urlscan.io logo urlscan.io
SecurityTrails logo

amds.guodu56.site Open in urlscan Pro
2606:4700:3031::6815:2a76  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://guaguagua.asia/
Effective URL: https://amds.guodu56.site/s/Njn9B
Submission: On November 26 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3031::6815:2a76, located in United States and belongs to CLOUDFLARENET, US. The main domain is amds.guodu56.site.
TLS certificate: Issued by WE1 on November 1st 2024. Valid for: 3 months.
This is the only time amds.guodu56.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 43.198.101.238 16509 (AMAZON-02)
2 2a03:2880:f00... 32934 (FACEBOOK)
4 2a03:2880:f10... 32934 (FACEBOOK)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 43.152.183.30 139341 (ACE-AS-AP...)
14 5
2    43.198.101.238 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-198-101-238.ap-east-1.compute.amazonaws.com
guaguagua.asia
2    2a03:2880:f00e:13:face:b00c:0:3 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a03:2880:f10e:83:face:b00c:0:25de (Toronto, Canada)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2606:4700:3031::6815:2a76 (United States)

ASN13335 (CLOUDFLARENET, US)
amds.guodu56.site
1    43.152.183.30 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
res.wx.qq.com
Apex Domain
Subdomains		 Transfer
5 guodu56.site
amds.guodu56.site
43 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
423 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
74 KB
2 guaguagua.asia
guaguagua.asia
1003 B
1 qq.com
res.wx.qq.com — Cisco Umbrella Rank: 9948
1 KB
14 5
Domain Requested by
5 amds.guodu56.site guaguagua.asia
amds.guodu56.site
4 www.facebook.com guaguagua.asia
2 connect.facebook.net guaguagua.asia
connect.facebook.net
2 guaguagua.asia
1 res.wx.qq.com
14 5

This site contains no links.

Subject Issuer Validity Valid
eeaa.asia
R10		 2024-11-11 -
2025-02-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-05 -
2024-12-04		 3 months crt.sh
guodu56.site
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
res.wx.qq.com
DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1		 2024-08-22 -
2025-09-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://amds.guodu56.site/s/Njn9B
Frame ID: EF32BE42BC96A2651D91F26D8DBA0528
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

温馨提示

Page URL History Show full URLs

  1. https://guaguagua.asia/ Page URL
  2. https://amds.guodu56.site/s/Njn9B Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

14
Requests

86 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

120 kB
Transfer

497 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://guaguagua.asia/ Page URL
  2. https://amds.guodu56.site/s/Njn9B Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
guaguagua.asia/ 		1 KB
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://guaguagua.asia/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.198.101.238 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-198-101-238.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c56192f82b7c300ddce85f6731c141d0c0636abf83a83fc54c70dbdf5ba58c32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 26 Nov 2024 23:51:13 GMT
etag
W/"6731913c-43d"
last-modified
Mon, 11 Nov 2024 05:08:12 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: guaguagua.asia
URL: https://guaguagua.asia/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-6IsK9w3X' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://guaguagua.asia/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 23:51:14 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-6IsK9w3X' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=23, mss=1232, tbw=5684, tp=10, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
V5GzsXVAZTExQzS7qx1sCyJa+FgruYQ8tq1jZ96iLqGJoUMr0t9Xyk3KToK9eWdN3M/gPcBcQZ4m29Y14OBygg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
491393860263831
connect.facebook.net/signals/config/ 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/491393860263831?v=2.9.176&r=stable&domain=guaguagua.asia&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
097d52ebe16d4f0b3ae4c9cf46aed0198dcbfd0c66d305b4e02c41d60472ba12
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-saRYKmks' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://guaguagua.asia/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 23:51:14 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-saRYKmks' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=77, mss=1232, tbw=72104, tp=68, tpl=0, uplat=54, ullat=0
pragma
public
x-fb-debug
LLTqS5DqEmFysnU/PGeALlnNT0d9i2zlYXl4C+Ngnh6k42ZTJfd/UrSDV8iY/9nUbSQ/ila0Cx4KQVx3gbWrGg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=491393860263831&ev=PageView&dl=https%3A%2F%2Fguaguagua.asia%2F&rl=&if=false&ts=1732665074257&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732665074254.238424780491788576&ler=empty&cdl=API_unavailable&it=1732665074122&coo=false&rqm=GET
Requested by
Host: guaguagua.asia
URL: https://guaguagua.asia/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://guaguagua.asia/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=5828, tp=13, tpl=0, uplat=2, ullat=1
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 26 Nov 2024 23:51:14 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=491393860263831&ev=PageView&dl=https%3A%2F%2Fguaguagua.asia%2F&rl=&if=false&ts=1732665074257&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732665074254.238424780491788576&ler=empty&cdl=API_unavailable&it=1732665074122&coo=false&rqm=FGET
Requested by
Host: guaguagua.asia
URL: https://guaguagua.asia/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://guaguagua.asia/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7441739829254263238"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 23:51:14 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
UUIi33puiKb/wr88pAnX0U3ea9xWV14Fd+1jlWAm7XH/RwfFbd8k/wKOVNAW8HBD/e9ati31qgTxAc+TJoig0g==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7441739829254263238", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=24, mss=1232, tbw=6388, tp=18, tpl=0, uplat=77, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=491393860263831&ev=Purchase&dl=https%3A%2F%2Fguaguagua.asia%2F&rl=&if=false&ts=1732665074262&cd[content_ids]=%5B%22491393860263831%22%5D&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=4126&fbp=fb.1.1732665074254.238424780491788576&ler=empty&cdl=API_unavailable&it=1732665074122&coo=false&rqm=GET
Requested by
Host: guaguagua.asia
URL: https://guaguagua.asia/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://guaguagua.asia/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=6148, tp=15, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 26 Nov 2024 23:51:14 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=491393860263831&ev=Purchase&dl=https%3A%2F%2Fguaguagua.asia%2F&rl=&if=false&ts=1732665074262&cd[content_ids]=%5B%22491393860263831%22%5D&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=4126&fbp=fb.1.1732665074254.238424780491788576&ler=empty&cdl=API_unavailable&it=1732665074122&coo=false&rqm=FGET
Requested by
Host: guaguagua.asia
URL: https://guaguagua.asia/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://guaguagua.asia/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7441739827975216132"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 23:51:14 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
+ZZSv0bUV4kylsSINP+S+qzteeXQOXbjHFieFbgpUlkQ13WoLSPCIMZAQ3tmnyrZZVzMM6Uvw9RvIlwKATZxgw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7441739827975216132", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=24, mss=1232, tbw=9572, tp=21, tpl=0, uplat=95, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
favicon.ico
guaguagua.asia/ 		148 B
228 B 		Other
General
Check archive.org
Download Go to
Full URL
https://guaguagua.asia/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.198.101.238 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-198-101-238.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://guaguagua.asia/

Response headers

content-length
148
date
Tue, 26 Nov 2024 23:51:14 GMT
etag
"67317685-94"
content-type
text/html
server
nginx
Primary Request Njn9B
amds.guodu56.site/s/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://amds.guodu56.site/s/Njn9B
Requested by
Host: guaguagua.asia
URL: https://guaguagua.asia/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2a76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.9
Resource Hash
547af0ac0eb6814d1a5964a72e4f4aa36ddd7f39365037de7e65a1a7e5d66dc7

Request headers

Referer
https://guaguagua.asia/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e8dc910287d8cb1-EWR
content-encoding
zstd
content-type
text/html;charset=utf-8
date
Tue, 26 Nov 2024 23:51:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qiuE7FYs5wu4aIJoBt98oX6gQgSYcwajqbPlw4hVb7pI9yN3MGXOmgtuBL2Kg8AS5dPdNHocBv8YWQ8ICywue1sSjljdpALoueobjUMk9dRPc%2FmvQ6M%2FSwU7FzpWcgwZ%2F77JsCDrLgYlESvifE8NYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=40574&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4194&recv_bytes=4448&delivery_rate=14456&cwnd=12000&unsent_bytes=0&cid=6168718695d12049&ts=267&x=1" cfExtPri cfHdrFlush;dur=0
vary
accept-encoding
x-powered-by
PHP/7.3.9
common.css
amds.guodu56.site/static/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amds.guodu56.site/static/css/common.css
Requested by
Host: amds.guodu56.site
URL: https://amds.guodu56.site/s/Njn9B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2a76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a65bc27a729bf675b346afabafa793b9b80fa149f7d38182e63f31334943bc3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amds.guodu56.site/s/Njn9B

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
6306
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=REGD%2BR3N1YDzwHbKiu6kBuhoJ5%2BrDdMoN4dtpFT%2Bf37p6zCTUwrUGKFFzE8LKMQCUJIZwVIeSQl2xiWUjWLNAkqzWExb4XkykgTDuxfnDUvJzHEejP1%2BawD8Q%2B%2F9TNS%2BhZbHHeoO7GORpKrHLkJcSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42864&sent=16&recv=17&lost=0&retrans=0&sent_bytes=5586&recv_bytes=5881&delivery_rate=21096&cwnd=12000&unsent_bytes=0&cid=6168718695d12049&ts=361&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 23:51:15 GMT
content-type
text/css
last-modified
Tue, 14 May 2024 02:18:48 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8dc91149dc8cb1-EWR
accept-ranges
bytes
content-length
1829
server
cloudflare
bootstrap.min.css
amds.guodu56.site/static/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amds.guodu56.site/static/css/bootstrap.min.css
Requested by
Host: amds.guodu56.site
URL: https://amds.guodu56.site/s/Njn9B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2a76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76c225518ce04603012fcc95632c3d25b4a9c16ee02422b5b631a0b29a1f409d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amds.guodu56.site/s/Njn9B

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
6306
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3oRnyPWomw3vJAPEeMQHkDys8SdSf%2By%2BmM85Scw8E%2BJiy2IUDPfGkT88KqnbN9g3z9ABiOrNfExfdoeosajjGT%2FG5bjLsVQcm8aZkrvg8UcJyDmv7O8oeXNErY1q5MVU2ZZ6L6%2BvpCYaq8wbhvgxyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42864&sent=19&recv=17&lost=0&retrans=0&sent_bytes=8155&recv_bytes=5881&delivery_rate=21096&cwnd=12000&unsent_bytes=0&cid=6168718695d12049&ts=362&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 23:51:15 GMT
content-type
text/css
last-modified
Fri, 21 Jun 2024 15:34:40 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8dc91149de8cb1-EWR
accept-ranges
bytes
content-length
23627
server
cloudflare
qrcode.min.js
amds.guodu56.site/static/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amds.guodu56.site/static/js/qrcode.min.js
Requested by
Host: amds.guodu56.site
URL: https://amds.guodu56.site/s/Njn9B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2a76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amds.guodu56.site/s/Njn9B

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
6306
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dJ8alA02P3ryRU9XfoNjH5n3MC%2FE06YqnrHnqKRIDFlFdBGouWO%2F5B9sH65IakReZBPHvy3gw9lZZLBuWUAwgdftwQnBfy%2B13B05AmUr9ixc8E1Qa%2BU0Efom7BeQPmMf7VUDaByhqERwoUwSMjCdfA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42864&sent=27&recv=17&lost=0&retrans=0&sent_bytes=17586&recv_bytes=5881&delivery_rate=21096&cwnd=12000&unsent_bytes=0&cid=6168718695d12049&ts=365&x=1", cfExtPri, cfHdrFlush;dur=38
date
Tue, 26 Nov 2024 23:51:15 GMT
content-type
application/javascript
last-modified
Tue, 14 May 2024 02:18:48 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8dc91149df8cb1-EWR
accept-ranges
bytes
content-length
7025
server
cloudflare
warn.png
amds.guodu56.site/static/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amds.guodu56.site/static/img/warn.png
Requested by
Host: amds.guodu56.site
URL: https://amds.guodu56.site/s/Njn9B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2a76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69b9c81367eed214f05783d1beb9e9b12c14ad719fa4fad7be831e04cc9bd705

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amds.guodu56.site/s/Njn9B

Response headers

cf-cache-status
HIT
age
6306
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2FAtMXGk25rrBbEXHBOzVTW30fBYidzZzgEQMyP9vL0PfgIpFYa4g5PwzVAS3NoBzxmfsnumi1wTj4dasswNy98jflFfFONnO9RDAEQlj%2FqHpUon4Xke90RnQabKi5ab8dXHya4ctVCSpmddauY9mA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42864&sent=27&recv=17&lost=0&retrans=0&sent_bytes=17586&recv_bytes=5881&delivery_rate=21096&cwnd=12000&unsent_bytes=0&cid=6168718695d12049&ts=363&x=1", cfExtPri, cfHdrFlush;dur=40
date
Tue, 26 Nov 2024 23:51:15 GMT
content-type
image/png
last-modified
Tue, 14 May 2024 02:18:48 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8dc91149e48cb1-EWR
accept-ranges
bytes
content-length
7657
server
cloudflare
NTI4MWU5.ico
res.wx.qq.com/a/wx_fed/assets/res/ 		827 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://res.wx.qq.com/a/wx_fed/assets/res/NTI4MWU5.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.183.30 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
NWS_SSD_MID /
Resource Hash
a62d7d84bd02b1718106d294d1f2c8387f9967239696c1e8b446201b63f34dc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amds.guodu56.site/

Response headers

Vary
Origin
X-Daa-Tunnel
hop_count=1
Cache-Control
max-age=31536000
X-NWS-LOG-UUID
7466594371824248883
Connection
keep-alive
Expires
Thu, 28 Nov 2024 06:40:23 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
827
Date
Wed, 29 Nov 2023 06:40:23 GMT
X-Verify-Code
32ee83c5c2bbd1878f8315263fd98741
Last-Modified
Tue, 28 Aug 2018 07:48:15 GMT
Content-Type
image/x-icon
Server
NWS_SSD_MID
X-Cache-Lookup
Cache Hit

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| QRCode

1 Cookies

Domain/Path Name / Value
.guaguagua.asia/ Name: _fbp
Value: fb.1.1732665074254.238424780491788576

1 Console Messages

Source Level URL
Text
network error URL: https://guaguagua.asia/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000