cid=7e1876ca818fcc4e&ts=768&x=1", cfExtPri, cfHdrFlush;dur=59
date: Wed, 11 Dec 2024 10:02:24 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=4,i
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38e7c3dc233-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 7G5qPtoe.js
r8m2n7.com/_nuxt/ 0
4 KB 177ms
175ms Other
application/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/7G5qPtoe.js

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/?ch=40627

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://r8m2n7.com
Referer: https://r8m2n7.com/?ch=40627

Response headers

content-encoding: br
etag: W/"0f129817c56731f9a45918be3c39a144"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MssI321c7bKovB7qQB0k5UQtMrCc8zNmlPEEVoISavLcbvwXzX9wAHc%2BVRuKVL1h4njRUQlxKvOi6bPyGkDj7p4RNXDUlvhLR%2BM5G9KBviR9PlKccwOK9Mx3Y7ow"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=77623&min_rtt=75726&rtt_var=13309&sent=29&recv=18&lost=0&retrans=0&sent_bytes=16133&recv_bytes=8008&delivery_rate=271&cwnd=12000&unsent_bytes=0&cid=7e1876ca818fcc4e&ts=768&x=1", cfExtPri, cfHdrFlush;dur=59
date: Wed, 11 Dec 2024 10:02:24 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=4,i
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38e7c3fc233-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 DBwpRuPD.js
r8m2n7.com/_nuxt/ 0
2 KB 177ms
175ms Other
application/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/DBwpRuPD.js

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/?ch=40627

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://r8m2n7.com
Referer: https://r8m2n7.com/?ch=40627

Response headers

content-encoding: br
etag: W/"915da2f3d273ce4410ca512c13eb3c1d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XVa2BGzxj6GsheSHRg%2Fs6N2pdH5a6NBFYS6BWvxcTnCuixhIv2ei0b9K%2BcPCvKKkBcRGHMjxS1BKGzal0djtoxn78mzW5rvNAdw5qeWMa0PCAT0KrkYJNTLBx9CW"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=77623&min_rtt=75726&rtt_var=13309&sent=29&recv=18&lost=0&retrans=0&sent_bytes=16133&recv_bytes=8008&delivery_rate=271&cwnd=12000&unsent_bytes=0&cid=7e1876ca818fcc4e&ts=765&x=1", cfExtPri, cfHdrFlush;dur=62
date: Wed, 11 Dec 2024 10:02:24 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=4,i
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38e7c41c233-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 index.DokOj3jQ.css
r8m2n7.com/_nuxt/ 494 B
974 B 130ms
130ms Stylesheet
text/css 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/index.DokOj3jQ.css

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/_nuxt/aICu0AXk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34a3f23956c2a665cf8f8bf36d7b7dea28d04e3ceed26cdf8a3db8e56f8fb3ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://r8m2n7.com
Referer: https://r8m2n7.com/?ch=40627

Response headers

content-encoding: br
etag: W/"92471d573f769267c7bbed4a3016bb5e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qw1Bd%2Bzu5WACdBpr0nKCh%2F5GNx%2FqiXCV6iKAHuWdJamW6VESGPTjrbqtayjmUcroIYP%2FI2vFFV7g%2FdjVHpTAI9s5DTdWnZ9DUIFOmykzjrm3O7YGhIW2%2FvJeYAxY"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=77623&min_rtt=75726&rtt_var=13309&sent=30&recv=19&lost=0&retrans=0&sent_bytes=16157&recv_bytes=8462&delivery_rate=271&cwnd=12000&unsent_bytes=0&cid=7e1876ca818fcc4e&ts=803&x=1", cfExtPri, cfHdrFlush;dur=24
date: Wed, 11 Dec 2024 10:02:24 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38ecc95c233-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 6e7f7928-088e-4237-b483-dc42fa34de36.json
r8m2n7.com/_nuxt/builds/meta/ 139 B
850 B 149ms
149ms Fetch
application/json 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/_nuxt/builds/meta/6e7f7928-088e-4237-b483-dc42fa34de36.json

Requested by

Host: r8m2n7.com
URL: https://r8m2n7.com/_nuxt/aICu0AXk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://r8m2n7.com/?ch=40627

Response headers

content-encoding: br
etag: W/"7cc41dc2b69e17da4816ba11f5fdf0dc"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C9OLBJS%2FnllJ%2BFNGq1EIjer9wRgQdZ8x4GWxic9tfJ%2FvGg8nww7TIgNuUAoencPfsIm4DeYOitJjp82LiXd8vjruUIPn8H4W6CmYV9xwDLKL8peIDBwU3D1MUtP6"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=89044&min_rtt=75726&rtt_var=5912&sent=64&recv=32&lost=0&retrans=0&sent_bytes=52181&recv_bytes=9863&delivery_rate=117592&cwnd=24000&unsent_bytes=0&cid=7e1876ca818fcc4e&ts=940&x=1", cfExtPri, cfHdrFlush;dur=52
date: Wed, 11 Dec 2024 10:02:24 GMT
content-type: application/json
vary: Accept-Encoding
priority: u=1,i
cache-control: public, max-age=31536000, immutable, public, max-age=1, immutable, public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38fad80c233-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 favicon.ico
r8m2n7.com/ 4 KB
1 KB 139ms
139ms Other
image/vnd.microsoft.icon 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r8m2n7.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://r8m2n7.com/?ch=40627

Response headers

content-encoding: br
etag: W/"eb0ac4ca53d79290163968630addb1d5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9oZBxZvw3Bm%2BLmVJtXdHVGwh1gJtdRQ45viexb64GfiO9dqEcqxkDYfR7wq26Vh%2F7TaxrBiNB2LKDOMtBST37vPhwaJHCxY7ZsNZ930dbNsSp0SUAIWI7dGbxIri"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=89044&min_rtt=75726&rtt_var=5912&sent=64&recv=32&lost=0&retrans=0&sent_bytes=52181&recv_bytes=9863&delivery_rate=117592&cwnd=24000&unsent_bytes=0&cid=7e1876ca818fcc4e&ts=954&x=1", cfExtPri, cfHdrFlush;dur=38
date: Wed, 11 Dec 2024 10:02:24 GMT
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
priority: u=1,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f04a38fbd8fc233-TLV
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Primary Request main Show response
y7a5c5.com/ 5 KB
3 KB 2527ms
1850ms Document
text/html 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/main?ch=40627
Requested by: Host: r8m2n7.com
URL: https://r8m2n7.com/_nuxt/aICu0AXk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9a01dc959e08cc5b6bdd3f47878d0dc0983f2e45250a92547df9e2cfe068912

Request headers

Referer: https://r8m2n7.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-ray: 8f04a3956ad57d9a-TLV
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 11 Dec 2024 10:02:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZexdg6JZev1dlzyDV3UQJNXnT69x2m0PUr%2BjcZMnUZfd5xzqkDxkcUH3UxKLIwWH5dqU8mIIEUJODHQI95yqsVsXH0I%2Bi3xYbY102KaG0T4ocnT%2F3g73toBsEv1"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=3915&min_rtt=3897&rtt_var=836&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4013&recv_bytes=2358&delivery_rate=990261&cwnd=35&unsent_bytes=0&cid=e272fc2e75f0a790&ts=2012&x=0"
vary: Accept-Encoding
x-data-time: 1650ms
x-from: R2
x-r2-path: v50/index.html
x-version: v50

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 188ms
93ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: y7a5c5.com
URL: https://y7a5c5.com/main?ch=40627

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://y7a5c5.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5f-7918"
age: 410933
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uKiF%2F%2BcoDeweEQoEn6iBXHFHz6rFPvPX%2FOKNHwK0a5fHtzSs0v1cwlibTzFiFuo6ASQIqIX%2FShc%2BJWGgtvGkD7VqsFWk%2FM%2FNyX%2BrCZTX%2Fe2XlTMkDgw1uSqoXE0RLYPCdQfJdB14"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 01 Dec 2025 10:02:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 11 Dec 2024 10:02:27 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f04a3a21fa2c224-TLV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5631
server: cloudflare

GET
H2 200 mini.js Show response
y7a5c5.com/ 466 KB
141 KB 719ms
712ms Script
text/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/mini.js
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/main?ch=40627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4c26210c0347a902e40b557af13bc633a8950292b1e787fb3dbf2c025b2874e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://y7a5c5.com/main?ch=40627

Response headers

x-data-time: 461ms
x-version: v50
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-from: R2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CDtlKXli1qFqwgSvOosf1fbwoLtgvJHDoSNbSnXcvgzui%2B2IVdax8PmyTdmSIOy3t%2F97N%2BjX2d3SNGhy8qMQwguDVKvXVMD6nTDJ0ok9Y4HXdRF5omHYGE3HhjtR"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f04a3a18fb87d9a-TLV
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3918&min_rtt=3860&rtt_var=22&sent=640&recv=207&lost=0&retrans=0&sent_bytes=718784&recv_bytes=2984&delivery_rate=13457162&cwnd=247&unsent_bytes=0&cid=e272fc2e75f0a790&ts=2671&x=0"
date: Wed, 11 Dec 2024 10:02:27 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-r2-path: v50/mini.js
server: cloudflare

GET
H3

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js
https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js

47 KB
16 KB

104ms
89ms

Script
application/javascript

104.18.95.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/main?ch=40627
Protocol: H3
Server: 104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://y7a5c5.com/

Response headers

server: cloudflare
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding: br
cross-origin-resource-policy: cross-origin
cf-ray: 8f04a3a6cc1c7da1-TLV
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 11 Dec 2024 10:02:28 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 03 Dec 2024 18:31:41 GMT
vary: Accept-Encoding
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location: /turnstile/v0/g/f9063374b04d/api.js
cross-origin-resource-policy: cross-origin
cf-ray: 8f04a3a5fb3c7da1-TLV
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Wed, 11 Dec 2024 10:02:28 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2 200 adAnalytics.js Show response
y7a5c5.com/ 7 KB
3 KB 479ms
473ms Script
text/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/adAnalytics.js
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/main?ch=40627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f99592f1e1d933dd836158720ba5a971eac815767df96e234ae2303580d00b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://y7a5c5.com/main?ch=40627

Response headers

x-data-time: 209ms
x-version: v50
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-from: R2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xf7L%2FW8B6HCwlHCOJv7O9RLvLU775%2FHD%2FPgs7uUVWwkc%2FNCy7koZO975CFLcAuHo2UF8p1R7M52kJeUSzjeQYbS%2BMJw5VK4vtI%2B6sQqgpxUNh5rdWBi9SDM5rsxv"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f04a3a18fb37d9a-TLV
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3898&min_rtt=3861&rtt_var=23&sent=107&recv=48&lost=0&retrans=0&sent_bytes=100735&recv_bytes=2984&delivery_rate=13457162&cwnd=117&unsent_bytes=0&cid=e272fc2e75f0a790&ts=2415&x=0"
date: Wed, 11 Dec 2024 10:02:27 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-r2-path: v50/adAnalytics.js
server: cloudflare

GET
H2 200 reload.css
y7a5c5.com/appReload/ 4 KB
1 KB 480ms
474ms Stylesheet
text/css 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/appReload/reload.css
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/main?ch=40627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 920cbdf782168b5a13073f919eb275f19884dac5599531b66389575717203046

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://y7a5c5.com/main?ch=40627

Response headers

x-data-time: 215ms
x-version: v50
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-from: R2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AOMHDz9NvDwzvq3Eb0u91JhxGQRNDT3RdyJBA8V6rSAz61W4fGCbWuFlbuBNHq8RnHEcMO8RuupJM7eqnvZu%2BXh8%2B3VIvayCWmSYYTWi7I0ULRv8%2Bxk6ZkM0PsU7"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f04a3a18faf7d9a-TLV
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3898&min_rtt=3861&rtt_var=23&sent=109&recv=48&lost=0&retrans=0&sent_bytes=101240&recv_bytes=2984&delivery_rate=13457162&cwnd=117&unsent_bytes=0&cid=e272fc2e75f0a790&ts=2416&x=0"
date: Wed, 11 Dec 2024 10:02:27 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-r2-path: v50/appReload/reload.css
server: cloudflare

GET
H2 200 index-Bkppl912.js Show response
y7a5c5.com/assets/ 3 MB
650 KB 302ms
297ms Script
text/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/assets/index-Bkppl912.js
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/main?ch=40627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dd6caac02353e3123ee7ca17f67c630cd79a19da35b2ac1273c0b7c39426395

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://y7a5c5.com
Referer: https://y7a5c5.com/main?ch=40627

Response headers

x-data-time: 190ms
x-version
cache-control: public, max-age=86400, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-from: R2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kkxh4lG62IrER1xtPFGbWJ3pWLrW9xAa0tepkPbs80yI4pn1HCJy1%2FaGoR31BCfe4iwl7aIWVG%2F3%2BYL%2BZk5h%2BIJRzkgeiOe2D4X7foULENvEd1Qd9zQFG1%2BRq81y"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f04a3a18fb57d9a-TLV
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3918&min_rtt=3880&rtt_var=279&sent=18&recv=20&lost=0&retrans=0&sent_bytes=7084&recv_bytes=2984&delivery_rate=1612822&cwnd=40&unsent_bytes=0&cid=e272fc2e75f0a790&ts=2402&x=0"
date: Wed, 11 Dec 2024 10:02:27 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-r2-path: assets/index-Bkppl912.js
server: cloudflare

GET
H2 200 index-DnaE2Ix2.css
y7a5c5.com/assets/ 257 KB
38 KB 325ms
320ms Stylesheet
text/css 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/assets/index-DnaE2Ix2.css
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/main?ch=40627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 725bcd6233e7b413f00c3fe37733c0a46b4e7ea60909ee331d75772e6b553d57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://y7a5c5.com
Referer: https://y7a5c5.com/main?ch=40627

Response headers

x-data-time: 202ms
x-version
cache-control: public, max-age=86400, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-from: R2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P4jJXbhlP%2FMBkkAs8G3xtMc9eXMJIOGmnIT%2BSpp4W7bacNvf7CaCCX2%2BXM%2FWR5%2FyfcOZ8sWbclp7UY%2Fhu%2B3NkmW0RiXgI1H9uPziYT7z4D%2FcvRWye9dM36yl%2BG5H"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f04a3a18fb07d9a-TLV
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3918&min_rtt=3880&rtt_var=279&sent=34&recv=20&lost=0&retrans=0&sent_bytes=19459&recv_bytes=2984&delivery_rate=1612822&cwnd=40&unsent_bytes=0&cid=e272fc2e75f0a790&ts=2403&x=0"
date: Wed, 11 Dec 2024 10:02:27 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-r2-path: assets/index-DnaE2Ix2.css
server: cloudflare

GET
H2 200 version-polling.min.js Show response
y7a5c5.com/ 3 KB
2 KB 718ms
715ms Script
text/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/version-polling.min.js
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/main?ch=40627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9faf673113292d24752db2af256ce2cf2de78bb2c65498675ca7898f7c077b35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://y7a5c5.com/main?ch=40627

Response headers

x-data-time: 472ms
x-version: v50
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-from: R2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xpXyDE4xYs9O4W5TekLl5o75%2F2PmnT59Guk3qp0VD%2BHG81uBPhd12xcaobAkBMJms5GwY4ltk6Rh1GZSvV9%2FiQkyqJXs0HJJW%2BsPh5xJJ4ZxQyMrdwhmBUchRVI"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f04a3a18fb67d9a-TLV
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3967&min_rtt=3860&rtt_var=51&sent=737&recv=222&lost=0&retrans=0&sent_bytes=834702&recv_bytes=2984&delivery_rate=13457162&cwnd=247&unsent_bytes=0&cid=e272fc2e75f0a790&ts=2681&x=0"
date: Wed, 11 Dec 2024 10:02:27 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-r2-path: v50/version-polling.min.js
server: cloudflare

GET
H3 200 index.js Show response
y7a5c5.com/appReload/ 4 KB
2 KB 332ms
330ms Script
text/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/appReload/index.js?v=20241103
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/main?ch=40627
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b2529c653f216397e16fe2519f773a1fe204db22cbbbda5b410e6a9d0047527

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://y7a5c5.com/main?ch=40627

Response headers

content-encoding: br
x-from: R2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnyRqH8XGk1w0m%2BSdcUkC6HBx8KJA%2BDuXzg3%2FWzTqcruQ2YGRIFpKJKzEPLkIFPnIcewON%2F%2BegpGlwWwj9KEElS6Bg2MF6YsPmMZNAmuHwJeHSUPn94CxuoKEmse"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=76779&min_rtt=76175&rtt_var=12504&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4255&recv_bytes=5339&delivery_rate=275&cwnd=12000&unsent_bytes=0&cid=4c5c3bba3e3d6886&ts=836&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 10:02:28 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=3,i=?0
x-data-time: 206ms
x-version: v50
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f04a3a5191dc22c-TLV
server: cloudflare
x-r2-path: v50/appReload/index.js

GET
H3 200 webPushSdk.produce.min.2.1.6.js Show response
y7a5c5.com/ 60 KB
24 KB 337ms
334ms Script
text/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/webPushSdk.produce.min.2.1.6.js
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/main?ch=40627
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ee4947bae28f87f22e0f400ac7ae540d0162c4102402eaafe7d3aa6a3420c7e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://y7a5c5.com/main?ch=40627

Response headers

content-encoding: br
x-from: R2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VNpR5uKbpMGPsFsjFw%2B51UduVi6k%2F32gLLeAsSFd1HPYynL7f%2FgqQqNwRwnqXuzcUWES%2B6989IO2e3AkP8vsRb3BIEcH%2BbwSjFHsZedXEa6oKOnfijNd5uHVhnSs"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=76779&min_rtt=76175&rtt_var=12504&sent=16&recv=12&lost=0&retrans=0&sent_bytes=6528&recv_bytes=5339&delivery_rate=275&cwnd=12000&unsent_bytes=0&cid=4c5c3bba3e3d6886&ts=838&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 10:02:28 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=3,i=?0
x-data-time: 207ms
x-version: v50
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f04a3a52921c22c-TLV
server: cloudflare
x-r2-path: v50/webPushSdk.produce.min.2.1.6.js

HEAD
H3 200 version.js
y7a5c5.com/ 0
0 301ms
300ms Fetch
text/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/version.js
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/version-polling.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://y7a5c5.com/main?ch=40627

Response headers

content-encoding: br
etag: W/"6d36ba2b8cadb0e159a416cb75a62d3d"
x-from: R2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2aZvcUqX8clEHvhqc6Ne74tT3dO30l8s9rPQGrMCBV7%2FDosZidjDUsmyXOAS2KLWg8rBjUucaCoQaLeTV%2BG6pVYTHBqcTDCwRhEEpPNbM7MW6KnZv1%2Bma73VjUTB"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=77799&min_rtt=75800&rtt_var=3635&sent=39&recv=18&lost=0&retrans=0&sent_bytes=31824&recv_bytes=5597&delivery_rate=36620&cwnd=24000&unsent_bytes=0&cid=4c5c3bba3e3d6886&ts=945&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 10:02:28 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=1,i
x-data-time: 179ms
x-version: v50
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f04a3a62aa9c22c-TLV
server: cloudflare
x-r2-path: v50/version.js

GET 281c1203-66eb-487b-9505-100ee140a99a
https://y7a5c5.com/ 0
0

GET fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 0
0

GET
H3 200 fontawesome-webfont.woff
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 96 KB
96 KB 96ms
96ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://y7a5c5.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5f-17ee8"
age: 413170
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kru%2BvOiSx41%2B6dEfVqhIzA2GtteDz%2BuaEgQ8PBWf4MWvghEklMyY%2BgrChx6Gm3YI1ZxQ7MNrBcvmckBWHnNQXijDUJtxtADJH%2BJptIDKqpTDht1%2FpeUCekIT2vnrb7NjV0nVIUgH"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 01 Dec 2025 10:02:29 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 11 Dec 2024 10:02:29 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f04a3ac79457da4-TLV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 98029
server: cloudflare

GET
H3 200 index-8cHp17eF.js Show response
y7a5c5.com/assets/ 1 KB
1 KB 402ms
400ms Script
text/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/assets/index-8cHp17eF.js
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/assets/index-Bkppl912.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 268139cce70b8bb1085aeb23b454b829390f9d680ce5c974b0f37f28fc549191

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://y7a5c5.com
Referer: https://y7a5c5.com/assets/index-Bkppl912.js

Response headers

content-encoding: br
x-from: R2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vtVQc7E3rktAhNbWuISrX0imu5irS88scaMyG9tHqIJhNnhhVYSBW9p0ZtdVaMR%2BKC9hX1kbL4F8cAyXuV2muk2IWy5tdqEPMwdqI%2BpoA9UJ%2BWRpbDunCKWHzs5M"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=82258&min_rtt=75800&rtt_var=5790&sent=43&recv=28&lost=0&retrans=0&sent_bytes=33362&recv_bytes=6784&delivery_rate=49784&cwnd=24000&unsent_bytes=0&cid=4c5c3bba3e3d6886&ts=2117&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 10:02:29 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=1,i=?0
x-data-time: 205ms
x-version
cache-control: public, max-age=86400, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f04a3acee62c22c-TLV
server: cloudflare
x-r2-path: assets/index-8cHp17eF.js

GET
H3 200 web-BQtwfi5r.js Show response
y7a5c5.com/assets/ 2 KB
2 KB 298ms
293ms Script
text/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/assets/web-BQtwfi5r.js
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/assets/index-Bkppl912.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c93e7275433f7db4ded57b795b9f9e802738e8c16a68d274c9027353040347c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://y7a5c5.com
Referer: https://y7a5c5.com/assets/index-Bkppl912.js

Response headers

content-encoding: br
x-from: R2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mg5YvUf1K3jOGaKzqUQ4Rj2IYlc%2BC%2FDWXmk5m3ZuWTy%2Ba3qd%2FpcMDDucPBXZYdsbyzAT6FbPk4kSKPYSO1lR%2B4QR8x3T1J%2FLkgG%2FcXckpYyP%2FLxdhcRqNSib%2Fl2M"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=85365&min_rtt=75800&rtt_var=8287&sent=48&recv=33&lost=0&retrans=0&sent_bytes=34989&recv_bytes=8217&delivery_rate=6395&cwnd=24000&unsent_bytes=0&cid=4c5c3bba3e3d6886&ts=2554&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 10:02:29 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=1,i=?0
x-data-time: 199ms
x-version
cache-control: public, max-age=86400, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f04a3b01c4ec22c-TLV
server: cloudflare
x-r2-path: assets/web-BQtwfi5r.js

GET
H3 200 index9-BUmwIm98.js Show response
y7a5c5.com/assets/ 2 KB
2 KB 288ms
288ms Script
text/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/assets/index9-BUmwIm98.js
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/assets/index-Bkppl912.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc8eaa232ec0d9643a1e2e252e0fb127faecec3f5ce5812c1b0b12daa7b13b73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://y7a5c5.com
Referer: https://y7a5c5.com/assets/index-Bkppl912.js

Response headers

content-encoding: br
x-from: R2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQ%2BFN9KuxRj2zmkX7FAGBHOi%2FYJApy391Wv3asIBsXD5xiFx8LnlyqKpq4iGxQH%2FBlJA%2BgPutRFn7syVOo5CqOBJQFrdXQSl0u%2FgRTlnJK5LRGnzJe4C0ILKEtU5"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=85365&min_rtt=75800&rtt_var=8287&sent=50&recv=33&lost=0&retrans=0&sent_bytes=36799&recv_bytes=8217&delivery_rate=6395&cwnd=24000&unsent_bytes=0&cid=4c5c3bba3e3d6886&ts=2567&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 10:02:30 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=1,i=?0
x-data-time: 192ms
x-version
cache-control: public, max-age=86400, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f04a3b03c76c22c-TLV
server: cloudflare
x-r2-path: assets/index9-BUmwIm98.js

GET
H3 200 pt_BR-BPfrtfZu.js Show response
y7a5c5.com/assets/ 56 KB
20 KB 282ms
281ms Script
text/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/assets/pt_BR-BPfrtfZu.js
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/assets/index-Bkppl912.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9110b355a55870f3c7a8e5033c874697d73b2aaa653a449748298123529a0dee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://y7a5c5.com
Referer: https://y7a5c5.com/assets/index-Bkppl912.js

Response headers

content-encoding: br
x-from: R2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s6XuwjvlcZBB6bQxbcncm14dfXSu%2FEk7jlgYhf37aleFTqUN%2FYoCvFXEr2SFUNEo1nigj8lVeoMORPwueiOPuFfmGsjEqGddo2LRR7nsdgCrl1wQyyHwQdpRoEsZ"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=84699&min_rtt=75641&rtt_var=7584&sent=53&recv=35&lost=0&retrans=0&sent_bytes=38416&recv_bytes=8303&delivery_rate=11659&cwnd=24000&unsent_bytes=0&cid=4c5c3bba3e3d6886&ts=2666&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 10:02:30 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=1,i=?0
x-data-time: 190ms
x-version
cache-control: public, max-age=86400, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f04a3b0dd78c22c-TLV
server: cloudflare
x-r2-path: assets/pt_BR-BPfrtfZu.js

GET
H2 405 tenant.domainInfo Show response
api.ycyd123.com/api/frontend/trpc/ 28 B
299 B 102ms
86ms Fetch
text/html 104.18.36.137

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ycyd123.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22y7a5c5.com%22%7D%7D
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/mini.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.137 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d242137194749db304b6167388d502e8718f2491f5838c98f86b078d57b1eaa

Request headers

Authorization: Bearer null
sign: 28a76b9276cecd2002edad982b7463f01613e861a226e
tenantId
Referer: https://y7a5c5.com/
X-Trace-ID: NJ4PCYEF
X-Device-Type: DesktopOS
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
channelId: 40627
Client-Language
X-Tag

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
cf-ray: 8f04a3bb5a22c233-TLV
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 28
date: Wed, 11 Dec 2024 10:02:31 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: *

GET
H2 405 channel.info Show response
api.ycyd123.com/api/frontend/trpc/ 28 B
283 B 104ms
86ms Fetch
text/html 104.18.36.137

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ycyd123.com/api/frontend/trpc/channel.info?input=%7B%22json%22%3A%7B%22id%22%3A%2240627%22%2C%22tenantId%22%3A0%2C%22domain%22%3A%22y7a5c5.com%22%7D%7D
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/mini.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.137 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d242137194749db304b6167388d502e8718f2491f5838c98f86b078d57b1eaa

Request headers

Authorization: Bearer null
sign: 93c386ebcf018b08ceb7b4b34863a648e315e87ec519
tenantId
Referer: https://y7a5c5.com/
X-Trace-ID: CTHH6BGN
X-Device-Type: DesktopOS
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
channelId: 40627
Client-Language
X-Tag

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
cf-ray: 8f04a3bb5a1ec233-TLV
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 28
date: Wed, 11 Dec 2024 10:02:31 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: *

OPTIONS
H2 204 tenant.domainInfo
api.ycyd123.com/api/frontend/trpc/ 0
0 1100ms
140ms Preflight 104.18.36.137

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ycyd123.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22y7a5c5.com%22%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.137 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,channelid,client-language,content-type,sign,tenantid,x-device-type,x-tag,x-trace-id
Access-Control-Request-Method: GET
Origin: https://y7a5c5.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-ray: 8f04a3ba38b9c233-TLV
date: Wed, 11 Dec 2024 10:02:31 GMT
server: cloudflare
vary: Accept-Encoding

OPTIONS
H2 204 channel.info
api.ycyd123.com/api/frontend/trpc/ 0
0 1099ms
140ms Preflight 104.18.36.137

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ycyd123.com/api/frontend/trpc/channel.info?input=%7B%22json%22%3A%7B%22id%22%3A%2240627%22%2C%22tenantId%22%3A0%2C%22domain%22%3A%22y7a5c5.com%22%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.137 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,channelid,client-language,content-type,sign,tenantid,x-device-type,x-tag,x-trace-id
Access-Control-Request-Method: GET
Origin: https://y7a5c5.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-ray: 8f04a3ba38bbc233-TLV
date: Wed, 11 Dec 2024 10:02:31 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 swipe-back-DsUnXDje.js Show response
y7a5c5.com/assets/ 682 B
1 KB 311ms
310ms Script
text/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/assets/swipe-back-DsUnXDje.js
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/assets/index-Bkppl912.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8642e7eb7501ae0d43c3acbb8ec372b80268e9984d8237bfd9a6a5e2cb748c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://y7a5c5.com
Referer: https://y7a5c5.com/assets/index-Bkppl912.js

Response headers

content-encoding: br
x-from: R2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aw3729iwN0y%2BB8hthxBHhKIRkEDrO5MgTZhW%2B1M57%2FvGWxry5SbwU3m8UxGACeh4pplZ38zzKeKaLe32QvmGyrKb0qjxzcl139y5j2F2B7msBUfn82K6gCgqZH0K"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=80348&min_rtt=75641&rtt_var=3951&sent=73&recv=47&lost=0&retrans=0&sent_bytes=59833&recv_bytes=9232&delivery_rate=65400&cwnd=24000&unsent_bytes=0&cid=4c5c3bba3e3d6886&ts=4485&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 10:02:31 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=1,i=?0
x-data-time: 213ms
x-version
cache-control: public, max-age=86400, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f04a3bc19f6c22c-TLV
server: cloudflare
x-r2-path: assets/swipe-back-DsUnXDje.js

GET
H3 200 index-DubTS046.js
y7a5c5.com/assets/ 2 KB
2 KB 317ms
316ms Script
text/javascript 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/assets/index-DubTS046.js
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/assets/index-Bkppl912.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://y7a5c5.com
Referer

Response headers

content-encoding: br
x-from: R2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UxqEvg6WtfA5lWzA3cRRC6TXVb163D1ysBIZbOL48ETD0jBQXL%2F0wS4wHkBqTufQD1ptz%2Bx5DdQPPyu%2F8Ko6Y8H7g4uJixu8sildu0cOMJU72EzvLZlEqtQPjfeL"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79865&min_rtt=75641&rtt_var=3929&sent=78&recv=50&lost=0&retrans=0&sent_bytes=63419&recv_bytes=10151&delivery_rate=3977&cwnd=24000&unsent_bytes=0&cid=4c5c3bba3e3d6886&ts=5076&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 10:02:32 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=1,i=?0
x-data-time: 204ms
x-version
cache-control: public, max-age=86400, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f04a3bfcff0c22c-TLV
server: cloudflare
x-r2-path: assets/index-DubTS046.js

GET
H3 200 index-Jof1kgYU.css
y7a5c5.com/assets/ 8 KB
2 KB 316ms
315ms Stylesheet
text/css 104.18.42.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y7a5c5.com/assets/index-Jof1kgYU.css
Requested by: Host: y7a5c5.com
URL: https://y7a5c5.com/assets/index-Bkppl912.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.42.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://y7a5c5.com
Referer: https://y7a5c5.com/launch?ch=40627

Response headers

content-encoding: br
x-from: R2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lN8CuhrIZW%2F%2BipKEeDNtz3catvaIvvWLYFPh09RemaZCKp0E%2FyGy22APNJBLX%2B7BYaIiw%2FxNRetfmFKzPxufv57Rr1d2yCxWFtIVABRCbCyUF7sOOBIBnbffST%2Fu"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79865&min_rtt=75641&rtt_var=3929&sent=76&recv=50&lost=0&retrans=0&sent_bytes=61077&recv_bytes=10151&delivery_rate=3977&cwnd=24000&unsent_bytes=0&cid=4c5c3bba3e3d6886&ts=5075&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 10:02:32 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
x-data-time: 206ms
x-version
cache-control: public, max-age=86400, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f04a3bfcff7c22c-TLV
server: cloudflare
x-r2-path: assets/index-Jof1kgYU.css

GET md.transition-nhShUAIB.js
y7a5c5.com/assets/ 0
0

GET cloud-dark.svg
y7a5c5.com/405/ 0
0

GET limit-dark.png
y7a5c5.com/405/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: y7a5c5.com
URL: blob:https://y7a5c5.com/281c1203-66eb-487b-9505-100ee140a99a

Domain: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Domain: y7a5c5.com
URL: https://y7a5c5.com/assets/md.transition-nhShUAIB.js

Domain: y7a5c5.com
URL: https://y7a5c5.com/405/cloud-dark.svg

Domain: y7a5c5.com
URL: https://y7a5c5.com/405/limit-dark.png

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.r8m2n7.com/	1970-01-21 01:38:33	Name: __cf_bm Value: CHhTGsig2T3Qd.lLAxRoH0LbJvnNilcf9sIJg4g6G90-1733911343-1.0.1.1-njbEtp9UF1Gg9RC9xsTqXFw4S3ZVE1RSDHPBvwAJffj3TeQZQOj523BnfsDDoNfuGejX7PlOHLlfe4KcChNLNA
			.y7a5c5.com/	1970-01-21 01:38:33	Name: __cf_bm Value: KaWOF_7OGzykHI8Nykg.dU6hxfJuzh20zy3oDtvDcqY-1733911347-1.0.1.1-dWKJCK27P2iLf3hmTA8iyv9D.FiNtn9cM73pOE5ZJftaBR6TZ35hLhNUNwMhsnUD7UDHQrq4.pOj9OX1MIfDig

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.ycyd123.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22y7a5c5.com%22%7D%7D Message: Failed to load resource: the server responded with a status of 405 ()
network	error	URL: https://api.ycyd123.com/api/frontend/trpc/channel.info?input=%7B%22json%22%3A%7B%22id%22%3A%2240627%22%2C%22tenantId%22%3A0%2C%22domain%22%3A%22y7a5c5.com%22%7D%7D Message: Failed to load resource: the server responded with a status of 405 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ycyd123.com
cdnjs.cloudflare.com
challenges.cloudflare.com
r8m2n7.com
send-flowers-first.com
y7a5c5.com
cdnjs.cloudflare.com
y7a5c5.com
104.17.24.14
104.18.36.137
104.18.42.115
104.18.95.41
104.21.48.1
06190daf3e538daeef217f28691ae6eddccf709cc513e43d8eff1013f0a18862
15842fe1091a48fce474adc7a25380c2bd5326a9d5a5f5c789f8e9bcc023b947
1b2529c653f216397e16fe2519f773a1fe204db22cbbbda5b410e6a9d0047527
1c318e6914f231dbdbc65dfadbce972eb471d1a6f1b6235750b88984ddcfdad0
1ee4947bae28f87f22e0f400ac7ae540d0162c4102402eaafe7d3aa6a3420c7e
268139cce70b8bb1085aeb23b454b829390f9d680ce5c974b0f37f28fc549191
2c7c8e0a60afd5191f348e1de02c091cd885b076875b581a8a6a8bf86b8726f5
2cfe37d3063ac6d84100d02c34cb6cff8b388ce2fac28f21643ea331170fd05f
34a3f23956c2a665cf8f8bf36d7b7dea28d04e3ceed26cdf8a3db8e56f8fb3ce
3c93e7275433f7db4ded57b795b9f9e802738e8c16a68d274c9027353040347c
725bcd6233e7b413f00c3fe37733c0a46b4e7ea60909ee331d75772e6b553d57
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7dd6caac02353e3123ee7ca17f67c630cd79a19da35b2ac1273c0b7c39426395
8d242137194749db304b6167388d502e8718f2491f5838c98f86b078d57b1eaa
90a3b6078f7b53aa239f595b0899bea095b3bab550566e827f7da1add470a553
9110b355a55870f3c7a8e5033c874697d73b2aaa653a449748298123529a0dee
920cbdf782168b5a13073f919eb275f19884dac5599531b66389575717203046
95f99592f1e1d933dd836158720ba5a971eac815767df96e234ae2303580d00b
9faf673113292d24752db2af256ce2cf2de78bb2c65498675ca7898f7c077b35
a8642e7eb7501ae0d43c3acbb8ec372b80268e9984d8237bfd9a6a5e2cb748c5
a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141
b1a18be61e193719c44ea1d26f8173df15d630a3e581b5b97231590283f06b55
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bc8eaa232ec0d9643a1e2e252e0fb127faecec3f5ce5812c1b0b12daa7b13b73
c196f801ba1d18837279526b9f118930f94e8d8c2d54aa22321c92c9495d85a9
c4c26210c0347a902e40b557af13bc633a8950292b1e787fb3dbf2c025b2874e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9a01dc959e08cc5b6bdd3f47878d0dc0983f2e45250a92547df9e2cfe068912
ed4f6dad41ae25e9ed007f23a32449ec63008235363e5cad680768a4e99b12ac

y7a5c5.com Open in urlscan Pro 104.18.42.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

88 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

6 IPs

1 Countries

1277 kBTransfer

4165 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

y7a5c5.com Open in urlscan Pro
104.18.42.115 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

88 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

1
Countries

1277 kB
Transfer

4165 kB
Size

2
Cookies

49 HTTP transactions
0 data transactions