app1.nrduqq.vip Open in urlscan Pro
45.158.56.19 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app1.nrduqq.vip/
Submission Tags: @phishunt_io
Submission: On July 22 via api (July 22nd 2023, 6:13:01 pm UTC) from DE — Scanned from SG

Summary HTTP 73 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 17 domains to perform 73 HTTP transactions. The main IP is 45.158.56.19, located in Singapore and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is app1.nrduqq.vip.
TLS certificate: Issued by R3 on July 22nd 2023. Valid for: 3 months.

This is the only time app1.nrduqq.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
57	45.158.56.19 45.158.56.19	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	103.10.200.74 103.10.200.74	45559 (QUZATECH-...) (QUZATECH-PH MCPO Box 1755)
2	20.239.55.122 20.239.55.122	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	43.154.82.13 43.154.82.13	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
4	45.158.56.119 45.158.56.119	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	119.28.19.156 119.28.19.156	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	65.52.166.103 65.52.166.103	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
73	8

57 45.158.56.19 (Singapore)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

app1.nrduqq.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.10.200.74 (Philippines)

ASN45559 (QUZATECH-PH MCPO Box 1755, PH)

www.hdhzwjpd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ahykznkj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.czlilin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.239.55.122 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.hfxnykj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.yamanbuyi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.154.82.13 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

www.edouonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cqdsfwzx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.158.56.119 (Singapore)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.ldjgirn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.oiweyfh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.huanyangbz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.honghuibj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.28.19.156 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

www.yyxinfang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gdwancang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.xachebang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.52.166.103 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.kasdfh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	nrduqq.vip app1.nrduqq.vip	2 MB
1	xachebang.com www.xachebang.com	388 B
1	honghuibj.com www.honghuibj.com	652 B
1	czlilin.com www.czlilin.com	434 B
1	cqdsfwzx.com www.cqdsfwzx.com	314 B
1	kasdfh.com www.kasdfh.com
1	huanyangbz.com www.huanyangbz.com	652 B
1	gdwancang.com www.gdwancang.com	389 B
1	ahykznkj.com www.ahykznkj.com	434 B
1	yyxinfang.com www.yyxinfang.com	388 B
1	oiweyfh.com www.oiweyfh.com	652 B
1	ldjgirn.com www.ldjgirn.com	652 B
1	edouonline.com www.edouonline.com	315 B
1	yamanbuyi.com www.yamanbuyi.com	314 B
1	hfxnykj.com www.hfxnykj.com	315 B
1	hdhzwjpd.com www.hdhzwjpd.com	434 B
0	bohaisp.com Failed www.bohaisp.com Failed
73	17

	Domain	Requested by
57	app1.nrduqq.vip	app1.nrduqq.vip
1	www.xachebang.com
1	www.honghuibj.com
1	www.czlilin.com
1	www.cqdsfwzx.com
1	www.kasdfh.com
1	www.huanyangbz.com
1	www.gdwancang.com
1	www.ahykznkj.com
1	www.yyxinfang.com
1	www.oiweyfh.com
1	www.ldjgirn.com
1	www.edouonline.com
1	www.yamanbuyi.com
1	www.hfxnykj.com
1	www.hdhzwjpd.com
0	www.bohaisp.com Failed
73	17

This site contains links to these domains. Also see Links.

Domain
www.hfxnykj.com
www.gdwancang.com
www.edouonline.com
www.cqdsfwzx.com
www.kasdfh.com
dl.softmgr.qq.com
dlie.sogoucdn.com
download.firefox.com.cn
www.xnpfstudio.vip
www.jdcfwealth.com

Subject Issuer	Validity	Valid
app1.nrduqq.vip R3	`2023-07-22` - `2023-10-20`	3 months	crt.sh
app5.ibtcae.vip R3	`2023-07-20` - `2023-10-18`	3 months	crt.sh
app2.tehfwc.vip R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
www.ldjgirn.com R3	`2023-07-01` - `2023-09-29`	3 months	crt.sh
www.oiweyfh.com R3	`2023-07-01` - `2023-09-29`	3 months	crt.sh
www.xachebang.com R3	`2023-07-22` - `2023-10-20`	3 months	crt.sh
www.huanyangbz.com R3	`2023-07-01` - `2023-09-29`	3 months	crt.sh
www.kasdfh.com R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
www.honghuibj.com R3	`2023-07-01` - `2023-09-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://app1.nrduqq.vip/
Frame ID: F122FDB140CD215A9E10CA41038F18A4
Requests: 99 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

启航娱乐-官方网站

Page Statistics

73
Requests

99 %
HTTPS

0 %
IPv6

17
Domains

17
Subdomains

8
IPs

3
Countries

1709 kB
Transfer

4292 kB
Size

1
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hfxnykj.com/
Title: ● 线路03160ms

Search URL Search Domain Scan URL

URL: https://www.gdwancang.com/
Title: ● 线路10182ms

Search URL Search Domain Scan URL

URL: https://www.edouonline.com/
Title: ● 线路05216ms

Search URL Search Domain Scan URL

URL: https://www.cqdsfwzx.com/
Title: ● 线路13368ms

Search URL Search Domain Scan URL

URL: https://www.kasdfh.com/
Title: 手机客户端

Search URL Search Domain Scan URL

URL: http://www.kasdfh.com/guaji
Title: 挂机软件下载

Search URL Search Domain Scan URL

URL: https://dl.softmgr.qq.com/original/Browser/73.0.3683.86_chrome_installer.exe
Title: 谷歌浏览器

Search URL Search Domain Scan URL

URL: https://dlie.sogoucdn.com/se/sogou_explorer_8.5_0423.exe
Title: 搜狗浏览器

Search URL Search Domain Scan URL

URL: http://download.firefox.com.cn/releases-sha2/stub/official/zh-CN/Firefox-latest.exe
Title: 火狐浏览器

Search URL Search Domain Scan URL

URL: https://www.xnpfstudio.vip/

Search URL Search Domain Scan URL

URL: https://www.jdcfwealth.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions
26 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
app1.nrduqq.vip/ 15 KB
9 KB 289ms
188ms Document
text/html 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.nrduqq.vip/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

b0dbee68ffbd4fb656b119e9c472e2daf5ed3bf3f129db796746df7814573fbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
access-control-max-age: 86400
cache-control: private private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 22 Jul 2023 18:12:53 GMT
server: ****
vary: Accept-Encoding
x-cache: BYPASS
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-request-id: 2642a1fb3696c9f1f988503233bc484a

GET
H2 200 2.3e62b7919928ec5d52bd.css
app1.nrduqq.vip/webx/styles/ 6 KB
2 KB 113ms
112ms Stylesheet
text/css 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.nrduqq.vip/webx/styles/2.3e62b7919928ec5d52bd.css?v=20.05.21.24185

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

bacb0526c607bcae3f21eab3c7f04be290c3bca23908c63a7d157c82dfddc9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 28 Jun 2023 04:27:12 GMT
server: ****
etag: W/"649bb6a0-186b"
vary: Accept-Encoding
x-cache: MISS
content-type: text/css
cache-control: max-age=1800
x-xss-protection: 1
x-request-id: e8e641cd8fbddc85fd6e9f4688ea0506
expires: Sat, 29 Jul 2023 18:12:53 GMT

GET
H2 200 index.3e62.css
app1.nrduqq.vip/webx/styles/ 625 KB
172 KB 74ms
74ms Stylesheet
text/css 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

3cb3cd5e8482c9461e9cce0d30d8159e1aa62522c76c2c6e49da0c83253c9121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 28 Jun 2023 04:27:12 GMT
server: ****
etag: W/"649bb6a0-9c58d"
vary: Accept-Encoding
x-cache: MISS
content-type: text/css
cache-control: max-age=1800
x-xss-protection: 1
x-request-id: 12e5edee2f4557d1a4fc7f66d17789dc
expires: Sat, 29 Jul 2023 18:12:53 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a593a5189c0fda13e22ad82d74fa5d79e284c36f43d772a5646b7c5d6e5ee11

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 chunk.vendor.8d22.js Show response
app1.nrduqq.vip/webx/javascript/ 573 KB
182 KB 98ms
98ms Script
application/javascript 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.nrduqq.vip/webx/javascript/chunk.vendor.8d22.js?v=20.05.21.24185

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

2cff1ab4d2a0b4fd0c3eae185b8c7d24352c00aa3c075473fbb3717a8af80979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Sat, 18 Mar 2023 10:09:43 GMT
server: ****
etag: W/"64158de7-8f231"
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
x-xss-protection: 1
x-request-id: 4294266148479cf39d69eefdbfe8d98d
expires: Sat, 29 Jul 2023 18:12:53 GMT

GET
H2 200 index.3e62.js Show response
app1.nrduqq.vip/webx/javascript/ 626 KB
153 KB 39ms
39ms Script
application/javascript 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

0e715323b263df0747f55a1043225ba6271490f0e98ec1cc79191c7a989e0a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 28 Jun 2023 04:27:12 GMT
server: ****
etag: W/"649bb6a0-9c8f7"
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
x-xss-protection: 1
x-request-id: 11685b05c0f8258cadf1130c888b0a14
expires: Sat, 29 Jul 2023 18:12:53 GMT

GET
H2 200 skin-img01.dc43.jpg
app1.nrduqq.vip/webx/images/ 60 KB
20 KB 54ms
54ms Image
image/jpeg 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/skin-img01.dc43.jpg

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

25ab1c0d64ec61da6d0c368f61e5b3e9344183ba2a8b94dbdbae1e0ff0cf6f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
last-modified: Wed, 30 Nov 2022 04:54:06 GMT
server: ****
etag: W/"6386e1ee-ee54"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
cache-control: max-age=1800
x-xss-protection: 1
x-request-id: c07a33cf623c37721f1b8caf0edf7890
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 / Show response
app1.nrduqq.vip/api/settings/ 683 B
928 B 130ms
129ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/settings/?fields=customer_service_url,app_download_url,public_key
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: 20038a513bd5dca09a119f287ce4d6a75b739fccdcc36b9f0ff0ff39b388168c

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: cb14c4171964fc078aa159d3b9f3c8b8
x-runtime: 0.032
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 logout Show response
app1.nrduqq.vip/api/auth/ 71 B
549 B 195ms
194ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/auth/logout
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: 46bc7a738d04b657afe222a9e022630e1c0732302e1ac7d5206efef968fe1e4e

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: 7457c1fa8ddc0f28dca0f1f3ffea46e0
x-runtime: 0.031
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 chunk.7.8370.js Show response
app1.nrduqq.vip/webx/javascript/ 1 MB
99 KB 39ms
39ms Script
application/javascript 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.nrduqq.vip/webx/javascript/chunk.7.8370.js

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

12018289f92e6024e3abe7b2e3b6e8bbacb078d191f7a4774d6bcea0c81b7149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:18 GMT
server: ****
etag: W/"6386e1fa-144890"
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
x-xss-protection: 1
x-request-id: 534b3801c9c3c33283e91d5546e1bdb7
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 balance Show response
app1.nrduqq.vip/api/game/pt/ 82 B
562 B 155ms
155ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/game/pt/balance
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: b4849752b729912e98d06a9dccdbf0db2f6c1331e75b437dde6d31d1bbd28525

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: f13b82b6154f33bcdf3c9fa9a6fb565c
x-runtime: 0.022
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 balance Show response
app1.nrduqq.vip/api/game/ag/ 82 B
563 B 109ms
109ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/game/ag/balance
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: b4849752b729912e98d06a9dccdbf0db2f6c1331e75b437dde6d31d1bbd28525

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: ddc54671735b6b2bd3b2465b65dfd3a9
x-runtime: 0.025
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 balance Show response
app1.nrduqq.vip/api/game/bbin/ 82 B
562 B 158ms
158ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/game/bbin/balance
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: b4849752b729912e98d06a9dccdbf0db2f6c1331e75b437dde6d31d1bbd28525

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: b17dcd07228bf58f35dd35ab607f5f61
x-runtime: 0.021
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 balance Show response
app1.nrduqq.vip/api/game/xy/ 82 B
562 B 154ms
154ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/game/xy/balance
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: b4849752b729912e98d06a9dccdbf0db2f6c1331e75b437dde6d31d1bbd28525

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: 358c04a3f25bc1803a777dd9eaf91011
x-runtime: 0.020
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 balance Show response
app1.nrduqq.vip/api/game/kgame/ 82 B
562 B 206ms
206ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/game/kgame/balance
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: b4849752b729912e98d06a9dccdbf0db2f6c1331e75b437dde6d31d1bbd28525

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: 9536540663661475ee1d879c9de8cd9e
x-runtime: 0.031
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 balance Show response
app1.nrduqq.vip/api/game/ibc/ 82 B
562 B 158ms
158ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/game/ibc/balance
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: b4849752b729912e98d06a9dccdbf0db2f6c1331e75b437dde6d31d1bbd28525

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: 293821b64b9917c34cf01081b50668df
x-runtime: 0.026
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 balance Show response
app1.nrduqq.vip/api/game/obg/ 82 B
562 B 196ms
195ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/game/obg/balance
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: b4849752b729912e98d06a9dccdbf0db2f6c1331e75b437dde6d31d1bbd28525

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: acc569497fcd72eef3d9b9e57605a794
x-runtime: 0.020
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 balance Show response
app1.nrduqq.vip/api/game/bti/ 82 B
562 B 152ms
152ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/game/bti/balance
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: b4849752b729912e98d06a9dccdbf0db2f6c1331e75b437dde6d31d1bbd28525

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: 0a3b9c4585608076067e001469e4c1cf
x-runtime: 0.019
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 balance Show response
app1.nrduqq.vip/api/game/au/ 82 B
561 B 202ms
202ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/game/au/balance
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: b4849752b729912e98d06a9dccdbf0db2f6c1331e75b437dde6d31d1bbd28525

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: d260ff5d7dd2050121bb6acc3c11aa48
x-runtime: 0.021
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 balance Show response
app1.nrduqq.vip/api/account/ 82 B
562 B 155ms
155ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/account/balance
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: b4849752b729912e98d06a9dccdbf0db2f6c1331e75b437dde6d31d1bbd28525

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: ae7d27b4a96ad1b34f2cd402d7f30e6b
x-runtime: 0.024
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 list Show response
app1.nrduqq.vip/api/notice/ 82 B
562 B 202ms
202ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/notice/list?page=1&per_page=10&sort=-istop,-sendtime
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: b4849752b729912e98d06a9dccdbf0db2f6c1331e75b437dde6d31d1bbd28525

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: a20ef5c5ba383fb7f7ec03946e512c90
x-runtime: 0.027
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 banners Show response
app1.nrduqq.vip/api/ads/1/ 69 B
547 B 189ms
189ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/ads/1/banners?limit=20
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: 02dd96a084f67d19bd1b0d3023c1533ae78f5c033914458ba0819f757dad3e6e

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: cbad28bd260b262c0f4e74c3231b8b42
x-runtime: 0.053
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 winners Show response
app1.nrduqq.vip/api/user/ 82 B
561 B 200ms
200ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/user/winners
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: b4849752b729912e98d06a9dccdbf0db2f6c1331e75b437dde6d31d1bbd28525

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: 1e06a408061aaf58e911e6ed49fc62be
x-runtime: 0.022
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 list Show response
app1.nrduqq.vip/api/game/ 82 B
562 B 159ms
159ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/game/list?per_page=50&platform_id=1&cate_id=&page=1&is_hot=1
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: b4849752b729912e98d06a9dccdbf0db2f6c1331e75b437dde6d31d1bbd28525

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: 140310f5b83a355de6c629ecae267718
x-runtime: 0.023
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 getusertask Show response
app1.nrduqq.vip/default/ 900 B
913 B 192ms
189ms Fetch
text/html 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://app1.nrduqq.vip/default/getusertask?1=1&client=m

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

0950c04beca2a984ff60abd1950d077a32f5dc0546b63ccba2da6fe5cd474983

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ****
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-cache: BYPASS
cache-control: private, private
access-control-allow-headers: api_type, api_version, authorization, content-type
x-request-id: 337c41300720b70950c75e043485a1cd

GET
H2 200 AG.db6e.png
app1.nrduqq.vip/webx/images/ 12 KB
13 KB 76ms
73ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/AG.db6e.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

ab86b0e2b693c19b08f4ee80c846bdfd1175dcb10be2f41109def79f45f035ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:04 GMT
server: ****
etag: "6386e1ec-3176"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 12662
x-xss-protection: 1
x-request-id: e3fcda80d6165af4fd28a00577ab67b9
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 PT.7645.png
app1.nrduqq.vip/webx/images/ 13 KB
14 KB 100ms
97ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/PT.7645.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

a5e28359b0a189e0eb3463cd1296bf2335a577abd8e2b3f346ee8e58dfd3391a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:04 GMT
server: ****
etag: "6386e1ec-3586"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 13702
x-xss-protection: 1
x-request-id: f413beed48c790a8d7e7b88c02afd624
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 BBIN.e220.png
app1.nrduqq.vip/webx/images/ 12 KB
12 KB 80ms
78ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/BBIN.e220.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

40f4de9be8e96b030fe009e8d040d312c0b6f21556a6d69e729bedf01f65e8e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:04 GMT
server: ****
etag: "6386e1ec-2ffc"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 12284
x-xss-protection: 1
x-request-id: 171d59886c08de649d3823212507acfc
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 IBC.5171.png
app1.nrduqq.vip/webx/images/ 13 KB
13 KB 105ms
103ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/IBC.5171.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

dffba71dfd5c2b216b2ba4f2d72e5bca52c02e402d1870f81ad639c2ee26773b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:04 GMT
server: ****
etag: "6386e1ec-32cf"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 13007
x-xss-protection: 1
x-request-id: 05e3b07f99e4158270329a24e394b594
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 kgame.3c6b.png
app1.nrduqq.vip/webx/images/ 41 KB
41 KB 79ms
77ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/kgame.3c6b.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

2f5f130ee69ed30eee9741abd3f178b5eb555e92ab2c9f969d54d9703e4fe028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:05 GMT
server: ****
etag: "6386e1ed-a37e"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 41854
x-xss-protection: 1
x-request-id: bf588b272fa4489aef2f5fefc993285f
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 live.a145.png
app1.nrduqq.vip/webx/images/ 99 KB
99 KB 104ms
102ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/live.a145.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

1932c8122c3c12a3da2d603872a7f4f740a495c08a9f43f3d51ec20bf6eb9910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:05 GMT
server: ****
etag: "6386e1ed-18aaf"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 101039
x-xss-protection: 1
x-request-id: fdf937be098ba934fa18e67e7522c958
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 sports.c181.png
app1.nrduqq.vip/webx/images/ 110 KB
110 KB 79ms
77ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/sports.c181.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

71e13bc0b0e725fc3a06ffdabb293ae3df9c58821e2f1d2fd7001f31aee87a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:06 GMT
server: ****
etag: "6386e1ee-1b6a6"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 112294
x-xss-protection: 1
x-request-id: 11b1aa0b47ae3627387e7a0a63166dc0
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 chess.7f04.png
app1.nrduqq.vip/webx/images/ 105 KB
106 KB 103ms
102ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/chess.7f04.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

1d566a692a8264b6429cf403e5d4241e1b7801cd850f168d674cda98abe27386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:05 GMT
server: ****
etag: "6386e1ed-1a5e7"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 108007
x-xss-protection: 1
x-request-id: 0165d47f5b91600e842eff955370b346
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 footer-img.01d8.png
app1.nrduqq.vip/webx/images/ 15 KB
15 KB 82ms
81ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/footer-img.01d8.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

f531cb2cf1d2d60a2d8679a39609206956d3d08fc6344bee2956afe3712410dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:05 GMT
server: ****
etag: "6386e1ed-3ba9"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 15273
x-xss-protection: 1
x-request-id: bd55d3a7b2dd4dd933ce23bb9c4671d5
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
DATA 200
OK truncated
/ 359 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca33a430e1a10010bcd922697c8494b5f7ca8a43f82ccf08c669d856f5c23cc2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7498a225238349d73c16ad9d6eb467d0f68457d7559b089f3614ed9b09659e58

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9482a55b00ef8e16a2c1851e22b9794346d693c13fa1f17bc99f4d6dd52edf60

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0798e4a79f171c236c13f186aea3c4564fc08c2e914f99f36000536039a8a627

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfbd9964cd93ff75358f82f03c4cb75d25578e7e7c46aad3d061aec7a8bd5fbd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 532 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7cdbfa8c53f1467acf66b08098c92554a691edc0c24bd1b9dc996a9b331c2a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 800 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37c7d0e9b648a94d9646a99852cb80a6bfbd3a9e6cb6cd984d7c2312454750b6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 home-bg.9da6.jpg
app1.nrduqq.vip/webx/images/ 49 KB
44 KB 55ms
55ms Image
image/jpeg 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/home-bg.9da6.jpg

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

8cdbc17852a018d4b9a9ed9cd7a309cc7c7956a667ac530f65814f46a5cf5df2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
last-modified: Wed, 30 Nov 2022 04:54:05 GMT
server: ****
etag: W/"6386e1ed-c2ec"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
cache-control: max-age=1800
x-xss-protection: 1
x-request-id: b2649cdb5d0a3886a97060cae5c4bb90
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0da7908efbd9ee5bce7d1464ec2b9fe76178113de199b1a185421eab4426f89

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c1ac8e2c3de97916c27fa5aeb027d03ef0610ce35af71ae3bd32528b730ea3d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 recommend_bg.5528.png
app1.nrduqq.vip/webx/images/ 20 KB
20 KB 39ms
39ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/recommend_bg.5528.png

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

a0c9b2c68dc31ebe6dd2bf8af090967db75679bbd767530cea2fe09e38fec38d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:06 GMT
server: ****
etag: "6386e1ee-4eb8"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 20152
x-xss-protection: 1
x-request-id: 7ca74c5c39855586d25b978000b9ff65
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8d923a092607e2e8cff6916a5926509244ed44d7321d5c909ba7fd9d4cc4d41

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hn1fc.77d9.png
app1.nrduqq.vip/webx/images/ 4 KB
4 KB 63ms
63ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/hn1fc.77d9.png

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

7e1ea3b1b9ae537ecb31e2d30825164ed4b85b09653b43b5c7dbd6933b3ac817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:05 GMT
server: ****
etag: "6386e1ed-10cc"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 4300
x-xss-protection: 1
x-request-id: c2eb0765983d94dd96feb0d5ab412e87
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d2ac6309b3582ef0d642624ae5ca6fbcedecd245ee05877184672252a2ec53a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hot_bg.da38.png
app1.nrduqq.vip/webx/images/ 23 KB
24 KB 43ms
43ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/hot_bg.da38.png

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

21e2880c5796ee9ca0519bdd3a7c97b928270125bae61336240e31c62b961140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:05 GMT
server: ****
etag: "6386e1ed-5cf2"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 23794
x-xss-protection: 1
x-request-id: f7d6a65355a31b26bf491cc8c4aa7259
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 241bbf33cc325fcd70144c816ab89f1996d3a903e125567744279d1216f2ddec

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hn.9bbb.png
app1.nrduqq.vip/webx/images/ 4 KB
5 KB 55ms
54ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/hn.9bbb.png

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

4553fcc827a78609a9e133b5a7c7bc4dd2dcc461fe975740523614f71c1542fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:05 GMT
server: ****
etag: "6386e1ed-1122"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 4386
x-xss-protection: 1
x-request-id: a975fa6548f6d78f4cb49c0196b6b9e1
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 tx.c226.png
app1.nrduqq.vip/webx/images/ 5 KB
5 KB 44ms
43ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/tx.c226.png

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

59a75ef1127154ab8350ad9e8d76e6e77287389f3b3bb006273dc587721dd5c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:06 GMT
server: ****
etag: "6386e1ee-1268"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 4712
x-xss-protection: 1
x-request-id: a83bb7311d18cea781a87201cb11b914
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 jnd.2de3.png
app1.nrduqq.vip/webx/images/ 5 KB
5 KB 53ms
52ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/jnd.2de3.png

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

8cd89e03f80adebe7382c0e93e3114920358d7c746db03ab640880904891275c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:05 GMT
server: ****
etag: "6386e1ed-1211"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 4625
x-xss-protection: 1
x-request-id: eb25db34116ccfdcd99c9f4f6ec3e8e9
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 rd1fc.0712.png
app1.nrduqq.vip/webx/images/ 4 KB
5 KB 43ms
42ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/rd1fc.0712.png

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

7f85bde8aa73da1773e7c61931b4c2af29ca6b7050d54b327828b010c59c7624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:06 GMT
server: ****
etag: "6386e1ee-10ed"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 4333
x-xss-protection: 1
x-request-id: 8810d174b6ca95752a81cd61a2515b75
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
DATA 200
OK truncated
/ 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf94d67053b64328140b3d9e66ef73e0251fb81c81c0da440519ecf80b357d7c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 256 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 094e1a50281ffb589485c782276749f84457012f739ae3a0051d8bcb97823085

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 430 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0da976784053380ce347e0a9cef6d3da8cf214b783125a9deccbdc8ceec276f0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sideMenu.7231.png
app1.nrduqq.vip/webx/images/ 6 KB
6 KB 110ms
109ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/sideMenu.7231.png

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

c522ee230bb8a1579ef52fb7716802773a5b24d2ed2084bed0095ac45a8c0572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:06 GMT
server: ****
etag: "6386e1ee-172c"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 5932
x-xss-protection: 1
x-request-id: 677df952eab6b21632beb12fbd60f51a
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c99d151cb8dc1e7ddf5ff696933870ec82d1274c87851cce9a4083fef283089

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 manycai.f44a.png
app1.nrduqq.vip/webx/images/ 14 KB
14 KB 45ms
43ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/manycai.f44a.png

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

9d166d1f1dfaee2e56bab5255f80cbbbe2e9593833bbf2f8995dffb65bfaf101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:05 GMT
server: ****
etag: "6386e1ed-3668"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 13928
x-xss-protection: 1
x-request-id: b39a885180f48968f8a9ce3b0bf2eb6d
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 pc-sidebar%E2%80%93NX.49b4.png
app1.nrduqq.vip/webx/images/ 14 KB
15 KB 102ms
100ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/pc-sidebar%E2%80%93NX.49b4.png

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

952354ec3339806cfcc8b93c1d25c522d929be7e613233e212be9f9137c06424

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:06 GMT
server: ****
etag: "6386e1ee-39cf"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 14799
x-xss-protection: 1
x-request-id: 290c7478947b5f9038de5645b64da1fa
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 pc-sidebar%E2%80%93JD.050e.png
app1.nrduqq.vip/webx/images/ 12 KB
12 KB 43ms
42ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/pc-sidebar%E2%80%93JD.050e.png

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

499ddd932fea0e6678988b0880afc3d0259244111822e4fe9fcb1d18ca2633ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:06 GMT
server: ****
etag: "6386e1ee-3005"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 12293
x-xss-protection: 1
x-request-id: d87e06d1ae3dcf489e0ee7e2d9a5f3eb
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 kgame.28ca.png
app1.nrduqq.vip/webx/images/ 16 KB
17 KB 101ms
100ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/kgame.28ca.png

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

03b428e76f4d04d4835a931341423df280cf15e3f37a3a6a576fc3a9bcb6702a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:05 GMT
server: ****
etag: "6386e1ed-4119"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 16665
x-xss-protection: 1
x-request-id: 750258cb2d281f039e3cef1c755f62c5
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 speedtests Show response
app1.nrduqq.vip/api/domain/ 466 B
716 B 130ms
130ms Fetch
application/json 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://app1.nrduqq.vip/api/domain/speedtests?collection=12&limit=50
Requested by: Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/javascript/index.3e62.js?v=20.05.21.24185
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: **** /
Resource Hash: e1e3f3e4a361369957cd88e7a84e3c68e5b8c14d41d1598a66a843d7d228d4f0

Request headers

Referer: https://app1.nrduqq.vip/
accept-language: zh-SG,zh;q=0.9
Source: 1
Authorization: bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
content-encoding: gzip
x-cache: BYPASS
x-request-id: 8be4d8a2cb112e48333eea5963dc699b
x-runtime: 0.038
server: ****
vary: Accept-Encoding
x-ratelimit-remaining: 999
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 1000
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source

GET
H2 200 sidebar_con_xclogo.6fd5.png
app1.nrduqq.vip/webx/images/ 5 KB
5 KB 52ms
51ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/sidebar_con_xclogo.6fd5.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

5eba586b54ab24c304d4ab5cdbb35bde1d998296484c41f217d54f3683427aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:06 GMT
server: ****
etag: "6386e1ee-139b"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 5019
x-xss-protection: 1
x-request-id: 7b0578a870be17c867faaeac64a9e8c8
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 logos.999b.png
app1.nrduqq.vip/webx/images/ 14 KB
14 KB 40ms
39ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/logos.999b.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

d324edb54e0dfb01f090e656a2a382a74ecbf63fda4f584c2d67577b3dd39d71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:05 GMT
server: ****
etag: "6386e1ed-37de"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 14302
x-xss-protection: 1
x-request-id: e6104ccc209beca283aeb927ff878f49
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 QH-pc-XN.a8dd.png
app1.nrduqq.vip/webx/images/ 92 KB
92 KB 55ms
54ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/QH-pc-XN.a8dd.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

527bd6a3d8af95f0c84ce7cae8786d1e3a5519d3c2de09c57bd927e23174d3c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:04 GMT
server: ****
etag: "6386e1ec-16fea"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 94186
x-xss-protection: 1
x-request-id: 5eb2d35c6a2d8b8329632cb94b2b14df
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 QH-pc-JD.7585.png
app1.nrduqq.vip/webx/images/ 62 KB
62 KB 51ms
51ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/QH-pc-JD.7585.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

d3791a230ef43b32e6135a7eb801b13cb731bc95fb26df54efe9e805d5303e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:04 GMT
server: ****
etag: "6386e1ec-f710"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 63248
x-xss-protection: 1
x-request-id: eec7fa211d595d13e7c64f05f17aeb25
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 bj.a388.jpg
app1.nrduqq.vip/webx/images/ 221 KB
219 KB 55ms
54ms Image
image/jpeg 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/bj.a388.jpg

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

dcfeb47fdd2df6c72818d3aabd15397e30aed72f2b6cf51df3e8a4f28e3f822a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
last-modified: Wed, 30 Nov 2022 04:54:04 GMT
server: ****
etag: W/"6386e1ec-3730c"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
cache-control: max-age=1800
x-xss-protection: 1
x-request-id: a161cbeed892caa9995aae837ad91d53
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 bj_dengluye1.5a86.png
app1.nrduqq.vip/webx/images/ 29 KB
29 KB 50ms
50ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/bj_dengluye1.5a86.png

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

59ceb8448ae85233a430e1b133a86d98f82b34831accaf1b51735acf5dec3266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:05 GMT
server: ****
etag: "6386e1ed-736a"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 29546
x-xss-protection: 1
x-request-id: cbd5b4d8715fd36acd095fe15ba1a1b9
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 logo_dengluye.e512.png
app1.nrduqq.vip/webx/images/ 7 KB
7 KB 60ms
59ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/logo_dengluye.e512.png

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

09ae649d919415cf5428b16200158964d27bbd750afdb13c416d43226e480ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:05 GMT
server: ****
etag: "6386e1ed-1c02"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 7170
x-xss-protection: 1
x-request-id: 97332cc87a276a63561c7ae7431abeda
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b68787affaa45fbf70481e5db34783ce868c2851a840b07c3569aa8c5c8c911e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74061da66d8c3431512e160742c8e0b79c6b0516b0e7e90815d9ad41115d4729

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92be8090be7e20ff97ebbeb12de341d8ef6a24c42c1329b466c29095c1482617

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7545b88d57d4b1af51de9eae674d1791ccb45b9aa107144979315761503f27c2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dl.2e84.png
app1.nrduqq.vip/webx/images/ 21 KB
21 KB 47ms
47ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/dl.2e84.png

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

5eb9837191a619a3e984cdb30f72c23c830940191dd8491bf7ac8074e07b9395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:05 GMT
server: ****
etag: "6386e1ed-53f7"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21495
x-xss-protection: 1
x-request-id: c477eac6a746721ef41bbc6bcfd09d51
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
H2 200 bj_dengluye2.a103.png
app1.nrduqq.vip/webx/images/ 5 KB
6 KB 54ms
54ms Image
image/png 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/webx/images/bj_dengluye2.a103.png

Requested by

Host: app1.nrduqq.vip
URL: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

2dfc0aa3ece5094135da61019ffc0bdb987e4df19f88ced7ffd9bcd122ffcd7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/webx/styles/index.3e62.css?v=20.05.21.24185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Wed, 30 Nov 2022 04:54:05 GMT
server: ****
etag: "6386e1ed-15fe"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 5630
x-xss-protection: 1
x-request-id: e71e8623ae10e7518787b301cee20c3e
expires: Sat, 29 Jul 2023 18:12:54 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0677003869fbf7a66f29e981f9f99b4c2f6adee7f4db0b0f10537d5ebef84bde

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e8609bfe674772d5b468b2e016c45f56871ad25a818e05c86ae129e4b6b5e00

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9dcf29d47330f0459990818a2a7a4a99e7cc4b9817a300df542de83f5ac0f0e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1df9d70bd3e4c52325d66ddd63e4d75b233215f5ae411888cc524fa0f7985006

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 396 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79457cdd8a672773f6e6d6b88519e6f34fdf61e4dd35cc7bce8c97073b939c69

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 point.bmp
app1.nrduqq.vip/ 68 B
375 B 97ms
93ms Image
image/x-ms-bmp 45.158.56.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app1.nrduqq.vip/point.bmp?r=451520

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.19 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Sat, 14 May 2022 05:53:20 GMT
server: ****
etag: "627f43d0-44"
x-cache: MISS
content-type: image/x-ms-bmp
cache-control: max-age=1800
accept-ranges: bytes
content-length: 68
x-xss-protection: 1
x-request-id: 80e74e7ccffe2498e6f7e569def90134
expires: Sat, 29 Jul 2023 18:12:55 GMT

GET point.bmp
www.bohaisp.com/ 0
0

GET
H/1.1 200
OK point.bmp
www.hdhzwjpd.com/ 68 B
434 B 436ms
268ms Image
image/x-ms-bmp 103.10.200.74
QUZATECH-PH MCPO ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hdhzwjpd.com/point.bmp?r=32044

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

103.10.200.74 , Philippines, ASN45559 (QUZATECH-PH MCPO Box 1755, PH),

Reverse DNS

Software

2.0.0 /

Resource Hash

2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Sat, 14 May 2022 05:53:20 GMT
server: 2.0.0
etag: "627f43d0-44"
content-type: image/x-ms-bmp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 68
x-xss-protection: 1
expires: Sat, 29 Jul 2023 18:12:55 GMT

GET
H2 200 point.bmp
www.hfxnykj.com/ 68 B
315 B 158ms
78ms Image
image/x-ms-bmp 20.239.55.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hfxnykj.com/point.bmp?r=754711

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.239.55.122 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Sat, 14 May 2022 05:53:20 GMT
server: nginx
etag: "627f43d0-44"
content-type: image/x-ms-bmp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 68
x-xss-protection: 1
expires: Sat, 29 Jul 2023 18:12:55 GMT

GET
H2 200 point.bmp
www.yamanbuyi.com/ 68 B
314 B 252ms
95ms Image
image/x-ms-bmp 20.239.55.122
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yamanbuyi.com/point.bmp?r=293077

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.239.55.122 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Sat, 14 May 2022 05:53:20 GMT
server: nginx
etag: "627f43d0-44"
content-type: image/x-ms-bmp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 68
x-xss-protection: 1
expires: Sat, 29 Jul 2023 18:12:55 GMT

GET
H2 200 point.bmp
www.edouonline.com/ 68 B
315 B 214ms
101ms Image
image/x-ms-bmp 43.154.82.13
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edouonline.com/point.bmp?r=409898

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.154.82.13 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Sat, 14 May 2022 05:53:20 GMT
server: nginx
etag: "627f43d0-44"
content-type: image/x-ms-bmp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 68
x-xss-protection: 1
expires: Sat, 29 Jul 2023 18:12:55 GMT

GET
H/1.1 200
OK point.bmp
www.ldjgirn.com/ 68 B
652 B 307ms
127ms Image
image/x-ms-bmp 45.158.56.119
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ldjgirn.com/point.bmp?r=679469

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.119 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 18:12:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Last-Modified: Sat, 14 May 2022 05:53:20 GMT
server: ****
ETag: "627f43d0-44"
X-Cache: MISS
Content-Type: image/x-ms-bmp
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68
X-Xss-Protection: 1
X-Request-Id: ac0411a7b8a1026b220db121a5ea30aa
Expires: Sat, 29 Jul 2023 18:12:55 GMT

GET
H/1.1 200
OK point.bmp
www.oiweyfh.com/ 68 B
652 B 405ms
139ms Image
image/x-ms-bmp 45.158.56.119
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oiweyfh.com/point.bmp?r=124553

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.119 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 18:12:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Last-Modified: Sat, 14 May 2022 05:53:20 GMT
server: ****
ETag: "627f43d0-44"
X-Cache: MISS
Content-Type: image/x-ms-bmp
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68
X-Xss-Protection: 1
X-Request-Id: 4d0101cc5e83be81b32d821bc3f9b732
Expires: Sat, 29 Jul 2023 18:12:55 GMT

GET
H2 200 point.bmp
www.yyxinfang.com/ 68 B
388 B 283ms
112ms Image
image/x-ms-bmp 119.28.19.156
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yyxinfang.com/point.bmp?r=327500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.28.19.156 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Sat, 22 Jul 2023 18:22:55 GMT
date: Sat, 22 Jul 2023 18:12:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Sat, 14 May 2022 05:53:20 GMT
server: nginx
etag: "627f43d0-44"
content-type: image/x-ms-bmp
x-remote-addr: 209.58.162.198
cache-control: max-age=600
http-geo-ipcountry: SG
accept-ranges: bytes
x-forwarded-port: 443
content-length: 68
x-xss-protection: 1
x-proxy-cache: MISS

GET
H/1.1 200
OK point.bmp
www.ahykznkj.com/ 68 B
434 B 418ms
256ms Image
image/x-ms-bmp 103.10.200.74
QUZATECH-PH MCPO ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ahykznkj.com/point.bmp?r=328174

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

103.10.200.74 , Philippines, ASN45559 (QUZATECH-PH MCPO Box 1755, PH),

Reverse DNS

Software

2.0.0 /

Resource Hash

2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Sat, 14 May 2022 05:53:20 GMT
server: 2.0.0
etag: "627f43d0-44"
content-type: image/x-ms-bmp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 68
x-xss-protection: 1
expires: Sat, 29 Jul 2023 18:12:55 GMT

GET
H2 200 point.bmp
www.gdwancang.com/ 68 B
389 B 179ms
100ms Image
image/x-ms-bmp 119.28.19.156
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gdwancang.com/point.bmp?r=169683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.28.19.156 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Sat, 22 Jul 2023 18:22:55 GMT
date: Sat, 22 Jul 2023 18:12:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Sat, 14 May 2022 05:53:20 GMT
server: nginx
etag: "627f43d0-44"
content-type: image/x-ms-bmp
x-remote-addr: 209.58.162.198
cache-control: max-age=600
http-geo-ipcountry: SG
accept-ranges: bytes
x-forwarded-port: 443
content-length: 68
x-xss-protection: 1
x-proxy-cache: MISS

GET
H/1.1 200
OK point.bmp
www.huanyangbz.com/ 68 B
652 B 407ms
97ms Image
image/x-ms-bmp 45.158.56.119
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huanyangbz.com/point.bmp?r=814099

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.119 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 18:12:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Last-Modified: Sat, 14 May 2022 05:53:20 GMT
server: ****
ETag: "627f43d0-44"
X-Cache: MISS
Content-Type: image/x-ms-bmp
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68
X-Xss-Protection: 1
X-Request-Id: fb78a1aed8199c291e887273f94362fb
Expires: Sat, 29 Jul 2023 18:12:55 GMT

GET
H/1.1 404
Not Found point.bmp
www.kasdfh.com/ 0
0 194ms
85ms Image
text/html 65.52.166.103
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kasdfh.com/point.bmp?r=724286
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.52.166.103 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H2 200 point.bmp
www.cqdsfwzx.com/ 68 B
314 B 184ms
98ms Image
image/x-ms-bmp 43.154.82.13
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cqdsfwzx.com/point.bmp?r=585995

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.154.82.13 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Sat, 14 May 2022 05:53:20 GMT
server: nginx
etag: "627f43d0-44"
content-type: image/x-ms-bmp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 68
x-xss-protection: 1
expires: Sat, 29 Jul 2023 18:12:55 GMT

GET
H/1.1 200
OK point.bmp
www.czlilin.com/ 68 B
434 B 511ms
267ms Image
image/x-ms-bmp 103.10.200.74
QUZATECH-PH MCPO ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.czlilin.com/point.bmp?r=251138

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

103.10.200.74 , Philippines, ASN45559 (QUZATECH-PH MCPO Box 1755, PH),

Reverse DNS

Software

2.0.0 /

Resource Hash

2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:12:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Sat, 14 May 2022 05:53:20 GMT
server: 2.0.0
etag: "627f43d0-44"
content-type: image/x-ms-bmp
cache-control: max-age=604800
accept-ranges: bytes
content-length: 68
x-xss-protection: 1
expires: Sat, 29 Jul 2023 18:12:55 GMT

GET
H/1.1 200
OK point.bmp
www.honghuibj.com/ 68 B
652 B 403ms
93ms Image
image/x-ms-bmp 45.158.56.119
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.honghuibj.com/point.bmp?r=335416

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.158.56.119 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

**** /

Resource Hash

2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 18:12:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
Last-Modified: Sat, 14 May 2022 05:53:20 GMT
server: ****
ETag: "627f43d0-44"
X-Cache: MISS
Content-Type: image/x-ms-bmp
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68
X-Xss-Protection: 1
X-Request-Id: bdaf505e31734e421e76937a64ad2e97
Expires: Sat, 29 Jul 2023 18:12:55 GMT

GET
H2 200 point.bmp
www.xachebang.com/ 68 B
388 B 156ms
131ms Image
image/x-ms-bmp 119.28.19.156
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xachebang.com/point.bmp?r=757731

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.28.19.156 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app1.nrduqq.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Sat, 22 Jul 2023 18:22:55 GMT
date: Sat, 22 Jul 2023 18:12:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Sat, 14 May 2022 05:53:20 GMT
server: nginx
etag: "627f43d0-44"
content-type: image/x-ms-bmp
x-remote-addr: 209.58.162.198
cache-control: max-age=600
http-geo-ipcountry: SG
accept-ranges: bytes
x-forwarded-port: 443
content-length: 68
x-xss-protection: 1
x-proxy-cache: MISS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bohaisp.com
URL: https://www.bohaisp.com/point.bmp?r=71574

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			app1.nrduqq.vip/	1969-12-31 23:59:59	Name: session_sslproxy_server Value: a7e741b7-5548-4f27c3b50161a898aa395aff3f8d9dfd2fac

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.bohaisp.com/point.bmp?r=71574 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.kasdfh.com/point.bmp?r=724286 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app1.nrduqq.vip
www.ahykznkj.com
www.bohaisp.com
www.cqdsfwzx.com
www.czlilin.com
www.edouonline.com
www.gdwancang.com
www.hdhzwjpd.com
www.hfxnykj.com
www.honghuibj.com
www.huanyangbz.com
www.kasdfh.com
www.ldjgirn.com
www.oiweyfh.com
www.xachebang.com
www.yamanbuyi.com
www.yyxinfang.com
www.bohaisp.com
103.10.200.74
119.28.19.156
20.239.55.122
43.154.82.13
45.158.56.119
45.158.56.19
65.52.166.103
02dd96a084f67d19bd1b0d3023c1533ae78f5c033914458ba0819f757dad3e6e
03b428e76f4d04d4835a931341423df280cf15e3f37a3a6a576fc3a9bcb6702a
0677003869fbf7a66f29e981f9f99b4c2f6adee7f4db0b0f10537d5ebef84bde
0798e4a79f171c236c13f186aea3c4564fc08c2e914f99f36000536039a8a627
094e1a50281ffb589485c782276749f84457012f739ae3a0051d8bcb97823085
0950c04beca2a984ff60abd1950d077a32f5dc0546b63ccba2da6fe5cd474983
09ae649d919415cf5428b16200158964d27bbd750afdb13c416d43226e480ace
0c99d151cb8dc1e7ddf5ff696933870ec82d1274c87851cce9a4083fef283089
0da976784053380ce347e0a9cef6d3da8cf214b783125a9deccbdc8ceec276f0
0e715323b263df0747f55a1043225ba6271490f0e98ec1cc79191c7a989e0a66
12018289f92e6024e3abe7b2e3b6e8bbacb078d191f7a4774d6bcea0c81b7149
1932c8122c3c12a3da2d603872a7f4f740a495c08a9f43f3d51ec20bf6eb9910
1d566a692a8264b6429cf403e5d4241e1b7801cd850f168d674cda98abe27386
1df9d70bd3e4c52325d66ddd63e4d75b233215f5ae411888cc524fa0f7985006
20038a513bd5dca09a119f287ce4d6a75b739fccdcc36b9f0ff0ff39b388168c
21e2880c5796ee9ca0519bdd3a7c97b928270125bae61336240e31c62b961140
241bbf33cc325fcd70144c816ab89f1996d3a903e125567744279d1216f2ddec
25ab1c0d64ec61da6d0c368f61e5b3e9344183ba2a8b94dbdbae1e0ff0cf6f5b
2a593a5189c0fda13e22ad82d74fa5d79e284c36f43d772a5646b7c5d6e5ee11
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
2cff1ab4d2a0b4fd0c3eae185b8c7d24352c00aa3c075473fbb3717a8af80979
2dfc0aa3ece5094135da61019ffc0bdb987e4df19f88ced7ffd9bcd122ffcd7e
2e8609bfe674772d5b468b2e016c45f56871ad25a818e05c86ae129e4b6b5e00
2f5f130ee69ed30eee9741abd3f178b5eb555e92ab2c9f969d54d9703e4fe028
37c7d0e9b648a94d9646a99852cb80a6bfbd3a9e6cb6cd984d7c2312454750b6
3cb3cd5e8482c9461e9cce0d30d8159e1aa62522c76c2c6e49da0c83253c9121
40f4de9be8e96b030fe009e8d040d312c0b6f21556a6d69e729bedf01f65e8e6
4553fcc827a78609a9e133b5a7c7bc4dd2dcc461fe975740523614f71c1542fb
46bc7a738d04b657afe222a9e022630e1c0732302e1ac7d5206efef968fe1e4e
499ddd932fea0e6678988b0880afc3d0259244111822e4fe9fcb1d18ca2633ce
4d2ac6309b3582ef0d642624ae5ca6fbcedecd245ee05877184672252a2ec53a
527bd6a3d8af95f0c84ce7cae8786d1e3a5519d3c2de09c57bd927e23174d3c1
59a75ef1127154ab8350ad9e8d76e6e77287389f3b3bb006273dc587721dd5c7
59ceb8448ae85233a430e1b133a86d98f82b34831accaf1b51735acf5dec3266
5eb9837191a619a3e984cdb30f72c23c830940191dd8491bf7ac8074e07b9395
5eba586b54ab24c304d4ab5cdbb35bde1d998296484c41f217d54f3683427aac
71e13bc0b0e725fc3a06ffdabb293ae3df9c58821e2f1d2fd7001f31aee87a6e
74061da66d8c3431512e160742c8e0b79c6b0516b0e7e90815d9ad41115d4729
7498a225238349d73c16ad9d6eb467d0f68457d7559b089f3614ed9b09659e58
7545b88d57d4b1af51de9eae674d1791ccb45b9aa107144979315761503f27c2
79457cdd8a672773f6e6d6b88519e6f34fdf61e4dd35cc7bce8c97073b939c69
7c1ac8e2c3de97916c27fa5aeb027d03ef0610ce35af71ae3bd32528b730ea3d
7e1ea3b1b9ae537ecb31e2d30825164ed4b85b09653b43b5c7dbd6933b3ac817
7f85bde8aa73da1773e7c61931b4c2af29ca6b7050d54b327828b010c59c7624
8cd89e03f80adebe7382c0e93e3114920358d7c746db03ab640880904891275c
8cdbc17852a018d4b9a9ed9cd7a309cc7c7956a667ac530f65814f46a5cf5df2
92be8090be7e20ff97ebbeb12de341d8ef6a24c42c1329b466c29095c1482617
9482a55b00ef8e16a2c1851e22b9794346d693c13fa1f17bc99f4d6dd52edf60
952354ec3339806cfcc8b93c1d25c522d929be7e613233e212be9f9137c06424
9d166d1f1dfaee2e56bab5255f80cbbbe2e9593833bbf2f8995dffb65bfaf101
a0c9b2c68dc31ebe6dd2bf8af090967db75679bbd767530cea2fe09e38fec38d
a5e28359b0a189e0eb3463cd1296bf2335a577abd8e2b3f346ee8e58dfd3391a
a7cdbfa8c53f1467acf66b08098c92554a691edc0c24bd1b9dc996a9b331c2a5
ab86b0e2b693c19b08f4ee80c846bdfd1175dcb10be2f41109def79f45f035ba
b0dbee68ffbd4fb656b119e9c472e2daf5ed3bf3f129db796746df7814573fbe
b4849752b729912e98d06a9dccdbf0db2f6c1331e75b437dde6d31d1bbd28525
b68787affaa45fbf70481e5db34783ce868c2851a840b07c3569aa8c5c8c911e
bacb0526c607bcae3f21eab3c7f04be290c3bca23908c63a7d157c82dfddc9b7
bf94d67053b64328140b3d9e66ef73e0251fb81c81c0da440519ecf80b357d7c
c522ee230bb8a1579ef52fb7716802773a5b24d2ed2084bed0095ac45a8c0572
ca33a430e1a10010bcd922697c8494b5f7ca8a43f82ccf08c669d856f5c23cc2
d0da7908efbd9ee5bce7d1464ec2b9fe76178113de199b1a185421eab4426f89
d324edb54e0dfb01f090e656a2a382a74ecbf63fda4f584c2d67577b3dd39d71
d3791a230ef43b32e6135a7eb801b13cb731bc95fb26df54efe9e805d5303e32
dcfeb47fdd2df6c72818d3aabd15397e30aed72f2b6cf51df3e8a4f28e3f822a
dfbd9964cd93ff75358f82f03c4cb75d25578e7e7c46aad3d061aec7a8bd5fbd
dffba71dfd5c2b216b2ba4f2d72e5bca52c02e402d1870f81ad639c2ee26773b
e1e3f3e4a361369957cd88e7a84e3c68e5b8c14d41d1598a66a843d7d228d4f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d923a092607e2e8cff6916a5926509244ed44d7321d5c909ba7fd9d4cc4d41
e9dcf29d47330f0459990818a2a7a4a99e7cc4b9817a300df542de83f5ac0f0e
f531cb2cf1d2d60a2d8679a39609206956d3d08fc6344bee2956afe3712410dc

app1.nrduqq.vip Open in urlscan Pro 45.158.56.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

73 Requests

99 %HTTPS

0 %IPv6

17 Domains

17 Subdomains

8 IPs

3 Countries

1709 kBTransfer

4292 kBSize

1 Cookies

11 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 26 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app1.nrduqq.vip Open in urlscan Pro
45.158.56.19 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

99 %
HTTPS

0 %
IPv6

17
Domains

17
Subdomains

8
IPs

3
Countries

1709 kB
Transfer

4292 kB
Size

1
Cookies

73 HTTP transactions
26 data transactions