urlscan.io logo urlscan.io
SecurityTrails logo

heard.workingsong.shop Open in urlscan Pro
172.67.191.244  Public Scan

Go To Rescan Add Verdict Report
URL: https://heard.workingsong.shop/
Submission: On January 08 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 39 HTTP transactions. The main IP is 172.67.191.244, located in United States and belongs to CLOUDFLARENET, US. The main domain is heard.workingsong.shop.
TLS certificate: Issued by WE1 on December 12th 2024. Valid for: 3 months.
This is the only time heard.workingsong.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 172.67.191.244 13335 (CLOUDFLAR...)
1 2 2600:140b:a00... 20940 (AKAMAI-AS...)
7 172.64.154.222 13335 (CLOUDFLAR...)
2 2600:140b:1a0... 20940 (AKAMAI-AS...)
1 124.83.185.124 24572 (YAHOO-JP-...)
5 3.164.110.114 16509 (AMAZON-02)
3 104.251.228.15 140042 (IZEC-AS-A...)
1 118.123.207.195 38283 (CHINANET-...)
39 8
19    172.67.191.244 (United States)

ASN13335 (CLOUDFLARENET, US)
heard.workingsong.shop
2    2600:140b:a00:a::b81b:b9d7 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
tshop.r10s.jp
shop.r10s.jp
7    172.64.154.222 (None, )

ASN13335 (CLOUDFLARENET, US)
static.mercdn.net
2    2600:140b:1a00:38b::21ff (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
ic4-a.wowma.net
1    124.83.185.124 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
PTR: edge2400.img.vip.snz.yimg.jp
auctions.c.yimg.jp
5    3.164.110.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-110-114.nrt12.r.cloudfront.net
img.fril.jp
3    104.251.228.15 (Tokyo, Japan)

ASN140042 (IZEC-AS-AP Zhipinshang Hongkong Electron Communication Technology Limited, HK)
js.users.51.la
sdk.51.la
collect-v6.51.la
1    118.123.207.195 (China)

ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN)
ia.51.la
Apex Domain
Subdomains		 Transfer
19 workingsong.shop
heard.workingsong.shop
468 KB
7 mercdn.net
static.mercdn.net — Cisco Umbrella Rank: 205265
598 KB
5 fril.jp
img.fril.jp — Cisco Umbrella Rank: 722211
638 KB
4 51.la
js.users.51.la — Cisco Umbrella Rank: 163367
sdk.51.la — Cisco Umbrella Rank: 73455
ia.51.la — Cisco Umbrella Rank: 158554
collect-v6.51.la — Cisco Umbrella Rank: 78995
41 KB
2 wowma.net
ic4-a.wowma.net
43 KB
2 r10s.jp
tshop.r10s.jp — Cisco Umbrella Rank: 252799
shop.r10s.jp — Cisco Umbrella Rank: 475048
214 KB
1 yimg.jp
auctions.c.yimg.jp — Cisco Umbrella Rank: 312356
64 KB
39 7
Domain Requested by
19 heard.workingsong.shop heard.workingsong.shop
7 static.mercdn.net heard.workingsong.shop
5 img.fril.jp heard.workingsong.shop
2 ic4-a.wowma.net heard.workingsong.shop
1 collect-v6.51.la sdk.51.la
1 ia.51.la heard.workingsong.shop
1 sdk.51.la heard.workingsong.shop
1 js.users.51.la heard.workingsong.shop
1 auctions.c.yimg.jp heard.workingsong.shop
1 shop.r10s.jp heard.workingsong.shop
1 tshop.r10s.jp 1 redirects
39 11

This site contains no links.

Subject Issuer Validity Valid
workingsong.shop
WE1		 2024-12-12 -
2025-03-12		 3 months crt.sh
*.mercdn.net
GlobalSign GCC R3 DV TLS CA 2020		 2024-05-10 -
2025-06-11		 a year crt.sh
*.wowma.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-22 -
2025-05-18		 a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2024-09-20 -
2025-10-19		 a year crt.sh
fril.jp
Amazon RSA 2048 M03		 2024-10-21 -
2025-11-18		 a year crt.sh
*.users.51.la
GlobalSign RSA OV SSL CA 2018		 2024-03-19 -
2025-04-20		 a year crt.sh
*.51.la
GlobalSign RSA OV SSL CA 2018		 2024-03-19 -
2025-04-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://heard.workingsong.shop/
Frame ID: FCEF303F5661BF2A3CE2171CFE381709
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

通年定番・旅行・エレクトリックアコースティックギター・サッカー・プラモデル

Page Statistics

39
Requests

97 %
HTTPS

25 %
IPv6

7
Domains

11
Subdomains

8
IPs

4
Countries

2066 kB
Transfer

2172 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://tshop.r10s.jp/donguriano/cabinet/03795038/03795050/imgrc0087664173.jpg HTTP 302
  • https://shop.r10s.jp/donguriano/cabinet/03795038/03795050/imgrc0087664173.jpg

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heard.workingsong.shop/ 		47 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd9556234d3dac453d3f46b2babdb75b2f1484ec113cbe6e68cc2453fabd2a86

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8fe9545fde6fdffd-NRT
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Wed, 08 Jan 2025 04:09:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPRAAQJ%2FFdhU5NswOdoe%2FU%2BE86A2hIauemf4lwxP0lDWE9e0HZfYNPHK7t9CzSMgENTpeoggEUaaCDPlUj7wpM18PyiSYqZ%2FJizO5XAD1w%2BS%2BvP94lc2A145VgGIXlcc%2Bp2pE7uQ2GvP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=1899&min_rtt=1243&rtt_var=937&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4236&recv_bytes=5739&delivery_rate=1029&cwnd=12000&unsent_bytes=0&cid=b68924354cdd4563&ts=339&x=1" cfExtPri cfHdrFlush;dur=0
vary
Cookie,Accept-Encoding
style.css
heard.workingsong.shop/static/css/ 		79 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heard.workingsong.shop/static/css/style.css
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecd52c526d8b27a390a8cbcc6d582f813e9c67e2eabd89e2271481df04e08243

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BD%2Fky3Ft84pjWOxrzofOCo%2FrnGRs9pTZQkAjMMzngFSUH0QsxRPPLuukdhP%2Bj6fJehHjV2y01aU1h51LBLVslxXQE%2F4AOxQ%2BZ5ZTkhQoxeEwqsIXuzH%2FfDhUGxm%2BO6tZW64xB8q5EYRr"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe95461f83bdffd-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2806&min_rtt=1243&rtt_var=883&sent=47&recv=41&lost=0&retrans=0&sent_bytes=32096&recv_bytes=13590&delivery_rate=1363874&cwnd=12000&unsent_bytes=0&cid=b68924354cdd4563&ts=572&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
text/css; charset=utf8
vary
Cookie,Accept-Encoding
server
cloudflare
last-modified
Thu, 18 Jul 2024 09:37:22 GMT
priority
u=0,i=?0
cal.css
heard.workingsong.shop/static/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heard.workingsong.shop/static/css/cal.css
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZaTD%2FZTKtmdNox4fAb6ccpLIVXpSzbIgYZ5DQ2loyzSuolBaWOfLbfVYJMeRmEdzSy3tfqpIK5FPQVrGSwyRJer2128%2FHzwButPcbP8YiegjG%2FdHmGVd2g9w%2BQRe%2Brj54TPdtmPjzov"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe95461f83ddffd-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2632&min_rtt=1243&rtt_var=590&sent=63&recv=44&lost=0&retrans=0&sent_bytes=49492&recv_bytes=13719&delivery_rate=1799688&cwnd=12000&unsent_bytes=0&cid=b68924354cdd4563&ts=583&x=1", cfExtPri, cfHdrFlush;dur=5
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
text/html; charset=utf-8
vary
Cookie, Accept-Encoding
server
cloudflare
priority
u=0,i=?0
logo.png
heard.workingsong.shop/static/images/header/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/header/logo.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dda0cc2008227035efb926856582fa93cf2a573e4bae2b2d99ba3a945f196345

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2F3lk9SiuSD33%2BmClUDzwiNN66vNDnf7b9Q3yHidq8G2HpHN6DEMoV5KycDlZruFE3GtUGHjuPAE3v7KTNg%2B1tTqvrSTYqew5GCIl05V90hNoWgOzosb75luWOnm%2BT87yNb%2BsDx5liC7"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe95461f83edffd-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1802&min_rtt=1243&rtt_var=403&sent=30&recv=33&lost=0&retrans=0&sent_bytes=15300&recv_bytes=13246&delivery_rate=19403&cwnd=12000&unsent_bytes=0&cid=b68924354cdd4563&ts=536&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
4134
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:53:18 GMT
priority
u=2,i
Index_banner.png
heard.workingsong.shop/static/images/banner/ 		211 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/banner/Index_banner.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a368b6a6869bb443d0b437c2dd86108bebad9ae421ad6311383a1381df7c5769

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Br9%2FYl1%2ByiHj2CSEV2PWWM5b5%2FHkp8nd841Y49rGBDHYPQpGsmXV75yMKwsSpxm8ibTwnmOYufxKk95KEueL0e83%2FGUrJip%2F3QhbtLxeBLwC6mjQ3BDGDC0oXa98yFFmEe3A5Hz33T1C"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe95461f83fdffd-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2556&min_rtt=1243&rtt_var=1147&sent=142&recv=77&lost=0&retrans=0&sent_bytes=135206&recv_bytes=15175&delivery_rate=22099352&cwnd=37200&unsent_bytes=0&cid=b68924354cdd4563&ts=963&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
215763
date
Wed, 08 Jan 2025 04:09:01 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:55:12 GMT
priority
u=2,i
leftIco.png
heard.workingsong.shop/static/images/left/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/left/leftIco.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ea584d42c551f0b19d414e414413ba7d56e97cbb16b38df96c7f5bf2f1830dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fm12oiTKjiVETQ1ixqpYSjgNdcLHqxaxnIK0c4%2B5sRZnZl7yNOLHNwrk63l%2F9P8o8nGIvuAd1EIhlRd3li6SnCc0W9VvaKddNZteoT7JftVEi9yq4JumrvZBPS5abnRPecxdoxCBaUQl"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe954622861dffd-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3471&min_rtt=1243&rtt_var=424&sent=107&recv=72&lost=0&retrans=0&sent_bytes=95454&recv_bytes=14952&delivery_rate=7211444&cwnd=37200&unsent_bytes=0&cid=b68924354cdd4563&ts=626&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
text/html; charset=utf-8
vary
Cookie, Accept-Encoding
server
cloudflare
priority
u=2,i
leftbanner03.png
heard.workingsong.shop/static/images/left/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/left/leftbanner03.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67cfeb8467dd3a93b2b338f181bc841f76b4cbbaf8a74ad61bd6add28e88b275

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSox14mclBqFDwULvZD48xXppTlPBz%2BlGbGDklDsvU9xg8wgp2sIBpFV3Z5UjY1mmBE2Y985PWpBO4DfepfYdNtUm%2FDUni4o3nryMpvXb7mARDlzs8xEKXVvylZdah1qfkZ8KgfK8jil"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe954622863dffd-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2632&min_rtt=1243&rtt_var=590&sent=63&recv=44&lost=0&retrans=0&sent_bytes=49492&recv_bytes=13719&delivery_rate=1799688&cwnd=12000&unsent_bytes=0&cid=b68924354cdd4563&ts=586&x=1", cfExtPri, cfHdrFlush;dur=3
content-length
8359
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:55:50 GMT
priority
u=2,i
indexbanner03.png
heard.workingsong.shop/static/images/banner/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/banner/indexbanner03.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba164b5f729a86a1781055c4eed9a48e649bd5f2b8dd22e72d84b9c91c922a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nqwopufsqozr%2BhHbvY3BI8BoTgK401wOtEIxX8iDUuFQ2EiuHAhWCJQcV3kRwAcvj0%2BWkYfZ%2BL6vbxxBMoISH%2Fz9R765scWKC31RiO1B8Ri5Mda%2FxP4baiqWg59vtTIiY5L1Bn3vC7xX"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe954622865dffd-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3048&min_rtt=1243&rtt_var=995&sent=115&recv=74&lost=0&retrans=0&sent_bytes=103051&recv_bytes=15042&delivery_rate=795497&cwnd=37200&unsent_bytes=0&cid=b68924354cdd4563&ts=920&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
139183
date
Wed, 08 Jan 2025 04:09:01 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:55:12 GMT
priority
u=2,i
imgrc0087664173.jpg
shop.r10s.jp/donguriano/cabinet/03795038/03795050/
Redirect Chain
  • https://tshop.r10s.jp/donguriano/cabinet/03795038/03795050/imgrc0087664173.jpg
  • https://shop.r10s.jp/donguriano/cabinet/03795038/03795050/imgrc0087664173.jpg
213 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.r10s.jp/donguriano/cabinet/03795038/03795050/imgrc0087664173.jpg
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Server
2600:140b:a00:a::b81b:b9d7 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
4af47e9528cce8e8863e9ed1f3549c4822690ce1845000b6e2f1cbb69bc3feba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
max-age=86342
access-control-expose-headers
x-cdn-served-from
etag
"660a4a2f-4a616"
x-cdn-served-from
Akamai
expires
Thu, 09 Jan 2025 04:08:02 GMT
accept-ranges
none
content-length
218452
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/webp
last-modified
Mon, 01 Apr 2024 05:46:23 GMT
server
nginx
vary
Origin

Redirect headers

cache-control
max-age=82800
location
https://shop.r10s.jp/donguriano/cabinet/03795038/03795050/imgrc0087664173.jpg
access-control-expose-headers
x-cdn-served-from
x-cdn-served-from
Akamai
expires
Thu, 09 Jan 2025 03:09:00 GMT
content-length
0
date
Wed, 08 Jan 2025 04:09:00 GMT
vary
Origin
server
AkamaiGHost
m78171425461_1.jpg
static.mercdn.net/item/detail/orig/photos/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mercdn.net/item/detail/orig/photos/m78171425461_1.jpg?1701922103
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bebef0b012fcee1221c55730d0a95dfe27a3a0fe0c55826a2da6aa51874c884
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cf-bgj
h2pri
etag
W/"EAIwnhMk9G4JOEVxZSIAAAAiNTM1OTFkNjA1MzhhMDkyZmIwMTY0MDhhNWMzN2U4NjAi"
age
156904
cf-cache-status
HIT
x-amz-version-id
FmrIOwyRzdbxKgojxHfuqzCq0am_zv72
x-content-type-options
nosniff
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/jpeg
last-modified
Thu, 07 Dec 2023 04:08:24 GMT
vary
Accept-Encoding
x-amz-id-2
gW0Ra0rP9iPfsAN/XyeHEyGyyQBvhx/I1UsFOehqHKiIGNBu6Hp6njgx6v88dQlHBEB2pDz3r50=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
via
http/1.1 rear.sv124 (ATS [cMsSfW])
x-amz-request-id
XAJR6H5GZZM5HVK2
cf-ray
8fe9546289b934ed-NRT
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
031.jpg
ic4-a.wowma.net/mi/gr/135/img.hmv.co.jp/image/jacket/400/0000144/4/7/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic4-a.wowma.net/mi/gr/135/img.hmv.co.jp/image/jacket/400/0000144/4/7/031.jpg
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:140b:1a00:38b::21ff Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx/1.7.1 /
Resource Hash
418332654db10d5103ed3d613fb16a9cd54fb341d06a03c43d1ff2d2b4488eff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

Cache-Control
max-age=43200
ETag
"84038778713da1:0"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38441
Date
Wed, 08 Jan 2025 04:09:00 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 10 Nov 2023 03:39:10 GMT
Server
nginx/1.7.1
X-Upstream
23.35.113.103:80
i-img600x450-17231940469366obhrin63096.jpg
auctions.c.yimg.jp/images.auctions.yahoo.co.jp/image/dr000/auc0508/user/b718cf69864fa442c3793671e475273453fbcefd0d3463e51805d44b8d7f9f68/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auctions.c.yimg.jp/images.auctions.yahoo.co.jp/image/dr000/auc0508/user/b718cf69864fa442c3793671e475273453fbcefd0d3463e51805d44b8d7f9f68/i-img600x450-17231940469366obhrin63096.jpg
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
124.83.185.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
edge2400.img.vip.snz.yimg.jp
Software
nghttpx /
Resource Hash
ca030de61cc8a3de5a04b7c105c3f14909919467e7f6bce070a4e786d30d21da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
max-age=1209600, public
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
425560
x-content-type-options
nosniff
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
64880
date
Fri, 03 Jan 2025 05:56:20 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
server
nghttpx
x-frame-options
SAMEORIGIN
m78279982096_1.jpg
static.mercdn.net/item/detail/orig/photos/ 		134 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mercdn.net/item/detail/orig/photos/m78279982096_1.jpg?1720248442
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb31b16a25760ab5858229425224ac2465ea851f1e0396a1dd983caed665569
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cf-bgj
h2pri
etag
W/"EDGMCsZdVCtye-iIZiIAAAAiMTM4OGQ3MmYyYWE1OGIxMDU4MmZkZTJmMjZkOGZmMTgi"
age
501668
cf-cache-status
HIT
x-amz-version-id
TG31ImQB_0cX34Ufjm3mSe1hruuvfnhk
x-content-type-options
nosniff
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/jpeg
last-modified
Sat, 06 Jul 2024 06:47:23 GMT
vary
Accept-Encoding
x-amz-id-2
3+CGSCrKXRmY/n7XmFx7MqRMwB+gLgMwsFzp1RNVmMlBGdzQRu0eALTQJWvNkEk1HBWpP4LNyck=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
via
http/1.1 rear.sv111 (ATS [cMsSfW])
x-amz-request-id
T93T6EC5CCZ606HC
cf-ray
8fe9546289ba34ed-NRT
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
1-823-0648.jpg
ic4-a.wowma.net/mis/gr/135/image.wowma.jp/70798035/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic4-a.wowma.net/mis/gr/135/image.wowma.jp/70798035/1-823-0648.jpg
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:140b:1a00:38b::21ff Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx/1.7.1 /
Resource Hash
501cf1a9e932b3e28cae9b8aa8962af2764c427a3033a75b3245915ed17aae4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

Content-Length
5592
ETag
"643d98e4-15d8"
Date
Wed, 08 Jan 2025 04:09:00 GMT
Content-Type
image/jpeg
Server
nginx/1.7.1
Connection
keep-alive
725392554.jpg
img.fril.jp/img/256178836/l/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.fril.jp/img/256178836/l/725392554.jpg?1567481518
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.164.110.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-110-114.nrt12.r.cloudfront.net
Software
CloudFront /
Resource Hash
b7a68a54ddc61cad6752f136ca8514aac6e2a817c77338bcd00a88be3d897739

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

ETag
"d3676c92a85d581f643d959cea58a77f"
x-amz-version-id
kB8oBtiOTO2EKR8utsuDeKJOnUwzTm2T
Connection
keep-alive
Via
1.1 495b2c01d1ffa830c505307f4f8075bc.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Miss from cloudfront
Content-Length
60397
X-Amz-Cf-Id
r1xoibLtMauAFF-GQcug3tLYw2mQOR57ZVh0-q1CFvWrFtIshbm97A==
Date
Wed, 08 Jan 2025 04:09:01 GMT
Content-Type
image/jpeg
Last-Modified
Tue, 03 Sep 2019 03:32:00 GMT
Server
CloudFront
X-Amz-Cf-Pop
NRT12-P2
Vary
Origin
1669548003.jpg
img.fril.jp/img/546992133/l/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.fril.jp/img/546992133/l/1669548003.jpg?1665407000
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.164.110.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-110-114.nrt12.r.cloudfront.net
Software
CloudFront /
Resource Hash
4a8bcd2c826c21606f422267ff72b0574b8315919d23aec7f3f3c789952a03c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

Vary
Origin
ETag
"e7dbef832e02e14d08555ba4fddf0075"
x-amz-version-id
Q1Lzu1SVKBAP6kyQglHIzAvWSm4yNHDU
Connection
keep-alive
Via
1.1 495b2c01d1ffa830c505307f4f8075bc.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Miss from cloudfront
Content-Length
43350
X-Amz-Cf-Id
DUYaqg3DtpExKNa6ZHB7e5n6BuU9MDBmGui73epvz8bBPtWw0JPiVA==
Date
Wed, 08 Jan 2025 04:09:01 GMT
Content-Type
image/jpeg
Last-Modified
Mon, 10 Oct 2022 13:03:21 GMT
Server
CloudFront
X-Amz-Cf-Pop
NRT12-P2
x-amz-server-side-encryption
AES256
indexbanner02.png
heard.workingsong.shop/static/images/banner/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/banner/indexbanner02.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2759709c42e93d4df9672b2e4485bedbabfad6a1711147b63ea34daeb35edcbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FEtfLKIzuRKE9Nc6GcFVxL%2FgJvyd63C1f0J1dmgn9YOfUiBEApVbCdZXpnahCBYHj9fycYWAXyuEHLw94JzT%2Bw2BJeN1rZgCUPKrrqDMbC2%2FvO%2FNIKkjFmwcQdvVr7zmJ31twR5pF8p"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe95462286ddffd-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=4149&min_rtt=1243&rtt_var=947&sent=88&recv=62&lost=0&retrans=0&sent_bytes=74762&recv_bytes=14508&delivery_rate=1685803&cwnd=37200&unsent_bytes=0&cid=b68924354cdd4563&ts=599&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
19361
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:55:12 GMT
priority
u=3,i
m84647474143_1.jpg
static.mercdn.net/item/detail/orig/photos/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mercdn.net/item/detail/orig/photos/m84647474143_1.jpg?1704684401
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa7bbca8652fbfb2732f9c402521110f2177882efa083dcb65f49ae2713d746a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cf-bgj
h2pri
etag
W/"ECNuPsB3NvNwcmubZSIAAAAiZmRiNTI3OGQzMThhNWQyMzkwN2FmNGUzNmVmZDlhZjEi"
x-amz-version-id
BDcBhWZIBfZbLaGTJagC5O3kJLBKEpW5
cf-cache-status
HIT
x-content-type-options
nosniff
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/jpeg
last-modified
Mon, 08 Jan 2024 03:26:42 GMT
vary
Accept-Encoding
x-amz-id-2
p4yyonVy0ORdK/pwq9bpUXgdbk20XVSGJaNTliB76DipTi/1KQqvRUBMApASXXImCAHzwXN08Dg=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
via
http/1.1 rear.sv213 (ATS [cMsSfW])
x-amz-request-id
GQRJ6X084JYTRHEY
cf-ray
8fe95462fa0a34ed-NRT
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
2427145576.jpg
img.fril.jp/img/724074898/l/ 		217 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.fril.jp/img/724074898/l/2427145576.jpg?1731379250
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.164.110.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-110-114.nrt12.r.cloudfront.net
Software
CloudFront /
Resource Hash
66c5c7dc06f239694dfde78ed426d741707933c7ffa47eb75499fc94e17f4318

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

Vary
Origin
ETag
"e5d61cdbfd890a0464a507a9b8df0741"
x-amz-version-id
5IKMj2EdEYSO.NRn96M2g9FUh1fNyaE4
Connection
keep-alive
Via
1.1 3c3704d1d972509b35eb599b7ec5b18e.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Miss from cloudfront
Content-Length
222378
X-Amz-Cf-Id
ebwLK89wtqmzt1HIsPFuVYBTkCVxfbjeCjApTkDudcVFuYScXoDG7w==
Date
Wed, 08 Jan 2025 04:09:01 GMT
Content-Type
image/jpeg
Last-Modified
Tue, 12 Nov 2024 02:41:41 GMT
Server
CloudFront
X-Amz-Cf-Pop
NRT12-P2
x-amz-server-side-encryption
AES256
m87627815215_1.jpg
static.mercdn.net/item/detail/orig/photos/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mercdn.net/item/detail/orig/photos/m87627815215_1.jpg?1669185967
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f4cf35ae8a778f4021f11ece959189d20127b1f943f9ed382e82e54d20fe1d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cf-cache-status
MISS
etag
W/"EBY9KrouHhPzsMF9YyIAAAAiNzE5NGFhNTkwMjFhZTUxMjE4YmU5M2U3ZmY3MmFjZmQi"
x-amz-version-id
idjRR3hcyBbXM1p4Ijwo7xrjFHm2PtGn
x-content-type-options
nosniff
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/jpeg
last-modified
Wed, 23 Nov 2022 06:46:08 GMT
vary
Accept-Encoding
x-amz-id-2
3iikVfAfKs/iBqGTaaNxuIsHzluMdPv5CzKhlaE198Nqw36OJVyQv0eVU6mie8YMgd8hDe8FZf4=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
via
http/1.1 rear.sv212 (ATS [cHs f ])
x-amz-request-id
ECCQW3A59VASCM31
cf-ray
8fe95462fa0b34ed-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
60515
server
cloudflare
m43352759305_1.jpg
static.mercdn.net/item/detail/orig/photos/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mercdn.net/item/detail/orig/photos/m43352759305_1.jpg?1706656602
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b857cb3c8af3c722d8061d610aad6189b829a0dccbed147142c05e58ea2bd77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cf-cache-status
MISS
etag
W/"ECTe_SUsXnruW4O5ZSIAAAAiZTIyMzllNzM4YzExZTcxZmU4NmMyODY5ZjY1NzJmNjMi"
x-amz-version-id
fjgFootsFOV_vqNLNDwNIMqIYtOOZz7I
x-content-type-options
nosniff
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/jpeg
last-modified
Tue, 30 Jan 2024 23:16:43 GMT
vary
Accept-Encoding
x-amz-id-2
cj5rtwEONPD0NyKDMbe2wcTaekAZRt1QkDeq7UlMdCny2og5lIljwvH+DK6o9lpBrH0U1yO6WCg=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
via
http/1.1 rear.sv106 (ATS [cHs f ])
x-amz-request-id
WJPS5WPYYVTNDNYG
cf-ray
8fe95462fa0c34ed-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
86691
server
cloudflare
x-amz-server-side-encryption
AES256
m34690883930_1.jpg
static.mercdn.net/item/detail/orig/photos/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mercdn.net/item/detail/orig/photos/m34690883930_1.jpg?1703162794
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3913f8c3df8633bb7dd89d4c3555f819162dd8b7175aaa0d4648ec1a41e37100
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cf-bgj
h2pri
etag
W/"EO4eVEvLZut-qzOEZSIAAAAiZDRhZWYwZWU3NDQzMDVkYjE3ZjEyNWY0YzFjYTA5ZGQi"
age
166952
cf-cache-status
HIT
x-amz-version-id
BQva82XVSBAsaWFXuAJ3Ttf.KE70o9kj
x-content-type-options
nosniff
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/jpeg
last-modified
Thu, 21 Dec 2023 12:46:35 GMT
vary
Accept-Encoding
x-amz-id-2
6hbj8VcNsROtP1EL38QRVfmOfYV3Z8POnPbai5pRg8osAcxnMtfkV8EtZ3FINKb0iJvzXyhvSPw=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
via
http/1.1 rear.sv104 (ATS [cHs f ])
x-amz-request-id
Q57BNAP6RTREPQ9X
cf-ray
8fe95462fa0d34ed-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
106509
server
cloudflare
x-amz-server-side-encryption
AES256
m37826846226_1.jpg
static.mercdn.net/item/detail/orig/photos/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mercdn.net/item/detail/orig/photos/m37826846226_1.jpg?1701006732
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efa63128bbfe47a3e47363a4898fe48fcacbaccaadc6f1ffbb77dd2ceb360bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cf-cache-status
MISS
etag
W/"ELStZDdglhSijU1jZSIAAAAiODM3M2ViMzUwNmI3NmIwMmViZTJkOTIwM2UwOWNkNDYi"
x-amz-version-id
1UYPk0BOuGVwb1h_8q8NC949eOT7ZVvM
x-content-type-options
nosniff
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/jpeg
last-modified
Sun, 26 Nov 2023 13:52:13 GMT
vary
Accept-Encoding
x-amz-id-2
iXhfbWoDd8vzjwLJEGUFaPbydZ/SLcyB1JP8JZ9M5U0/q3GXQnfrBJqucSglUXcqGhkojG+Secw=
strict-transport-security
max-age=31536000
cache-control
max-age=315360000
via
http/1.1 rear.sv124 (ATS [cMsSfW])
x-amz-request-id
M3FN1BJZ41V88Y3C
cf-ray
8fe95462fa0f34ed-NRT
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
2415511245.jpg
img.fril.jp/img/721253429/l/ 		189 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.fril.jp/img/721253429/l/2415511245.jpg?1730336231
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.164.110.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-110-114.nrt12.r.cloudfront.net
Software
CloudFront /
Resource Hash
bea300e50eebe812830824c633d9672bfe5636affb65f75b999da3426d56b431

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

Vary
Origin
ETag
"b9d939f8c6481bcd731ec032551b4642"
x-amz-version-id
jcGmFwfQAESYcusbfUOC6ET.NhYzpEm3
Connection
keep-alive
Via
1.1 495b2c01d1ffa830c505307f4f8075bc.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Miss from cloudfront
Content-Length
193721
X-Amz-Cf-Id
fHMBIiV6geZ9-372oO4kFf5jjXfeWrAZ4hdWj9t82QJpZBVkaNXBvA==
Date
Wed, 08 Jan 2025 04:09:01 GMT
Content-Type
image/jpeg
Last-Modified
Thu, 31 Oct 2024 00:57:13 GMT
Server
CloudFront
X-Amz-Cf-Pop
NRT12-P2
x-amz-server-side-encryption
AES256
1972085897.jpg
img.fril.jp/img/619228888/l/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.fril.jp/img/619228888/l/1972085897.jpg?1689428512
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.164.110.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-110-114.nrt12.r.cloudfront.net
Software
CloudFront /
Resource Hash
8feee96d4f45327b4c3c6a9edf57d0e7e5ca6568728496d361e804176249c113

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

Vary
Origin
ETag
"efb0855efbc418bea400e0287083f654"
x-amz-version-id
foUrkZ.GM5DJDLPZPa5X7wJxJZtPXzzo
Connection
keep-alive
Via
1.1 d694eac03cd6dc48a34be10ef919bdd4.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Miss from cloudfront
Content-Length
130409
X-Amz-Cf-Id
nmx2sGOEOh0QXMWTMG1XPv9TMpddjUuyK20uQ_sUwsjFZTAAEmPqZg==
Date
Wed, 08 Jan 2025 04:09:01 GMT
Content-Type
image/jpeg
Last-Modified
Sat, 15 Jul 2023 13:41:54 GMT
Server
CloudFront
X-Amz-Cf-Pop
NRT12-P2
x-amz-server-side-encryption
AES256
footer_guide_payment.png
heard.workingsong.shop/static/images/footer/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/footer/footer_guide_payment.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519eb30b2b15e55a72d5a18e5a478c589dc4d600360e3575120553ceaba9e482

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WG%2B9OYJHDyDlylPTW5OPa1zuypmqOk15uJnfvQBkb0nkicBzWQTcTj532Q%2FiHwKSgpSkKJDH5VYWoQ10xp5bTIkqq5xtNlpa2E9RwgbSvEYepPVyu5%2FyPGKRY%2BP6c5aiJP9qehTrG2wn"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe954623871dffd-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2646&min_rtt=1243&rtt_var=982&sent=48&recv=42&lost=0&retrans=0&sent_bytes=32984&recv_bytes=13633&delivery_rate=300422&cwnd=12000&unsent_bytes=0&cid=b68924354cdd4563&ts=576&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
1221
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:54:08 GMT
priority
u=3,i
payment_btn.png
heard.workingsong.shop/static/images/footer/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/footer/payment_btn.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c76bf67bf04f1dce84c26f67d1ee6bf7913108a3637b8b257f8508f9c0109507

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aH0%2FxDTmKt5aSZR2I1ZAZjudzyhbmvK2E7pdWev0Z3Ybr0hxWhXNvXv9QSE4sAyXGMPl60iwhvcdRQHjOFgUH1SwXX0ien1AfQdlZuXomsuuvhtUqykIGoTmkFLxFwrmgKaquL5XUQFy"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe954623873dffd-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3016&min_rtt=1243&rtt_var=877&sent=42&recv=39&lost=0&retrans=0&sent_bytes=27248&recv_bytes=13504&delivery_rate=343940&cwnd=12000&unsent_bytes=0&cid=b68924354cdd4563&ts=564&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
1479
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:54:06 GMT
priority
u=3,i
footer_guide_free.png
heard.workingsong.shop/static/images/footer/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/footer/footer_guide_free.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645f8b2a8efad74e8e26d53c1e9dde8f60b82da7205b417bed1e666692322b75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5UmCTH%2FYFWRBruJQR%2FrqpNl8N9MH3yMMGUYRLO3%2B4eFzOPonTPGgfLpRfs7WRT2zuI%2BEg1KS%2FWhQbjbiC1RiD7KzBe3ztw2kcSoYR0TVfZ3v0FnD3Lzj2pRQd7eOz2q3xJEjeMpMvphc"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe954623874dffd-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2840&min_rtt=1243&rtt_var=2028&sent=35&recv=35&lost=0&retrans=0&sent_bytes=20414&recv_bytes=13332&delivery_rate=772906&cwnd=12000&unsent_bytes=0&cid=b68924354cdd4563&ts=556&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
2069
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:54:06 GMT
priority
u=3,i
footer_guide_privacypolicy.png
heard.workingsong.shop/static/images/footer/ 		621 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/footer/footer_guide_privacypolicy.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1839f521f2fd75f06e18d4fd2db1fc232fc93f3c8e9dcce359a9e32396075ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=knkYR3Ks9QTrhrTrcCgObK%2BIvicgBwfrWFCSupvajaa6VMS3Viz84J09msOyfHkvSE5lygwFSnO4837t5FeeZtF9EzljnGezG2AKaunZuYtclr9oqR7xvAy6s5CPUWzEYvjEtEBjBvdi"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe954623877dffd-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2840&min_rtt=1243&rtt_var=2028&sent=38&recv=35&lost=0&retrans=0&sent_bytes=23419&recv_bytes=13332&delivery_rate=772906&cwnd=12000&unsent_bytes=0&cid=b68924354cdd4563&ts=558&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
621
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:54:06 GMT
priority
u=3,i
privacy_btn.png
heard.workingsong.shop/static/images/footer/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/footer/privacy_btn.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22b6d93c5b64f89e3e054a1ef4e22bca1fb631bab384a123b8b198f3b280aa3c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ZnxdMB0EJeRDs%2F3pB7UQpxEjSFgjBhPjxfQK0i3vcdHnVfFn07o8Rk3IqoIO4yHnPTY%2FS0cfCMV4fK3OJYZESYbBGvpPAwFMKnPrdE86vyS11xa41IacYIrHMBz2VeG9TE8iYJzvMpV"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe954623878dffd-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2646&min_rtt=1243&rtt_var=982&sent=50&recv=42&lost=0&retrans=0&sent_bytes=35113&recv_bytes=13633&delivery_rate=300422&cwnd=12000&unsent_bytes=0&cid=b68924354cdd4563&ts=577&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
1472
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:54:06 GMT
priority
u=3,i
footer_guide_exchange.png
heard.workingsong.shop/static/images/footer/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/footer/footer_guide_exchange.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79db50bcc987f4178c4a64143fad0b1967bb1e93646a326ef96a35588ba03855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t0DnM%2FNLfRu5FXVfn6WEgGIK%2FN7k9BXBSmNrR6LlGyVlV%2BV5yLJ%2FSE2ydBJ9VbWbKqSlR4gPHCfhS5%2F3Nn7TnC1kM6F1MQSNCz9QX3HTt7HE433E8HzclJpFvJx9i4etLpt73t7VoGPR"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe954623879dffd-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2632&min_rtt=1243&rtt_var=590&sent=52&recv=44&lost=0&retrans=0&sent_bytes=37492&recv_bytes=13719&delivery_rate=1799688&cwnd=12000&unsent_bytes=0&cid=b68924354cdd4563&ts=580&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
1756
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:54:06 GMT
priority
u=3,i
exchange_btn.png
heard.workingsong.shop/static/images/footer/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/footer/exchange_btn.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b235467e592b99c4a6a31dd2838d20f2d3ccd476130865903593ea01e5e333e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FIfl%2FRaKtyflZ%2FORYBsrk%2FsBUgM7Ci22BiR0x9PYjqUX5fZBceEvhWMpSkfczNVbJ4u3xEUpTvIaN6y81l3n0YMCBd9hnKUpOAsP%2BqMFsD6QXZVYOvFklDtmMtSNurs61d6bVC3Ohuh2"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe95462387adffd-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2840&min_rtt=1243&rtt_var=2028&sent=40&recv=35&lost=0&retrans=0&sent_bytes=24944&recv_bytes=13332&delivery_rate=772906&cwnd=12000&unsent_bytes=0&cid=b68924354cdd4563&ts=559&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
1392
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:54:06 GMT
priority
u=3,i
contact_form_btn.png
heard.workingsong.shop/static/images/footer/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heard.workingsong.shop/static/images/footer/contact_form_btn.png
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3342f09cc69975a2294e7e630d252fdcf165e101537d5d9c4765f8f590c8971c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yi7w6%2Fylzh1cWF6%2B5XDgeFW%2FgzOM%2Fyws6%2FdC7siGCt4apw3JnaokVDWCeXEe7eHdfy0Had%2FUDGuXb1gmiIBJshJW7ntRNc03jIUaQdAPHKBK0blkmnSeAwkXdOsZvAPEaWc8%2FbnqtXAt"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe95462387bdffd-NRT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2955&min_rtt=1243&rtt_var=779&sent=44&recv=40&lost=0&retrans=0&sent_bytes=29633&recv_bytes=13547&delivery_rate=939354&cwnd=12000&unsent_bytes=0&cid=b68924354cdd4563&ts=568&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
1524
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
image/png; charset=utf8
vary
Cookie, Accept-Encoding
server
cloudflare
last-modified
Wed, 17 Jul 2024 19:54:06 GMT
priority
u=3,i
email-decode.min.js
heard.workingsong.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heard.workingsong.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"675fc4cd-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NWXX3wLXP5h4UDVehMX%2B2aSf3gwNFsrIejGDV3%2Bcu9AWan6wTfJQbTq6Df88WVYC5vCtl97h6ujZN8rrf%2FjissmIZejNPSP4jOrhjVwpqze7VMO%2Br0Ht20sC3b8EP6B%2FSXcX0XJxC5T0"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8fe95462286adffd-NRT
expires
Fri, 10 Jan 2025 04:09:00 GMT
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 06:12:29 GMT
server
cloudflare
vary
Accept-Encoding
21939019.js
js.users.51.la/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.users.51.la/21939019.js
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.251.228.15 Tokyo, Japan, ASN140042 (IZEC-AS-AP Zhipinshang Hongkong Electron Communication Technology Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
c96390f803d0b39c6369100c217ba1d5c5902b4edd8c3707ea0a96a94be9b52a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
no-store
access-control-allow-credentials
true
via
EA-JPN-tokyo-EDGE4-CACHE4[89],EA-JPN-tokyo-EDGE4-CACHE4[ovl,85],EA-HKG-GLOBAL1-CACHE37[ovl,34]
access-control-allow-origin
*
x-ccdn-req-id-46b1
aa2377874525663b4ec262930b78c46b
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
application/javascript; charset=utf-8
server
openresty
access-control-allow-headers
Content-Type
js-sdk-pro.min.js
sdk.51.la/ 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.251.228.15 Tokyo, Japan, ASN140042 (IZEC-AS-AP Zhipinshang Hongkong Electron Communication Technology Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
ab600bcb623360b5a87e5657495bb968325f0a47c3772fe3c1cc052ebd35f153

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

cache-control
no-store
access-control-allow-credentials
true
via
EA-JPN-tokyo-EDGE4-CACHE5[95],EA-JPN-tokyo-EDGE4-CACHE5[ovl,93],EA-HKG-GLOBAL1-CACHE44[ovl,36]
access-control-allow-origin
*
x-ccdn-req-id-46b1
f74c7e6b91004291108de05f35f00441
date
Wed, 08 Jan 2025 04:09:00 GMT
content-type
text/plain; charset=utf-8
server
openresty
go1
ia.51.la/ 		0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ia.51.la/go1?id=21939019&rt=1736309340895&rl=1600*1200&lang=ja-JP&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E9%2580%259A%25E5%25B9%25B4%25E5%25AE%259A%25E7%2595%25AA%25E3%2583%25BB%25E6%2597%2585%25E8%25A1%258C%25E3%2583%25BB%25E3%2582%25A8%25E3%2583%25AC%25E3%2582%25AF%25E3%2583%2588%25E3%2583%25AA%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25A2%25E3%2582%25B3%25E3%2583%25BC%25E3%2582%25B9%25E3%2583%2586%25E3%2582%25A3%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25AE%25E3%2582%25BF%25E3%2583%25BC%25E3%2583%25BB%25E3%2582%25B5%25E3%2583%2583%25E3%2582%25AB&ing=1&ekc=&sid=1736309340895&tt=%25E9%2580%259A%25E5%25B9%25B4%25E5%25AE%259A%25E7%2595%25AA%25E3%2583%25BB%25E6%2597%2585%25E8%25A1%258C%25E3%2583%25BB%25E3%2582%25A8%25E3%2583%25AC%25E3%2582%25AF%25E3%2583%2588%25E3%2583%25AA%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25A2%25E3%2582%25B3%25E3%2583%25BC%25E3%2582%25B9%25E3%2583%2586%25E3%2582%25A3%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25AE%25E3%2582%25BF%25E3%2583%25BC%25E3%2583%25BB%25E3%2582%25B5%25E3%2583%2583%25E3%2582%25AB%25E3%2583%25BC%25E3%2583%25BB%25E3%2583%2597%25E3%2583%25A9%25E3%2583%25A2%25E3%2583%2587%25E3%2583%25AB&kw=%25E9%2580%259A%25E5%25B9%25B4%25E5%25AE%259A%25E7%2595%25AA%25E3%2583%25BB%25E6%2597%2585%25E8%25A1%258C%25E3%2583%25BB%25E3%2582%25A8%25E3%2583%25AC%25E3%2582%25AF%25E3%2583%2588%25E3%2583%25AA%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25A2%25E3%2582%25B3%25E3%2583%25BC%25E3%2582%25B9%25E3%2583%2586%25E3%2582%25A3%25E3%2583%2583%25E3%2582%25AF%25E3%2582%25AE%25E3%2582%25BF%25E3%2583%25BC%25E3%2583%25BB%25E3%2582%25B5%25E3%2583%2583%25E3%2582%25AB%25E3%2583%25BC%25E3%2583%25BB%25E3%2583%2597%25E3%2583%25A9%25E3%2583%25A2%25E3%2583%2587%25E3%2583%25AB&cu=https%253A%252F%252Fheard.workingsong.shop%252F&pu=
Requested by
Host: heard.workingsong.shop
URL: https://heard.workingsong.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
118.123.207.195 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

via
CHN-SCchengdu-AREACT1-CACHE12[27],CHN-SCchengdu-AREACT1-CACHE12[ovl,23],CHN-HAzhengzhou-GLOBAL3-CACHE65[ovl,1]
x-ccdn-req-id-46b1
64edbb04eb6fe5ba72ef2d2c914bef1b
content-length
0
date
Wed, 08 Jan 2025 04:09:01 GMT
server
nginx
collect
collect-v6.51.la/v6/ 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.251.228.15 Tokyo, Japan, ASN140042 (IZEC-AS-AP Zhipinshang Hongkong Electron Communication Technology Limited, HK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

via
EA-JPN-tokyo-EDGE4-CACHE5[85],EA-JPN-tokyo-EDGE4-CACHE5[ovl,83],EA-HKG-GLOBAL1-CACHE38[ovl,27]
access-control-allow-origin
https://heard.workingsong.shop
x-ccdn-req-id-46b1
f5ed10ea31f64305ee235e8b397fa715
content-length
0
date
Wed, 08 Jan 2025 04:09:01 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials
true
favicon.ico
heard.workingsong.shop/static/ 		33 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://heard.workingsong.shop/static/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e58bea4152397e4be17a50eaa85351280573a43b373e1572f186a3d41d2111a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://heard.workingsong.shop/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FPmIo3DWbwmFriFJARbYG8IKcvTEGIJ2aNRI0jslvfKSaNNnjMbmYMsGWdrUEVXNCMRsOvDr7rRWONpgrsO1co3W3n%2F8GTkqItxfLHV2VVO42U20eqGoCKg7PlKlU1zQbSx1k6TYV%2FWn"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe95468ded9dffd-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1633&min_rtt=1243&rtt_var=265&sent=424&recv=109&lost=0&retrans=0&sent_bytes=467755&recv_bytes=17378&delivery_rate=16583462&cwnd=37200&unsent_bytes=0&cid=b68924354cdd4563&ts=1656&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 08 Jan 2025 04:09:01 GMT
content-type
text/html; charset=utf-8
vary
Cookie, Accept-Encoding
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| LA number| laWaitTime

10 Cookies

Domain/Path Name / Value
heard.workingsong.shop/ Name: session_id
Value: 819a8e1e-cd8d-4aeb-ad73-e0956989bb20
heard.workingsong.shop/ Name: csrf
Value: b6fbc417-42c2-468a-9b05-fbc9d0a4d38d
.static.mercdn.net/ Name: __cf_bm
Value: x8E2jF8hSpTLOtWeUwpJh2fneUJ5hFAO0NFBeBYQRyY-1736309340-1.0.1.1-qdI8w4g2ueJhpaI_cxB2y_Ius1SGud1GUsp4fLRykUVlqMG2aOJ5p2HNicyDQNrwr4HQM_9NeIfrr9q6KledWA
heard.workingsong.shop/ Name: __tins__21939019
Value: %7B%22sid%22%3A%201736309340895%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201736311140895%7D
heard.workingsong.shop/ Name: __51cke__
Value:
heard.workingsong.shop/ Name: __51laig__
Value: 1
heard.workingsong.shop/ Name: __vtins__KXmIJp5AAyqKt9gS
Value: %7B%22sid%22%3A%20%229bd44b7d-f6ed-584d-9803-145d067f71dd%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201736311140913%2C%20%22ct%22%3A%201736309340913%7D
heard.workingsong.shop/ Name: __51uvsct__KXmIJp5AAyqKt9gS
Value: 1
heard.workingsong.shop/ Name: __51vcke__KXmIJp5AAyqKt9gS
Value: 7717f539-9d81-5c2d-b800-36c16b8c1cf5
heard.workingsong.shop/ Name: __51vuft__KXmIJp5AAyqKt9gS
Value: 1736309340926

4 Console Messages

Source Level URL
Text
network error URL: https://ic4-a.wowma.net/mis/gr/135/image.wowma.jp/70798035/1-823-0648.jpg
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://heard.workingsong.shop/static/css/cal.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://heard.workingsong.shop/static/images/left/leftIco.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://heard.workingsong.shop/static/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auctions.c.yimg.jp
collect-v6.51.la
heard.workingsong.shop
ia.51.la
ic4-a.wowma.net
img.fril.jp
js.users.51.la
sdk.51.la
shop.r10s.jp
static.mercdn.net
tshop.r10s.jp
104.251.228.15
118.123.207.195
124.83.185.124
172.64.154.222
172.67.191.244
2600:140b:1a00:38b::21ff
2600:140b:a00:a::b81b:b9d7
3.164.110.114
0bebef0b012fcee1221c55730d0a95dfe27a3a0fe0c55826a2da6aa51874c884
22b6d93c5b64f89e3e054a1ef4e22bca1fb631bab384a123b8b198f3b280aa3c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2759709c42e93d4df9672b2e4485bedbabfad6a1711147b63ea34daeb35edcbd
2cb31b16a25760ab5858229425224ac2465ea851f1e0396a1dd983caed665569
3342f09cc69975a2294e7e630d252fdcf165e101537d5d9c4765f8f590c8971c
3913f8c3df8633bb7dd89d4c3555f819162dd8b7175aaa0d4648ec1a41e37100
418332654db10d5103ed3d613fb16a9cd54fb341d06a03c43d1ff2d2b4488eff
4a8bcd2c826c21606f422267ff72b0574b8315919d23aec7f3f3c789952a03c8
4af47e9528cce8e8863e9ed1f3549c4822690ce1845000b6e2f1cbb69bc3feba
501cf1a9e932b3e28cae9b8aa8962af2764c427a3033a75b3245915ed17aae4d
519eb30b2b15e55a72d5a18e5a478c589dc4d600360e3575120553ceaba9e482
5b857cb3c8af3c722d8061d610aad6189b829a0dccbed147142c05e58ea2bd77
645f8b2a8efad74e8e26d53c1e9dde8f60b82da7205b417bed1e666692322b75
66c5c7dc06f239694dfde78ed426d741707933c7ffa47eb75499fc94e17f4318
67cfeb8467dd3a93b2b338f181bc841f76b4cbbaf8a74ad61bd6add28e88b275
79db50bcc987f4178c4a64143fad0b1967bb1e93646a326ef96a35588ba03855
7ba164b5f729a86a1781055c4eed9a48e649bd5f2b8dd22e72d84b9c91c922a4
7ea584d42c551f0b19d414e414413ba7d56e97cbb16b38df96c7f5bf2f1830dc
8f4cf35ae8a778f4021f11ece959189d20127b1f943f9ed382e82e54d20fe1d1
8feee96d4f45327b4c3c6a9edf57d0e7e5ca6568728496d361e804176249c113
a368b6a6869bb443d0b437c2dd86108bebad9ae421ad6311383a1381df7c5769
aa7bbca8652fbfb2732f9c402521110f2177882efa083dcb65f49ae2713d746a
ab600bcb623360b5a87e5657495bb968325f0a47c3772fe3c1cc052ebd35f153
b235467e592b99c4a6a31dd2838d20f2d3ccd476130865903593ea01e5e333e7
b7a68a54ddc61cad6752f136ca8514aac6e2a817c77338bcd00a88be3d897739
bea300e50eebe812830824c633d9672bfe5636affb65f75b999da3426d56b431
c76bf67bf04f1dce84c26f67d1ee6bf7913108a3637b8b257f8508f9c0109507
c96390f803d0b39c6369100c217ba1d5c5902b4edd8c3707ea0a96a94be9b52a
ca030de61cc8a3de5a04b7c105c3f14909919467e7f6bce070a4e786d30d21da
cd9556234d3dac453d3f46b2babdb75b2f1484ec113cbe6e68cc2453fabd2a86
d1839f521f2fd75f06e18d4fd2db1fc232fc93f3c8e9dcce359a9e32396075ba
dda0cc2008227035efb926856582fa93cf2a573e4bae2b2d99ba3a945f196345
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58bea4152397e4be17a50eaa85351280573a43b373e1572f186a3d41d2111a0
ecd52c526d8b27a390a8cbcc6d582f813e9c67e2eabd89e2271481df04e08243
efa63128bbfe47a3e47363a4898fe48fcacbaccaadc6f1ffbb77dd2ceb360bb4