urlscan.io logo urlscan.io
SecurityTrails logo

heard.workingsong.shop Open in urlscan Pro
172.67.191.244  Public Scan

Go To Rescan Add Verdict Report
URL: https://heard.workingsong.shop/
Submission: On January 09 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 38 HTTP transactions. The main IP is 172.67.191.244, located in United States and belongs to CLOUDFLARENET, US. The main domain is heard.workingsong.shop.
TLS certificate: Issued by WE1 on December 12th 2024. Valid for: 3 months.
This is the only time heard.workingsong.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 172.67.191.244 13335 (CLOUDFLAR...)
9 104.18.33.34 13335 (CLOUDFLAR...)
3 3.164.110.50 16509 (AMAZON-02)
1 182.22.28.252 23816 (YAHOO Yah...)
2 2 2600:140b:a00... 20940 (AKAMAI-AS...)
2 2a04:4e42:600... 54113 (FASTLY)
1 2600:140b:a00... 20940 (AKAMAI-AS...)
1 103.151.139.208 138915 (KAOPU-HK ...)
2 104.251.228.16 140042 (IZEC-AS-A...)
1 218.12.76.158 4837 (CHINA169-...)
38 9
18    172.67.191.244 (United States)

ASN13335 (CLOUDFLARENET, US)
heard.workingsong.shop
9    104.18.33.34 (None, )

ASN13335 (CLOUDFLARENET, US)
static.mercdn.net
3    3.164.110.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-110-50.nrt12.r.cloudfront.net
img.fril.jp
1    182.22.28.252 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
PTR: edge1600.img.vip.otm.yimg.jp
item-shopping.c.yimg.jp
2    2600:140b:a00:a::b81b:b9c4 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
tshop.r10s.jp
2    2a04:4e42:600::575 (United States)

ASN54113 (FASTLY, US)
shop.r10s.jp
1    2600:140b:a00:382::21ff (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
ic4-a.wowma.net
1    103.151.139.208 (China)

ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK)
js.users.51.la
2    104.251.228.16 (Tokyo, Japan)

ASN140042 (IZEC-AS-AP Zhipinshang Hongkong Electron Communication Technology Limited, HK)
sdk.51.la
collect-v6.51.la
1    218.12.76.158 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
ia.51.la
Apex Domain
Subdomains		 Transfer
18 workingsong.shop
heard.workingsong.shop
461 KB
9 mercdn.net
static.mercdn.net — Cisco Umbrella Rank: 205265
1 MB
4 51.la
js.users.51.la — Cisco Umbrella Rank: 163367
sdk.51.la — Cisco Umbrella Rank: 73455
ia.51.la — Cisco Umbrella Rank: 158554
collect-v6.51.la — Cisco Umbrella Rank: 78995
41 KB
4 r10s.jp
tshop.r10s.jp — Cisco Umbrella Rank: 252799
shop.r10s.jp — Cisco Umbrella Rank: 475048
87 KB
3 fril.jp
img.fril.jp — Cisco Umbrella Rank: 722211
605 KB
1 wowma.net
ic4-a.wowma.net
24 KB
1 yimg.jp
item-shopping.c.yimg.jp — Cisco Umbrella Rank: 193141
19 KB
38 7
Domain Requested by
18 heard.workingsong.shop heard.workingsong.shop
9 static.mercdn.net heard.workingsong.shop
3 img.fril.jp heard.workingsong.shop
2 shop.r10s.jp heard.workingsong.shop
2 tshop.r10s.jp 2 redirects
1 collect-v6.51.la sdk.51.la
1 ia.51.la heard.workingsong.shop
1 sdk.51.la heard.workingsong.shop
1 js.users.51.la heard.workingsong.shop
1 ic4-a.wowma.net heard.workingsong.shop
1 item-shopping.c.yimg.jp heard.workingsong.shop
38 11

This site contains no links.

Subject Issuer Validity Valid
workingsong.shop
WE1		 2024-12-12 -
2025-03-12		 3 months crt.sh
*.mercdn.net
GlobalSign GCC R3 DV TLS CA 2020		 2024-05-10 -
2025-06-11		 a year crt.sh
fril.jp
Amazon RSA 2048 M03		 2024-10-21 -
2025-11-18		 a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2024-09-20 -
2025-10-19		 a year crt.sh
*.wowma.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-22 -
2025-05-18		 a year crt.sh
*.users.51.la
GlobalSign RSA OV SSL CA 2018		 2024-03-19 -
2025-04-20		 a year crt.sh
*.51.la
GlobalSign RSA OV SSL CA 2018		 2024-03-19 -
2025-04-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://heard.workingsong.shop/
Frame ID: 3523968BF6270BE610595846F8F95687
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

通年定番・旅行・エレクトリックアコースティックギター・サッカー・プラモデル

Page Statistics

38
Requests

95 %
HTTPS

30 %
IPv6

7
Domains

11
Subdomains

9
IPs

4
Countries

2721 kB
Transfer

2800 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://tshop.r10s.jp/haikanshop/cabinet/trusco/main2/031/1595416.jpg HTTP 302
  • https://shop.r10s.jp/haikanshop/cabinet/trusco/main2/031/1595416.jpg
Request Chain 13
  • https://tshop.r10s.jp/yourmystar/cabinet/you51/az-rto-745.jpg HTTP 302
  • https://shop.r10s.jp/yourmystar/cabinet/you51/az-rto-745.jpg

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heard.workingsong.shop/ 		47 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bf802b7f18ce17434c7f7b0a7f074d52fe224030313f850f422988de15ca6ba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ff1ac07bb9df597-NRT
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Thu, 09 Jan 2025 04:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=09pRmpXZXTjqvXavqpeQAy7K6YXqlbFf2oELKg9AloHlj%2BF%2Bb1Vney%2BNT65OGoE3v7b8GjUrrh0nh6Tg3kFxvHnF1yIpLDNhYdi%2Fw3p8efuKdOF7jnFvVrgH33G0RA3R6SuJ2Lj8tpTn"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=1311&min_rtt=1073&rtt_var=442&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4236&recv_bytes=5740&delivery_rate=1039&cwnd=12000&unsent_bytes=0&cid=589e121b045556b3&ts=372&x=1" cfExtPri cfHdrFlush;dur=0
vary
Cookie,Accept-Encoding
style.css
heard.workingsong.shop/static/css/ 		79 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heard.workingsong.shop/static/css/style.css
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecd52c526d8b27a390a8cbcc6d582f813e9c67e2eabd89e2271481df04e08243

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tyM8xVLm0lMXMUc2dE2iuV7fFjnolEp8Gwhve8uUa9kcYj%2FmHePtDEja598GT1hQDZen47cmq1wzZbPJiCviOF09KzncCRsUt%2Fsr4yyWoizCEojjGhK60RYCAWeFyO9lg%2BXd%2BPQTXu1C"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff1ac0a0d34f597-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1326&min_rtt=1073&rtt_var=271&sent=61&recv=49&lost=0&retrans=0&sent_bytes=48407&recv_bytes=13936&delivery_rate=500252&cwnd=12000&unsent_bytes=0&cid=589e121b045556b3&ts=624&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
text/css; charset=utf8
vary
Cookie,Accept-Encoding
server
cloudflare
last-modified
Thu, 18 Jul 2024 09:37:22 GMT
priority
u=0,i=?0
cal.css
heard.workingsong.shop/static/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heard.workingsong.shop/static/css/cal.css
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lF2wCxpBPrDN%2FlEidrBxlDRPhuJtqOHVgTXPq7MytBbdu%2F9hDhjsxBHMxl89Iw83yGQODqXShHVIr9HbW6TYIZXEpVVYikTVFbKbLAqWPZN2fOeDqXgpz%2BeiVqRhW3f%2FgYAtdTS3DouB"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff1ac0a0d35f597-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1303&min_rtt=1073&rtt_var=123&sent=78&recv=54&lost=0&retrans=0&sent_bytes=66828&recv_bytes=14156&delivery_rate=996394&cwnd=22800&unsent_bytes=0&cid=589e121b045556b3&ts=636&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
text/html; charset=utf-8
vary
Cookie, Accept-Encoding
server
cloudflare
priority
u=0,i=?0
logo.png
heard.workingsong.shop/static/images/header/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/header/logo.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dda0cc2008227035efb926856582fa93cf2a573e4bae2b2d99ba3a945f196345

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfB9RGH6XpwmfVZc%2BwAirtOQgr2qh%2BtsZNceke8p7aJkyphkAu%2FgerX1AR0d3G3%2B4ZlZnb8PYnuWblMQsdbZB8qxxxii9A0zWNttGt1SaRbqiMExqHIVdb0BwhN3ZRfidPcuA%2F0EkeK5"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff1ac0a0d37f597-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1424&min_rtt=1073&rtt_var=281&sent=29&recv=33&lost=0&retrans=0&sent_bytes=15002&recv_bytes=13248&delivery_rate=22516&cwnd=12000&unsent_bytes=0&cid=589e121b045556b3&ts=577&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
4134
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:53:18 GMT
priority
u=2,i
Index_banner.png
heard.workingsong.shop/static/images/banner/ 		211 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/banner/Index_banner.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a368b6a6869bb443d0b437c2dd86108bebad9ae421ad6311383a1381df7c5769

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xkSJUPKtYhtriDzvYlZY%2B3UTiP9N0TVhX0YoCkVu1mMc36mv0GzTSPcO%2BZf%2Bqq9Si%2ByXZB0u9Ad8KZTJIiMaN4bpWnvqJOEW0LaQh3TANY4pWVjNN3exQ6wBlTDEEc5DNwoBypVKOr%2B5"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff1ac0a0d3bf597-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1318&min_rtt=999&rtt_var=117&sent=138&recv=77&lost=0&retrans=0&sent_bytes=132349&recv_bytes=15179&delivery_rate=15380230&cwnd=30000&unsent_bytes=0&cid=589e121b045556b3&ts=979&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
215763
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:55:12 GMT
priority
u=2,i
leftIco.png
heard.workingsong.shop/static/images/left/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/left/leftIco.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30e35cd8f13d78f1b801065e52cb8a2d71f87ee266c71e3c83e6cd115f0d3e3c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mMIv%2B%2B0yOyyrGgzZhLZsmglJp1w2Ss9KhHZpQ1zLCdAc%2BZ8nzf1ZMC7loPMSqb16TqqC%2Fc3UFC9zE4B34%2FD8Txl%2FEl0oVW60kOGc%2BTDADEC%2Bd0gI9Foe0V%2BI5PtreWl5b5ph3VJBN8PR"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff1ac0a2d54f597-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1215&min_rtt=999&rtt_var=145&sent=85&recv=62&lost=0&retrans=0&sent_bytes=71899&recv_bytes=14517&delivery_rate=10461&cwnd=22800&unsent_bytes=0&cid=589e121b045556b3&ts=764&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
text/html; charset=utf-8
vary
Cookie, Accept-Encoding
server
cloudflare
priority
u=2,i
leftbanner03.png
heard.workingsong.shop/static/images/left/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/left/leftbanner03.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67cfeb8467dd3a93b2b338f181bc841f76b4cbbaf8a74ad61bd6add28e88b275

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2oN813yMvt%2FokY8G%2FrMN7Z9VH0SwJOBZ81WRDBt5EXF6ob%2BfpFINP927QTMFFx8qq67xjVWK2yw%2FPj4eAFu8TdLZYR%2BTl494AXNLCSPVJeS%2FAAsM76LrQGPqvyUN55%2FMnbMeN0Q8FuPT"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff1ac0a2d5af597-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1562&min_rtt=1073&rtt_var=546&sent=48&recv=42&lost=0&retrans=0&sent_bytes=34170&recv_bytes=13635&delivery_rate=1295475&cwnd=12000&unsent_bytes=0&cid=589e121b045556b3&ts=605&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
8359
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:55:50 GMT
priority
u=2,i
indexbanner03.png
heard.workingsong.shop/static/images/banner/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/banner/indexbanner03.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba164b5f729a86a1781055c4eed9a48e649bd5f2b8dd22e72d84b9c91c922a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=izSU8vEgTPrixom5b35YAKnWPys3gzAfk%2FpPcPPxfFRBr4YJNEEN7k1riMWIoP7fN6FRe61ZElPKwhG1OEB7czbJw6BM%2B4OwQXyEriCbzCMZWuve3teu%2B2AFgT3gGJt%2BNu4n8KprjOZH"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff1ac0a2d5df597-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1220&min_rtt=999&rtt_var=96&sent=93&recv=66&lost=0&retrans=0&sent_bytes=79508&recv_bytes=14693&delivery_rate=168890&cwnd=22800&unsent_bytes=0&cid=589e121b045556b3&ts=942&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
139183
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:55:12 GMT
priority
u=2,i
m41193926097_1.jpg
static.mercdn.net/item/detail/orig/photos/ 		259 KB
260 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mercdn.net/item/detail/orig/photos/m41193926097_1.jpg?1726797924
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f09a4a2f1d316668e88c6d59511dde6eb1479451e7926dbe9064243606e4d27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cf-bgj
h2pri
etag
W/"EOu-154P9FceZdjsZiIAAAAiN2RlMTFlMWE1MTE3MDUzYjZiYjM4MDlhNGEyYThhNDki"
x-amz-version-id
Cu1QjU3lw31TC1nqNfURBBbvSz7ih3T5
cf-cache-status
HIT
age
2035777
x-content-type-options
nosniff
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/jpeg
last-modified
Fri, 20 Sep 2024 02:05:25 GMT
vary
Accept-Encoding
x-amz-id-2
GSrnLTAP7XmzezihxR/AhurJ/PgGzmyWSiQw6fRp+IZtFIvsTo2RZspuR+O2XWiH6Gs6twbPmAE=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
via
http/1.1 rear.sv214 (ATS [cHs f ])
x-amz-request-id
PVM5JK2J5CMPYYWG
cf-ray
8ff1ac0a3a90d771-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
265428
server
cloudflare
x-amz-server-side-encryption
AES256
2427636532.jpg
img.fril.jp/img/724171222/l/ 		463 KB
464 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.fril.jp/img/724171222/l/2427636532.jpg?1731414822
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.164.110.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-110-50.nrt12.r.cloudfront.net
Software
CloudFront /
Resource Hash
c494c067821b858b35c2bfe41c74f26c36cedd38b56e4ca96ca0047983a399cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

Vary
Origin
ETag
"0366c893f3350581d0d23da993ab85b7"
x-amz-version-id
M7_Aq.zHI9DDtxssh__k0INmNAx4eOqI
Connection
keep-alive
Via
1.1 60a4fec648b905e9bfeb1d864e600d70.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Miss from cloudfront
Content-Length
474302
X-Amz-Cf-Id
tNf7vrNFbuZjXLXr6TQck47VYglVp202qG2wEkWwCggaYGCL6g-FeA==
Date
Thu, 09 Jan 2025 04:26:58 GMT
Content-Type
image/jpeg
Last-Modified
Tue, 12 Nov 2024 12:33:44 GMT
Server
CloudFront
X-Amz-Cf-Pop
NRT12-P2
x-amz-server-side-encryption
AES256
wf-ichida_22179-53
item-shopping.c.yimg.jp/i/n/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://item-shopping.c.yimg.jp/i/n/wf-ichida_22179-53
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.28.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
edge1600.img.vip.otm.yimg.jp
Software
nghttpx /
Resource Hash
37da4a6a861688733567827f015fc12d6ac8a061971d1b1755bfce04915c2cf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=600, s-maxage=86400
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
0
ats-carp-promotion
1
x-content-type-options
nosniff
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
19352
date
Thu, 09 Jan 2025 04:26:57 GMT
x-xss-protection
1;mode=block
content-type
image/jpeg
last-modified
Thursday, 09-Jan-2025 04:26:57 GMT
server
nghttpx
x-frame-options
SAMEORIGIN
m79064462511_1.jpg
static.mercdn.net/item/detail/orig/photos/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mercdn.net/item/detail/orig/photos/m79064462511_1.jpg?1709308329
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9379e4a26628ec02c5c160b26e31b9043bcee8eb898ad919e2f768c86a81f43d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cf-cache-status
MISS
etag
W/"ENjHjp8GMa2cqvnhZSIAAAAiMWVlNzFhNWNjZGI3N2Y0OWZiMjEyNzRhNTc5ZjdhNjYi"
x-amz-version-id
kklXlUF2vCmBXpHNH8oxGwq2r4roraQH
x-content-type-options
nosniff
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/jpeg
last-modified
Fri, 01 Mar 2024 15:52:10 GMT
vary
Accept-Encoding
x-amz-id-2
6W9OBqrDP5rc6lmM6V81+uKeP4APEDumHZKE0dz4LnVVTXYCrJkaMFdqeexahmkJpKWJv2FG70o=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
via
http/1.1 rear.sv208 (ATS [cMsSfW])
x-amz-request-id
2DD5J0R5Y0X55NS2
cf-ray
8ff1ac0a4a93d771-NRT
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
m21671428874_1.jpg
static.mercdn.net/item/detail/orig/photos/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mercdn.net/item/detail/orig/photos/m21671428874_1.jpg?1726054916
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e9be4602af24d64dce06c4e9d2ce04c3a66f40e43e546c76adbeb1f44c7d102
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cf-bgj
h2pri
etag
W/"ENadT6xg3zSyBYLhZiIAAAAiOWVkNTU1YTQwYjhiYjU0MDQzZjk0ZGFlYTU5ZjNiMDUi"
x-amz-version-id
rLogWCNxIg68H5UyRswdogYC1mKsUX.H
cf-cache-status
HIT
x-content-type-options
nosniff
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/jpeg
last-modified
Wed, 11 Sep 2024 11:41:57 GMT
vary
Accept-Encoding
x-amz-id-2
19r9+NRyqWaQwjfrqHj4yCIM8Q/lwQ5JR4si9Fl+cfYj4HZnMis2z3Mlq1IS1mNlUSyCb8f55+U=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
via
http/1.1 rear.sv203 (ATS [cHs f ])
x-amz-request-id
E4SEWKV38WQVB0CB
cf-ray
8ff1ac0a4a96d771-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
121323
server
cloudflare
x-amz-server-side-encryption
AES256
1595416.jpg
shop.r10s.jp/haikanshop/cabinet/trusco/main2/031/
Redirect Chain
  • https://tshop.r10s.jp/haikanshop/cabinet/trusco/main2/031/1595416.jpg
  • https://shop.r10s.jp/haikanshop/cabinet/trusco/main2/031/1595416.jpg
21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.r10s.jp/haikanshop/cabinet/trusco/main2/031/1595416.jpg
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Server
2a04:4e42:600::575 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a9911460e3b186928cc0d4418c5b00e66cd14a1daa5e73f5e877b6b54ae5b1a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

etag
"66870db6-18ed4"
age
0
x-cdn-served-from
Fastly
expires
Fri, 10 Jan 2025 04:26:57 GMT
x-cache
MISS
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/webp
last-modified
Thu, 04 Jul 2024 21:01:42 GMT
x-cache-hits
0
x-served-by
cache-nrt-rjtf7700057-NRT
vary
Accept,Origin
cache-control
max-age=86400
x-backend
3rkdiFIGmdfohmY3X9MST4--F_imgcnv_gslb_rdcnw_net
x-timer
S1736396817.027706,VS0,VE25
via
1.1 varnish
accept-ranges
bytes
content-length
21756
server
nginx

Redirect headers

cache-control
max-age=82800
location
https://shop.r10s.jp/haikanshop/cabinet/trusco/main2/031/1595416.jpg
access-control-expose-headers
x-cdn-served-from
x-cdn-served-from
Akamai
expires
Fri, 10 Jan 2025 03:26:57 GMT
content-length
0
date
Thu, 09 Jan 2025 04:26:57 GMT
vary
Origin
server
AkamaiGHost
az-rto-745.jpg
shop.r10s.jp/yourmystar/cabinet/you51/
Redirect Chain
  • https://tshop.r10s.jp/yourmystar/cabinet/you51/az-rto-745.jpg
  • https://shop.r10s.jp/yourmystar/cabinet/you51/az-rto-745.jpg
65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.r10s.jp/yourmystar/cabinet/you51/az-rto-745.jpg
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Server
2a04:4e42:600::575 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
49962c61e427d6e3e87c793ccca08f5508165a23e9a56ab9c27c9ef9d7de0554

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

etag
"65d7061e-11a5d"
age
0
x-cdn-served-from
Fastly
expires
Fri, 10 Jan 2025 04:26:57 GMT
x-cache
MISS
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/webp
last-modified
Thu, 22 Feb 2024 08:30:22 GMT
x-cache-hits
0
x-served-by
cache-nrt-rjtf7700057-NRT
vary
Accept,Origin
cache-control
max-age=86400
x-backend
3rkdiFIGmdfohmY3X9MST4--F_imgcnv_gslb_rdcnw_net
x-timer
S1736396817.027721,VS0,VE50
via
1.1 varnish
accept-ranges
bytes
content-length
66770
server
nginx

Redirect headers

cache-control
max-age=82800
location
https://shop.r10s.jp/yourmystar/cabinet/you51/az-rto-745.jpg
access-control-expose-headers
x-cdn-served-from
x-cdn-served-from
Akamai
expires
Fri, 10 Jan 2025 03:26:57 GMT
content-length
0
date
Thu, 09 Jan 2025 04:26:57 GMT
vary
Origin
server
AkamaiGHost
2294618950.jpg
img.fril.jp/img/692603631/l/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.fril.jp/img/692603631/l/2294618950.jpg?1718591102
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.164.110.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-110-50.nrt12.r.cloudfront.net
Software
CloudFront /
Resource Hash
843804847b20728eba2e6efd3e13b604f610f3a74b9750eb7feb79e6bf4b032d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

Vary
Origin
ETag
"cf880383c2ccdaf53f043bdffabd48e6"
x-amz-version-id
WBMDIg0LV1ASYhCkX0K9L7I_3MXzMl4l
Connection
keep-alive
Via
1.1 f8fa8a86fddb455ef2c0b061077f6a6a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Miss from cloudfront
Content-Length
99997
X-Amz-Cf-Id
_jpG5JwK22d97eJ3Y1KWKyQFPpJM-vAZSihEIW-1vuWDnMd6Z3ab_Q==
Date
Thu, 09 Jan 2025 04:26:58 GMT
Content-Type
image/jpeg
Last-Modified
Mon, 17 Jun 2024 02:25:23 GMT
Server
CloudFront
X-Amz-Cf-Pop
NRT12-P2
x-amz-server-side-encryption
AES256
indexbanner02.png
heard.workingsong.shop/static/images/banner/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/banner/indexbanner02.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2759709c42e93d4df9672b2e4485bedbabfad6a1711147b63ea34daeb35edcbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=crpnmnvZdNcyefkRqViSbClkWE7gNO1O8qxl3zTkd3TNQF%2FkxKG%2BHedTIknDpSeNAQblOR7P7XL2LxoReJ%2FBXZ8WZGqcdTYKbj5A34HTtcegHOWgc%2BzswKswS5rZnDiN1GLo69XelwyH"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff1ac0a2d62f597-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1295&min_rtt=999&rtt_var=134&sent=120&recv=75&lost=0&retrans=0&sent_bytes=111682&recv_bytes=15090&delivery_rate=18433472&cwnd=30000&unsent_bytes=0&cid=589e121b045556b3&ts=958&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
19361
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:55:12 GMT
priority
u=3,i
w5-0000000023813.jpg
ic4-a.wowma.net/mis/gr/135/image.wowma.jp/6881526/w512/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic4-a.wowma.net/mis/gr/135/image.wowma.jp/6881526/w512/w5-0000000023813.jpg
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:140b:a00:382::21ff Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx/1.7.1 /
Resource Hash
7912a9970dabda70dbddde8dcae6a05689cf70a4b8ebf7d04f23a3d3f6675ea3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

X-Upstream
2.17.62.181:443
ETag
"51a89dc318349d9ee2c1053550ebc39f"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23676
X-Amz-Cf-Id
58o5V6JDktJy3agc5dmYmWx3lARESdyFGZzjL-32wrDXqdY3RAWaiA==
Date
Thu, 09 Jan 2025 04:26:57 GMT
Content-Type
image/jpeg
Last-Modified
Wed, 22 Nov 2023 07:09:44 GMT
Server
nginx/1.7.1
X-Amz-Cf-Pop
NRT12-C3
x-amz-server-side-encryption
AES256
m45173939771_1.jpg
static.mercdn.net/item/detail/orig/photos/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mercdn.net/item/detail/orig/photos/m45173939771_1.jpg?1602523313
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b77252f370ff33318665f17cde23e43268d0184f197fa80f7d520f845c55b46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cf-cache-status
MISS
x-amz-version-id
85Ki9oJLs1GmdH9Lz4Vb0u.hKbwf6jIt
etag
W/"EG2WVMv_MK9VspCEXyIAAAAiY2NmZGU4NDZhNjljMDQyYzc3ZmIyNWI0OTMzMTQzYmMi"
x-content-type-options
nosniff
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/jpeg
last-modified
Mon, 12 Oct 2020 17:21:54 GMT
vary
Accept-Encoding
x-amz-id-2
qI7dGefHRxJ0MxAcDLyqpqGQ2dQ2mFOa3HLX+cdOVfe/u09uOtdSlFSgPpRmEL9C0vAQJGxvTII=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
via
http/1.1 rear.sv124 (ATS [cMsSfW])
x-amz-request-id
2DD7H5NYN57E0CVG
cf-ray
8ff1ac0a9b3ed771-NRT
access-control-allow-origin
*
server
cloudflare
m64383699895_1.jpg
static.mercdn.net/item/detail/orig/photos/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mercdn.net/item/detail/orig/photos/m64383699895_1.jpg?1683023322
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9d867181a54528a4a0ce0e7f6560020ea70a3a16ae6b160534520b25c2f2b57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cf-cache-status
MISS
etag
W/"EJC3qbv6vlpf2-VQZCIAAAAiMjc3MmUwYmQ2YmJlOTEyNGRmMjU4NTUwNTk5MTg1YjQi"
x-amz-version-id
QVbzkv3ty98OPIWceeP6PFg76Jv831e0
x-content-type-options
nosniff
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/jpeg
last-modified
Tue, 02 May 2023 10:28:43 GMT
vary
Accept-Encoding
x-amz-id-2
9/amAhO6oIzhZ+I5beAeToOU9isMfCjs3fVelsw9ZodZZEnqRae0xamQkIjokfgYvdg+Dn0CFVg=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
via
http/1.1 rear.sv122 (ATS [cMsSfW])
x-amz-request-id
2DD52ZG5DFR9CE47
cf-ray
8ff1ac0a9b40d771-NRT
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
1750812493.jpg
img.fril.jp/img/568235130/l/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.fril.jp/img/568235130/l/1750812493.jpg?1669995994
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.164.110.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-110-50.nrt12.r.cloudfront.net
Software
CloudFront /
Resource Hash
a30e0df13f9bb728283dada578524b66606fbe2737200e5f6ef43ad420349a81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

ETag
"3cb26a5e3c3ec64db17e76c836267341"
x-amz-version-id
lfPRDpMg8jv5KVdBiRxC2nZ.qtLIYrGL
Connection
keep-alive
Via
1.1 60a4fec648b905e9bfeb1d864e600d70.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Miss from cloudfront
Content-Length
44071
X-Amz-Cf-Id
nXXOj4eTDNMevwEqBJYrSk24Ym0PCWk2IR6Y8m8OYY7YhXCBdNU6Gw==
Date
Thu, 09 Jan 2025 04:26:58 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 02 Dec 2022 15:46:35 GMT
Server
CloudFront
X-Amz-Cf-Pop
NRT12-P2
Vary
Origin
m17491685958_1.jpg
static.mercdn.net/item/detail/orig/photos/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mercdn.net/item/detail/orig/photos/m17491685958_1.jpg?1728393010
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37d9faa80f334ee63fa1248b3e9c44a25096a50d63fa30c71155721be2440827
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cf-cache-status
MISS
etag
W/"ENfCGjBz0HMEMy8FZyIAAAAiNDU0ZGY1NzgxZDMwNDQ0NTU0ZTdkMDA1MjczNmU0NzAi"
x-amz-version-id
keCS0K3GlBTTY2MbqPZDYT5JENo8GilC
x-content-type-options
nosniff
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/jpeg
last-modified
Tue, 08 Oct 2024 13:10:11 GMT
vary
Accept-Encoding
x-amz-id-2
ApPdAPkU+7J8D2JINNiw6YhxNN5+Wv9vzkf/LTAUTuUpDl7THfPotqA/CXAYlyhp+HgV2UhKJAM=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
via
http/1.1 rear.sv123 (ATS [cMsSfW])
x-amz-request-id
2DDC2FHVN9CHR7V8
cf-ray
8ff1ac0aab4cd771-NRT
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
m78933023735_1.jpg
static.mercdn.net/item/detail/orig/photos/ 		202 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mercdn.net/item/detail/orig/photos/m78933023735_1.jpg?1729483669
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c25927112dc7ca38df38a5963748ba5a5bae499742833a45ab7fe1cf5964f101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cf-bgj
h2pri
etag
W/"EIU3W2YIVBPcltMVZyIAAAAiMDhjNjE2ZjNlZWFjZWZmYzdjM2RjOTRhZDYyMmZkOTIi"
x-amz-version-id
6e1KhWQOI2jU0s_JtrDA6RRq9ofOoKvD
cf-cache-status
HIT
x-content-type-options
nosniff
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/jpeg
last-modified
Mon, 21 Oct 2024 04:07:50 GMT
vary
Accept-Encoding
x-amz-id-2
ypbhbvl2LpWHZmlJNkE+QsMgVur+Oz2fEToFrI4UcC/h6TgJ00bEILoGmKd8pY5WGNNYekBef2w=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
via
http/1.1 rear.sv206 (ATS [cHs f ])
x-amz-request-id
WM9Q94V479J43ZG3
cf-ray
8ff1ac0aab4ed771-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
206475
server
cloudflare
x-amz-server-side-encryption
AES256
m41500411186_1.jpg
static.mercdn.net/item/detail/orig/photos/ 		289 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mercdn.net/item/detail/orig/photos/m41500411186_1.jpg?1705244578
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b79b335942b461648820e561ea78a6861765ae64b04fb533612f732a235951af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cf-cache-status
MISS
etag
W/"EPy281Dmmk2Lo_ejZSIAAAAiMTA2NmZkZmEwOTQ1MTI2YTZkYjExYTNhNjYzMTUzMGIi"
x-amz-version-id
lvzMx9UTz9CvDfvFwyPD13nU.ZQCnUCB
x-content-type-options
nosniff
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/jpeg
last-modified
Sun, 14 Jan 2024 15:02:59 GMT
vary
Accept-Encoding
x-amz-id-2
lLN+9PJ6lPhqYea+/hcsvU+eoOss9k060Fibdt7uciAzUDazg3QtGb6gspgYkr4/DD3Oxzh8aKo=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
via
http/1.1 rear.sv124 (ATS [cMsSfW])
x-amz-request-id
2DD5TN1KZ3SJAF74
cf-ray
8ff1ac0aab4fd771-NRT
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
m58334838791_1.jpg
static.mercdn.net/item/detail/orig/photos/ 		238 KB
239 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mercdn.net/item/detail/orig/photos/m58334838791_1.jpg?1729381369
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d38e3d44743f5945912fb53bc646e58198f95f5d8573f32e8ca265afba0fa5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cf-bgj
h2pri
etag
W/"ECSSeceH4IZ3-kMUZyIAAAAiNmY5MGZjMmQxZTFmMGExZmU4ODM5YzUwMzYxZmYyZTEi"
age
466192
cf-cache-status
HIT
x-amz-version-id
MfgO0tTyrvh_SKNQoYCXvBNoclOAIA3_
x-content-type-options
nosniff
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/jpeg
last-modified
Sat, 19 Oct 2024 23:42:50 GMT
vary
Accept-Encoding
x-amz-id-2
t8+L1N/r5t1I20E5/F21rftwuvO0r6kcxn8YljPEv/4+pKX2HM13e7+OujPQpvh+W8giJOspsek=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
via
http/1.1 rear.sv113 (ATS [cHs f ])
x-amz-request-id
P0YGFW5QG9YB6H33
cf-ray
8ff1ac0aab50d771-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
243720
server
cloudflare
x-amz-server-side-encryption
AES256
footer_guide_payment.png
heard.workingsong.shop/static/images/footer/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/footer/footer_guide_payment.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519eb30b2b15e55a72d5a18e5a478c589dc4d600360e3575120553ceaba9e482

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uf8UF5ezAWSoIrodMRsqfJ7IO%2FkpmAzZ73A6wzRYr5o8Ksb9Pv2psE18TI8rk8CVcr%2FY%2BUb5TGgNAyCk8M%2Fe3p3L0D2qIEIpsHbJzB1pyyIQy4FvJEcVY4tZnAz3H1K0Oc%2BQEJ30q3QF"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff1ac0a2d64f597-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1412&min_rtt=1073&rtt_var=352&sent=56&recv=46&lost=0&retrans=0&sent_bytes=43588&recv_bytes=13807&delivery_rate=1130151&cwnd=12000&unsent_bytes=0&cid=589e121b045556b3&ts=607&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
1221
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:54:08 GMT
priority
u=3,i
payment_btn.png
heard.workingsong.shop/static/images/footer/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/footer/payment_btn.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c76bf67bf04f1dce84c26f67d1ee6bf7913108a3637b8b257f8508f9c0109507

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0OsedoQRPAmhVh8ZmoSy9H96voZD%2BzQTepjleeTKd%2BLZJMJN%2Bkkb%2By0zcaRINLEQsIfkWv0hfj02h4IFQCKJgb8ttkfdtyz%2BKbbwCWq1FV2DCMJWsubOw2yADCgIzQ9nOehZcypLW29H"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff1ac0a2d65f597-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1424&min_rtt=1073&rtt_var=281&sent=34&recv=33&lost=0&retrans=0&sent_bytes=20114&recv_bytes=13248&delivery_rate=22516&cwnd=12000&unsent_bytes=0&cid=589e121b045556b3&ts=578&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
1479
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:54:06 GMT
priority
u=3,i
footer_guide_free.png
heard.workingsong.shop/static/images/footer/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/footer/footer_guide_free.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645f8b2a8efad74e8e26d53c1e9dde8f60b82da7205b417bed1e666692322b75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JdwoUjJFdav1XBzAZHQhhYaF2EhdIk7CRq16yb768gvepQFV6Evy4QLeBWxKUsmc9BDEnJcnGPUW5GouWUA7qBB%2FreKK9ZbTUEYGZlkX57k2zhtQBlah7yM6yrx%2FmIc%2F23AsDKCGYvHc"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff1ac0a2d67f597-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1453&min_rtt=1073&rtt_var=386&sent=36&recv=36&lost=0&retrans=0&sent_bytes=22501&recv_bytes=13377&delivery_rate=5525998&cwnd=12000&unsent_bytes=0&cid=589e121b045556b3&ts=582&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
2069
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:54:06 GMT
priority
u=3,i
footer_guide_privacypolicy.png
heard.workingsong.shop/static/images/footer/ 		621 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/footer/footer_guide_privacypolicy.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1839f521f2fd75f06e18d4fd2db1fc232fc93f3c8e9dcce359a9e32396075ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vXHHsuTNAXfJmW6efIX%2FF%2Bfu%2FjVo7OaZU3Kb5rjiTGv8Rc2Q7trq%2BpaP8hm9%2FbAymCwlYpATor%2BVSjpUXZNR5cdhRPSpQag2IJyjWQaEzyXozR8w16szyGwYWUd0%2FhVWvJGY7GfL8Gli"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff1ac0a2d6af597-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1364&min_rtt=1073&rtt_var=288&sent=43&recv=39&lost=0&retrans=0&sent_bytes=30178&recv_bytes=13506&delivery_rate=1848004&cwnd=12000&unsent_bytes=0&cid=589e121b045556b3&ts=595&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
621
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:54:06 GMT
priority
u=3,i
privacy_btn.png
heard.workingsong.shop/static/images/footer/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/footer/privacy_btn.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22b6d93c5b64f89e3e054a1ef4e22bca1fb631bab384a123b8b198f3b280aa3c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PFP6%2FPeg122QLUEY1f1mJVriXlu7jMJYYwdS7K5LJ4Gxh1TT9VBiRtemIWlhD4grvuHFwhFvwGpku38QnzcbnoYVpC7V84gI1x0yPbbQ2l4OWiSIA5EdPJ4uK9hmLFmahfieH0tNQRvR"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff1ac0a2d6bf597-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1382&min_rtt=1073&rtt_var=336&sent=41&recv=38&lost=0&retrans=0&sent_bytes=27804&recv_bytes=13463&delivery_rate=975060&cwnd=12000&unsent_bytes=0&cid=589e121b045556b3&ts=594&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
1472
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:54:06 GMT
priority
u=3,i
footer_guide_exchange.png
heard.workingsong.shop/static/images/footer/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/footer/footer_guide_exchange.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79db50bcc987f4178c4a64143fad0b1967bb1e93646a326ef96a35588ba03855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FzR7SDi2GAZh7hM%2BFewIHPMkK9S5hzXAhR9PI4LpSyHv4FDc28gPYY4hSidGeJl6VUTYBw11x%2BXY8XCQOF1Hz7tibWq8lMRjry6jqUWzv8oky6b3ZEE2lQvbc0jyO9aDLXdufFTcy8Zu"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff1ac0a2d6df597-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1373&min_rtt=1073&rtt_var=343&sent=58&recv=47&lost=0&retrans=0&sent_bytes=45718&recv_bytes=13850&delivery_rate=1296514&cwnd=12000&unsent_bytes=0&cid=589e121b045556b3&ts=614&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
1756
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:54:06 GMT
priority
u=3,i
exchange_btn.png
heard.workingsong.shop/static/images/footer/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/footer/exchange_btn.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b235467e592b99c4a6a31dd2838d20f2d3ccd476130865903593ea01e5e333e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yaicftzKRjOOZKiQUo5sq1CIBT%2BytBC1OdsLYhUklFYCMbzpWvMv3FjpETyJAVpvcCtk8Nkkn3KpYbiDsJNieQKF3fylJInOc8J6SN6A%2FuxxQ0sfmzbwh7RCliz%2FI7tNJLMDaj%2BX3LPt"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff1ac0a2d6ff597-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1382&min_rtt=1073&rtt_var=336&sent=39&recv=38&lost=0&retrans=0&sent_bytes=25502&recv_bytes=13463&delivery_rate=975060&cwnd=12000&unsent_bytes=0&cid=589e121b045556b3&ts=593&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
1392
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:54:06 GMT
priority
u=3,i
contact_form_btn.png
heard.workingsong.shop/static/images/footer/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/footer/contact_form_btn.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3342f09cc69975a2294e7e630d252fdcf165e101537d5d9c4765f8f590c8971c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nAa5PJfgs11OyMsMaVD8uVI%2FKMGthblrEHB6uH0gd4Qb%2FUR5%2FbccFp3OmVHtoAXGA4ajNP4Khq6G4g2zu7F3ynkw718QBMUAY%2By9wnH3rTD7WgT9RF2dt8b8pO4sdP%2BN09d0yvTv8Xtn"}],"group":"cf-nel","max_age":604800}
cf-ray
8ff1ac0a2d70f597-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1522&min_rtt=1073&rtt_var=620&sent=45&recv=41&lost=0&retrans=0&sent_bytes=31712&recv_bytes=13592&delivery_rate=1759319&cwnd=12000&unsent_bytes=0&cid=589e121b045556b3&ts=598&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
1524
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:54:06 GMT
priority
u=3,i
email-decode.min.js
heard.workingsong.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heard.workingsong.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"677d0bc5-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0ezyOke%2BQk2XQnnmGgB6qlvPqkPl3ZpiiygwMn1oukMsQaj7jV4iuLuSSXtde7QkvuQk%2F5%2FeRnjCB5h5zxq4o8jvVP%2BkeU88JwJD%2B4ARKjZmIp7NWdLX4rvI1xiVpV7pqrpgCHmS3%2F1"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8ff1ac0a2d60f597-NRT
expires
Sat, 11 Jan 2025 04:26:56 GMT
date
Thu, 09 Jan 2025 04:26:56 GMT
content-type
application/javascript
last-modified
Tue, 07 Jan 2025 11:11:01 GMT
server
cloudflare
vary
Accept-Encoding
21939019.js
js.users.51.la/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.users.51.la/21939019.js
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.151.139.208 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
c96390f803d0b39c6369100c217ba1d5c5902b4edd8c3707ea0a96a94be9b52a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
no-store
access-control-allow-credentials
true
via
EA-JPN-tokyo-EDGE2-CACHE3[88],EA-JPN-tokyo-EDGE2-CACHE3[ovl,86],EA-HKG-EDGE2-CACHE5[ovl,39],EA-HKG-GLOBAL1-CACHE29[ovl,36]
access-control-allow-origin
*
x-ccdn-req-id-46b1
d27f7888de28c6e395c98e5e6d23f49f
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
application/javascript; charset=utf-8
server
openresty
access-control-allow-headers
Content-Type
js-sdk-pro.min.js
sdk.51.la/ 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.251.228.16 Tokyo, Japan, ASN140042 (IZEC-AS-AP Zhipinshang Hongkong Electron Communication Technology Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
ab600bcb623360b5a87e5657495bb968325f0a47c3772fe3c1cc052ebd35f153

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
no-store
access-control-allow-credentials
true
via
EA-JPN-tokyo-EDGE4-CACHE5[96],EA-JPN-tokyo-EDGE4-CACHE5[ovl,95],EA-HKG-GLOBAL1-CACHE44[ovl,34]
access-control-allow-origin
*
x-ccdn-req-id-46b1
b83e8589a715d6f504b7707f45a1dd61
date
Thu, 09 Jan 2025 04:26:57 GMT
content-type
text/plain; charset=utf-8
server
openresty
go1
ia.51.la/ 		0
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ia.51.la/go1?id=21939019&rt=1736396817255&rl=1600*1200&lang=ja-JP&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E9%2580%259A%25E5%25B9%25B4%25E5%25AE%259A%25E7%2595%25AA%25E3%2583%25BB%25E6%2597%2585%25E8%25A1%258C%25E3%2583%25BB%25E3%2582%25A8%25E3%2583%25AC%25E3%2582%25AF%25E3%2583%2588%25E3%2583%25AA%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25A2%25E3%2582%25B3%25E3%2583%25BC%25E3%2582%25B9%25E3%2583%2586%25E3%2582%25A3%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25AE%25E3%2582%25BF%25E3%2583%25BC%25E3%2583%25BB%25E3%2582%25B5%25E3%2583%2583%25E3%2582%25AB&ing=1&ekc=&sid=1736396817255&tt=%25E9%2580%259A%25E5%25B9%25B4%25E5%25AE%259A%25E7%2595%25AA%25E3%2583%25BB%25E6%2597%2585%25E8%25A1%258C%25E3%2583%25BB%25E3%2582%25A8%25E3%2583%25AC%25E3%2582%25AF%25E3%2583%2588%25E3%2583%25AA%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25A2%25E3%2582%25B3%25E3%2583%25BC%25E3%2582%25B9%25E3%2583%2586%25E3%2582%25A3%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25AE%25E3%2582%25BF%25E3%2583%25BC%25E3%2583%25BB%25E3%2582%25B5%25E3%2583%2583%25E3%2582%25AB%25E3%2583%25BC%25E3%2583%25BB%25E3%2583%2597%25E3%2583%25A9%25E3%2583%25A2%25E3%2583%2587%25E3%2583%25AB&kw=%25E9%2580%259A%25E5%25B9%25B4%25E5%25AE%259A%25E7%2595%25AA%25E3%2583%25BB%25E6%2597%2585%25E8%25A1%258C%25E3%2583%25BB%25E3%2582%25A8%25E3%2583%25AC%25E3%2582%25AF%25E3%2583%2588%25E3%2583%25AA%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25A2%25E3%2582%25B3%25E3%2583%25BC%25E3%2582%25B9%25E3%2583%2586%25E3%2582%25A3%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25AE%25E3%2582%25BF%25E3%2583%25BC%25E3%2583%25BB%25E3%2582%25B5%25E3%2583%2583%25E3%2582%25AB%25E3%2583%25BC%25E3%2583%25BB%25E3%2583%2597%25E3%2583%25A9%25E3%2583%25A2%25E3%2583%2587%25E3%2583%25AB&cu=https%253A%252F%252Fheard.workingsong.shop%252F&pu=
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
218.12.76.158 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

via
CHN-HEshijiazhuang-AREACUCC1-CACHE56[50],CHN-HEshijiazhuang-AREACUCC1-CACHE56[ovl,46]
x-ccdn-req-id-46b1
6d571cd5aeff5dee0b76c80e34e83515
content-length
0
date
Thu, 09 Jan 2025 04:26:57 GMT
server
nginx
collect
collect-v6.51.la/v6/ 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.251.228.16 Tokyo, Japan, ASN140042 (IZEC-AS-AP Zhipinshang Hongkong Electron Communication Technology Limited, HK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

via
EA-JPN-tokyo-EDGE4-CACHE5[84],EA-JPN-tokyo-EDGE4-CACHE5[ovl,83],EA-HKG-GLOBAL1-CACHE31[ovl,28]
access-control-allow-origin
https://heard.workingsong.shop
x-ccdn-req-id-46b1
3f18f4eb2de60ed52b028c4e55154186
content-length
0
date
Thu, 09 Jan 2025 04:26:57 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials
true

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| LA number| laWaitTime

10 Cookies

Domain/Path Name / Value
heard.workingsong.shop/ Name: session_id
Value: ef569116-527b-4943-a95f-6e3a7806391a
heard.workingsong.shop/ Name: csrf
Value: fcba9a39-672b-4e48-8003-401ac60b5d31
.static.mercdn.net/ Name: __cf_bm
Value: 6TiyzBrMM1zz_r0mozemx5NR_R1Upn4Z12anuxAmbT4-1736396817-1.0.1.1-MRUlG9EYvDkN7zLgeYYz_T22S_Hv89mw_0SqxSfO2.gRF_uioF3kJ2HDW8LU7eJrYcNNXJHpX_FOTULXnlZNzg
heard.workingsong.shop/ Name: __tins__21939019
Value: %7B%22sid%22%3A%201736396817255%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201736398617255%7D
heard.workingsong.shop/ Name: __51cke__
Value:
heard.workingsong.shop/ Name: __51laig__
Value: 1
heard.workingsong.shop/ Name: __vtins__KXmIJp5AAyqKt9gS
Value: %7B%22sid%22%3A%20%2289c73668-5e85-51b7-b901-a7ece20035d0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201736398617261%2C%20%22ct%22%3A%201736396817261%7D
heard.workingsong.shop/ Name: __51uvsct__KXmIJp5AAyqKt9gS
Value: 1
heard.workingsong.shop/ Name: __51vcke__KXmIJp5AAyqKt9gS
Value: 26fbfd62-5519-503c-b396-0f2718909eab
heard.workingsong.shop/ Name: __51vuft__KXmIJp5AAyqKt9gS
Value: 1736396817264

2 Console Messages

Source Level URL
Text
network error URL: https://heard.workingsong.shop/static/css/cal.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://heard.workingsong.shop/static/images/left/leftIco.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

collect-v6.51.la
heard.workingsong.shop
ia.51.la
ic4-a.wowma.net
img.fril.jp
item-shopping.c.yimg.jp
js.users.51.la
sdk.51.la
shop.r10s.jp
static.mercdn.net
tshop.r10s.jp
103.151.139.208
104.18.33.34
104.251.228.16
172.67.191.244
182.22.28.252
218.12.76.158
2600:140b:a00:382::21ff
2600:140b:a00:a::b81b:b9c4
2a04:4e42:600::575
3.164.110.50
0e9be4602af24d64dce06c4e9d2ce04c3a66f40e43e546c76adbeb1f44c7d102
1f09a4a2f1d316668e88c6d59511dde6eb1479451e7926dbe9064243606e4d27
22b6d93c5b64f89e3e054a1ef4e22bca1fb631bab384a123b8b198f3b280aa3c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2759709c42e93d4df9672b2e4485bedbabfad6a1711147b63ea34daeb35edcbd
30e35cd8f13d78f1b801065e52cb8a2d71f87ee266c71e3c83e6cd115f0d3e3c
3342f09cc69975a2294e7e630d252fdcf165e101537d5d9c4765f8f590c8971c
37d9faa80f334ee63fa1248b3e9c44a25096a50d63fa30c71155721be2440827
37da4a6a861688733567827f015fc12d6ac8a061971d1b1755bfce04915c2cf0
3d38e3d44743f5945912fb53bc646e58198f95f5d8573f32e8ca265afba0fa5a
49962c61e427d6e3e87c793ccca08f5508165a23e9a56ab9c27c9ef9d7de0554
519eb30b2b15e55a72d5a18e5a478c589dc4d600360e3575120553ceaba9e482
5b77252f370ff33318665f17cde23e43268d0184f197fa80f7d520f845c55b46
645f8b2a8efad74e8e26d53c1e9dde8f60b82da7205b417bed1e666692322b75
67cfeb8467dd3a93b2b338f181bc841f76b4cbbaf8a74ad61bd6add28e88b275
7912a9970dabda70dbddde8dcae6a05689cf70a4b8ebf7d04f23a3d3f6675ea3
79db50bcc987f4178c4a64143fad0b1967bb1e93646a326ef96a35588ba03855
7ba164b5f729a86a1781055c4eed9a48e649bd5f2b8dd22e72d84b9c91c922a4
843804847b20728eba2e6efd3e13b604f610f3a74b9750eb7feb79e6bf4b032d
9379e4a26628ec02c5c160b26e31b9043bcee8eb898ad919e2f768c86a81f43d
9bf802b7f18ce17434c7f7b0a7f074d52fe224030313f850f422988de15ca6ba
a30e0df13f9bb728283dada578524b66606fbe2737200e5f6ef43ad420349a81
a368b6a6869bb443d0b437c2dd86108bebad9ae421ad6311383a1381df7c5769
a9911460e3b186928cc0d4418c5b00e66cd14a1daa5e73f5e877b6b54ae5b1a8
ab600bcb623360b5a87e5657495bb968325f0a47c3772fe3c1cc052ebd35f153
b235467e592b99c4a6a31dd2838d20f2d3ccd476130865903593ea01e5e333e7
b79b335942b461648820e561ea78a6861765ae64b04fb533612f732a235951af
c25927112dc7ca38df38a5963748ba5a5bae499742833a45ab7fe1cf5964f101
c494c067821b858b35c2bfe41c74f26c36cedd38b56e4ca96ca0047983a399cb
c76bf67bf04f1dce84c26f67d1ee6bf7913108a3637b8b257f8508f9c0109507
c96390f803d0b39c6369100c217ba1d5c5902b4edd8c3707ea0a96a94be9b52a
d1839f521f2fd75f06e18d4fd2db1fc232fc93f3c8e9dcce359a9e32396075ba
dda0cc2008227035efb926856582fa93cf2a573e4bae2b2d99ba3a945f196345
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecd52c526d8b27a390a8cbcc6d582f813e9c67e2eabd89e2271481df04e08243
f9d867181a54528a4a0ce0e7f6560020ea70a3a16ae6b160534520b25c2f2b57