mr-wu.top Open in urlscan Pro
2408:8722:840:f8::83 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mr-wu.top/
Submission: On July 02 via api (July 2nd 2024, 9:02:39 am UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 12 HTTP transactions. The main IP is 2408:8722:840:f8::83, located in China and belongs to CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN. The main domain is mr-wu.top.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on December 22nd 2023. Valid for: a year.

This is the only time mr-wu.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2408:8722:840... 2408:8722:840:f8::83	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
7 7	74.48.34.43 74.48.34.43	35916 (MULTA-ASN1) (MULTA-ASN1)
5	43.248.189.194 43.248.189.194	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
3	2408:877f:30:... 2408:877f:30:f::1e	134542 (UNICOM-GU...) (UNICOM-GUIAN China Unicom IP network)
2 2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a01:111:f402... 2a01:111:f402:f0ca::27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	5

2 2408:8722:840:f8::83 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

mr-wu.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.48.34.43 (Los Angeles, United States) 7 redirects

ASN35916 (MULTA-ASN1, US)

static-1.llilii.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img-1.llilii.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 43.248.189.194 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

static.llilii.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2408:877f:30:f::1e (China)

ASN134542 (UNICOM-GUIAN China Unicom IP network, CN)

analysis.llilii.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

lfs-global-onedrive.potaa.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:111:f402:f0ca::27 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

potaa-my.sharepoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	llilii.cn 7 redirects static-1.llilii.cn static.llilii.cn analysis.llilii.cn img-1.llilii.cn	158 KB
2	sharepoint.com potaa-my.sharepoint.com	437 KB
2	potaa.top 2 redirects lfs-global-onedrive.potaa.top	2 KB
2	mr-wu.top mr-wu.top	7 KB
12	4

	Domain	Requested by
5	static.llilii.cn	mr-wu.top
5	static-1.llilii.cn	5 redirects
3	analysis.llilii.cn	mr-wu.top analysis.llilii.cn
2	potaa-my.sharepoint.com	mr-wu.top
2	lfs-global-onedrive.potaa.top	2 redirects
2	img-1.llilii.cn	2 redirects
2	mr-wu.top
12	7

This site contains links to these domains. Also see Links.

Domain
space.bilibili.com
github.com
www.zhihu.com
afdian.net
www.wunote.cn
beian.miit.gov.cn
www.beian.gov.cn

Subject Issuer	Validity	Valid
mr-wu.top TrustAsia RSA DV TLS CA G2	`2023-12-22` - `2024-12-21`	a year	crt.sh
analysis.llilii.cn TrustAsia RSA DV TLS CA G2	`2023-08-05` - `2024-08-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mr-wu.top/
Frame ID: AC6BE897CF0E09239AFA0DF779210107
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

某咸鱼的小站

Page Statistics

12
Requests

42 %
HTTPS

50 %
IPv6

4
Domains

7
Subdomains

5
IPs

4
Countries

601 kB
Transfer

952 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://space.bilibili.com/438613160

Search URL Search Domain Scan URL

URL: https://github.com/unknown-o

Search URL Search Domain Scan URL

URL: https://www.zhihu.com/people/unknown-o

Search URL Search Domain Scan URL

URL: https://afdian.net/@unknown-o
Title: 爱发电

Search URL Search Domain Scan URL

URL: https://www.wunote.cn/ad/
Title: 推广页面

Search URL Search Domain Scan URL

URL: http://beian.miit.gov.cn/
Title: 浙ICP备2023001984号-3

Search URL Search Domain Scan URL

URL: https://www.beian.gov.cn/portal/registerSystemInfo?recordcode=33108102001065
Title: 浙公网安备 33108102001065号

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://static-1.llilii.cn/libs/mdui/css/mdui.min.css HTTP 301
https://static.llilii.cn/libs/mdui/css/mdui.min.css

Request Chain 1

https://static-1.llilii.cn/css/mdx-icons.css HTTP 301
https://static.llilii.cn/css/mdx-icons.css

Request Chain 2

https://static-1.llilii.cn/libs/mdui/js/mdui.min.js HTTP 301
https://static.llilii.cn/libs/mdui/js/mdui.min.js

Request Chain 3

https://static-1.llilii.cn/js/console-image-kagamine.js HTTP 301
https://static.llilii.cn/js/console-image-kagamine.js

Request Chain 5

https://static-1.llilii.cn/images/avatar/takanashi-rikka.jpg HTTP 301
https://static.llilii.cn/images/avatar/takanashi-rikka.jpg

Request Chain 6

https://img-1.llilii.cn/compression/vocaloid/kagamine/78688114_p0.png HTTP 301
https://lfs-global-onedrive.potaa.top/img//compression/vocaloid/kagamine/78688114_p0.png HTTP 302
https://potaa-my.sharepoint.com/personal/lfs_potaa_onmicrosoft_com/_layouts/15/download.aspx?UniqueId=7481064e-2089-4207-be35-429215b47a32&Translate=false&tempauth=v1.eyJzaXRlaWQiOiIxZmExYWU4YS1hYTJiLTQ3MTctYWZkYi1mMzc3OTc0YWQ1OWEiLCJhcHBfZGlzcGxheW5hbWUiOiJsZnMiLCJhcHBpZCI6ImI1NGQ1MWRkLWM5MzgtNGI0MS04MWNkLTJjN2Y1Nzg3MGFjZCIsImF1ZCI6IjAwMDAwMDAzLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMC9wb3RhYS1teS5zaGFyZXBvaW50LmNvbUA2NThmZDVlZC04ZmViLTQxNDAtYmQyNy03MzYzZDMyYmI0OTgiLCJleHAiOiIxNzE5OTE0NTQ5In0.CgoKBHNuaWQSAjY4EgsIlvL2vPefjT0QBRoOMjAuMTkwLjE0NC4xNzAqLFlJWDhQbnlsYXc3Z3BaZnBrOHpqWXM3ZDhGdXhBZXhvR0phd0s3K0Jwazg9MJoBOAFCEKE4TbOZ8AAwfxo7ww266_VKEGhhc2hlZHByb29mdG9rZW5yKTBoLmZ8bWVtYmVyc2hpcHwxMDAzMjAwMmQ1YjhhYmNlQGxpdmUuY29tegEyggESCe3Vj2Xrj0BBEb0nc2PTK7SYkgEG5a6H55SzmgED5ZC0ogEZbGZzQHBvdGFhLm9ubWljcm9zb2Z0LmNvbaoBEDEwMDMyMDAyRDVCOEFCQ0WyAQxteWZpbGVzLnJlYWTIAQE.7HUvTcoCknY8VCd1lV1ZF_YLwrPw7LtaFy-kMH_bx8U&ApiVersion=2.0

Request Chain 7

https://img-1.llilii.cn/origin/donate/main.png HTTP 301
https://lfs-global-onedrive.potaa.top/img//origin/donate/main.png HTTP 302
https://potaa-my.sharepoint.com/personal/lfs_potaa_onmicrosoft_com/_layouts/15/download.aspx?UniqueId=3ac8b9fb-6d00-46df-85f8-49fdef8e9d04&Translate=false&tempauth=v1.eyJzaXRlaWQiOiIxZmExYWU4YS1hYTJiLTQ3MTctYWZkYi1mMzc3OTc0YWQ1OWEiLCJhcHBfZGlzcGxheW5hbWUiOiJsZnMiLCJhcHBpZCI6ImI1NGQ1MWRkLWM5MzgtNGI0MS04MWNkLTJjN2Y1Nzg3MGFjZCIsImF1ZCI6IjAwMDAwMDAzLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMC9wb3RhYS1teS5zaGFyZXBvaW50LmNvbUA2NThmZDVlZC04ZmViLTQxNDAtYmQyNy03MzYzZDMyYmI0OTgiLCJleHAiOiIxNzE5OTE0NTUzIn0.CgoKBHNuaWQSAjY4EgsI3u255PefjT0QBRoOMjAuMTkwLjE0NC4xNzAqLGlmZ005WUhoRmZqa0RBb3g1eElBUENjTXZjaVhaekhSYzhGd1VmTTRVSlE9MJoBOAFCEKE4TbSb8AAwfUKLs7Gn4ztKEGhhc2hlZHByb29mdG9rZW5yKTBoLmZ8bWVtYmVyc2hpcHwxMDAzMjAwMmQ1YjhhYmNlQGxpdmUuY29tegEyggESCe3Vj2Xrj0BBEb0nc2PTK7SYkgEG5a6H55SzmgED5ZC0ogEZbGZzQHBvdGFhLm9ubWljcm9zb2Z0LmNvbaoBEDEwMDMyMDAyRDVCOEFCQ0WyAQxteWZpbGVzLnJlYWTIAQE.64uFiCAcA_4U4sB_bjtSjMBxUE6FNkoT5PqwEhhqOm8&ApiVersion=2.0

12 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mr-wu.top/ 6 KB
2 KB 2604ms
295ms Document
text/html 2408:8722:840:f8::83
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://mr-wu.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2408:8722:840:f8::83 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),

Reverse DNS

Software

openresty /

Resource Hash

456cf2686431a27e9d5929741469c6afd4420e78ed4518dd9f821ffc10f35d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 2089
content-type: text/html; charset=UTF-8
date: Mon, 01 Jul 2024 17:07:30 GMT
server: openresty
strict-transport-security: max-age=1;
vary: Accept-Encoding
x-cache-lookup: Cache Hit
x-nws-log-uuid: 5072128913683367713

GET
H2

200

mdui.min.css
static.llilii.cn/libs/mdui/css/
Redirect Chain

https://static-1.llilii.cn/libs/mdui/css/mdui.min.css
https://static.llilii.cn/libs/mdui/css/mdui.min.css

318 KB
41 KB

2179ms
572ms

Stylesheet
text/css

43.248.189.194
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.llilii.cn/libs/mdui/css/mdui.min.css

Requested by

Host: mr-wu.top
URL: https://mr-wu.top/

Protocol

Server

43.248.189.194 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),

Reverse DNS

Software

openresty/1.19.3.1 /

Resource Hash

92a96b8390ab48140aaf9e9b341dbd34012d0377b0361cbe42a4374e9e9f9154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mr-wu.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 09:03:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 01 Jul 2024 21:07:23 GMT
server: openresty/1.19.3.1
etag: W/"66831a8b-4f6e0"
vary: Accept-Encoding
x-cache: MISS
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: *
cache-control: max-age=60
access-control-allow-headers: *
expires: Tue, 02 Jul 2024 09:04:16 GMT

Redirect headers

location: https://static.llilii.cn/libs/mdui/css/mdui.min.css
date: Tue, 02 Jul 2024 09:02:27 GMT
strict-transport-security: max-age=31536000
server: openresty/1.19.3.1
content-length: 162
content-type: text/html

GET
H2

200

mdx-icons.css
static.llilii.cn/css/
Redirect Chain

https://static-1.llilii.cn/css/mdx-icons.css
https://static.llilii.cn/css/mdx-icons.css

31 KB
14 KB

1967ms
390ms

Stylesheet
text/css

43.248.189.194
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.llilii.cn/css/mdx-icons.css

Requested by

Host: mr-wu.top
URL: https://mr-wu.top/

Protocol

Server

43.248.189.194 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),

Reverse DNS

Software

openresty/1.19.3.1 /

Resource Hash

1541b5ecc0deaad04134c6ce649431789017642b1fe33d44da9dfdda19dc5d35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mr-wu.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 09:03:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 01 Jul 2024 21:07:23 GMT
server: openresty/1.19.3.1
etag: W/"66831a8b-7dc1"
vary: Accept-Encoding
x-cache: MISS
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: *
cache-control: max-age=60
access-control-allow-headers: *
expires: Tue, 02 Jul 2024 09:04:16 GMT

Redirect headers

location: https://static.llilii.cn/css/mdx-icons.css
date: Tue, 02 Jul 2024 09:02:27 GMT
strict-transport-security: max-age=31536000
server: openresty/1.19.3.1
content-length: 162
content-type: text/html

GET
H2

200

mdui.min.js Show response
static.llilii.cn/libs/mdui/js/
Redirect Chain

https://static-1.llilii.cn/libs/mdui/js/mdui.min.js
https://static.llilii.cn/libs/mdui/js/mdui.min.js

72 KB
24 KB

4546ms
2971ms

Script
application/javascript

43.248.189.194
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.llilii.cn/libs/mdui/js/mdui.min.js

Requested by

Host: mr-wu.top
URL: https://mr-wu.top/

Protocol

Server

43.248.189.194 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),

Reverse DNS

Software

openresty/1.19.3.1 /

Resource Hash

573128348cd3f6a4e6e5a360739aec6756d217569af45e4ac102c1f597bc24de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mr-wu.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 09:03:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 01 Jul 2024 21:07:23 GMT
server: openresty/1.19.3.1
etag: W/"66831a8b-1212c"
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: *
cache-control: max-age=60
access-control-allow-headers: *
expires: Tue, 02 Jul 2024 09:04:16 GMT

Redirect headers

location: https://static.llilii.cn/libs/mdui/js/mdui.min.js
date: Tue, 02 Jul 2024 09:02:27 GMT
strict-transport-security: max-age=31536000
server: openresty/1.19.3.1
content-length: 162
content-type: text/html

GET
H2

200

console-image-kagamine.js Show response
static.llilii.cn/js/
Redirect Chain

https://static-1.llilii.cn/js/console-image-kagamine.js
https://static.llilii.cn/js/console-image-kagamine.js

4 KB
1 KB

1919ms
342ms

Script
application/javascript

43.248.189.194
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.llilii.cn/js/console-image-kagamine.js

Requested by

Host: mr-wu.top
URL: https://mr-wu.top/

Protocol

Server

43.248.189.194 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),

Reverse DNS

Software

openresty/1.19.3.1 /

Resource Hash

d592f35f4093c240290c75b36a3aaf092bccd20e47a19c124ed010af0c1830b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mr-wu.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 09:03:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 01 Jul 2024 21:07:23 GMT
server: openresty/1.19.3.1
etag: W/"66831a8b-1000"
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: *
cache-control: max-age=60
access-control-allow-headers: *
expires: Tue, 02 Jul 2024 09:04:16 GMT

Redirect headers

location: https://static.llilii.cn/js/console-image-kagamine.js
date: Tue, 02 Jul 2024 09:02:27 GMT
strict-transport-security: max-age=31536000
server: openresty/1.19.3.1
content-length: 162
content-type: text/html

GET
H2 200 script.js Show response
analysis.llilii.cn/ 3 KB
2 KB 3370ms
380ms Script
application/javascript 2408:877f:30:f::1e
UNICOM-GUIAN Chin...

General

Check archive.org

Show headers Download Go to

Full URL

https://analysis.llilii.cn/script.js

Requested by

Host: mr-wu.top
URL: https://mr-wu.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2408:877f:30:f::1e , China, ASN134542 (UNICOM-GUIAN China Unicom IP network, CN),

Reverse DNS

Software

openresty /

Resource Hash

e4bf17663a2e43a9ee87e6ad3b8887aef50dcde984211f0dfe0757d8b74a83e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
Strict-Transport-Security	max-age=1;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mr-wu.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 09:02:34 GMT
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
content-encoding: gzip
x-cache-lookup: Cache Miss, Cache Miss
last-modified: Tue, 25 Jun 2024 16:37:05 GMT
server: openresty
strict-transport-security: max-age=1;
age: 0
etag: W/"a11-19050420f68"
x-dns-prefetch-control: on
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
x-nws-log-uuid: 5451028323680142720
accept-ranges: bytes

GET
H2

200

takanashi-rikka.jpg
static.llilii.cn/images/avatar/
Redirect Chain

https://static-1.llilii.cn/images/avatar/takanashi-rikka.jpg
https://static.llilii.cn/images/avatar/takanashi-rikka.jpg

74 KB
74 KB

4555ms
2975ms

Image
image/jpeg

43.248.189.194
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.llilii.cn/images/avatar/takanashi-rikka.jpg

Requested by

Host: mr-wu.top
URL: https://mr-wu.top/

Protocol

Server

43.248.189.194 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),

Reverse DNS

Software

openresty/1.19.3.1 /

Resource Hash

7f583cd54dc1a5e8ee117869dbfddd8721c01d5dc4b91442512c9c0c49135e16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mr-wu.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 09:03:16 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jul 2024 21:07:23 GMT
server: openresty/1.19.3.1
etag: "66831a8b-1273d"
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: *
cache-control: max-age=60
accept-ranges: bytes
access-control-allow-headers: *
content-length: 75581
expires: Tue, 02 Jul 2024 09:04:16 GMT

Redirect headers

location: https://static.llilii.cn/images/avatar/takanashi-rikka.jpg
date: Tue, 02 Jul 2024 09:02:27 GMT
strict-transport-security: max-age=31536000
server: openresty/1.19.3.1
content-length: 162
content-type: text/html

GET
H2

200

download.aspx
potaa-my.sharepoint.com/personal/lfs_potaa_onmicrosoft_com/_layouts/15/
Redirect Chain

https://img-1.llilii.cn/compression/vocaloid/kagamine/78688114_p0.png
https://lfs-global-onedrive.potaa.top/img//compression/vocaloid/kagamine/78688114_p0.png
https://potaa-my.sharepoint.com/personal/lfs_potaa_onmicrosoft_com/_layouts/15/download.aspx?UniqueId=7481064e-2089-4207-be35-429215b47a32&Translate=false&tempauth=v1.eyJzaXRlaWQiOiIxZmExYWU4YS1hYT...

365 KB
366 KB

1136ms
280ms

Image
image/png

2a01:111:f402:f0ca::27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potaa-my.sharepoint.com/personal/lfs_potaa_onmicrosoft_com/_layouts/15/download.aspx?UniqueId=7481064e-2089-4207-be35-429215b47a32&Translate=false&tempauth=v1.eyJzaXRlaWQiOiIxZmExYWU4YS1hYTJiLTQ3MTctYWZkYi1mMzc3OTc0YWQ1OWEiLCJhcHBfZGlzcGxheW5hbWUiOiJsZnMiLCJhcHBpZCI6ImI1NGQ1MWRkLWM5MzgtNGI0MS04MWNkLTJjN2Y1Nzg3MGFjZCIsImF1ZCI6IjAwMDAwMDAzLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMC9wb3RhYS1teS5zaGFyZXBvaW50LmNvbUA2NThmZDVlZC04ZmViLTQxNDAtYmQyNy03MzYzZDMyYmI0OTgiLCJleHAiOiIxNzE5OTE0NTQ5In0.CgoKBHNuaWQSAjY4EgsIlvL2vPefjT0QBRoOMjAuMTkwLjE0NC4xNzAqLFlJWDhQbnlsYXc3Z3BaZnBrOHpqWXM3ZDhGdXhBZXhvR0phd0s3K0Jwazg9MJoBOAFCEKE4TbOZ8AAwfxo7ww266_VKEGhhc2hlZHByb29mdG9rZW5yKTBoLmZ8bWVtYmVyc2hpcHwxMDAzMjAwMmQ1YjhhYmNlQGxpdmUuY29tegEyggESCe3Vj2Xrj0BBEb0nc2PTK7SYkgEG5a6H55SzmgED5ZC0ogEZbGZzQHBvdGFhLm9ubWljcm9zb2Z0LmNvbaoBEDEwMDMyMDAyRDVCOEFCQ0WyAQxteWZpbGVzLnJlYWTIAQE.7HUvTcoCknY8VCd1lV1ZF_YLwrPw7LtaFy-kMH_bx8U&ApiVersion=2.0

Requested by

Host: mr-wu.top
URL: https://mr-wu.top/

Protocol

Server

2a01:111:f402:f0ca::27 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

be651289e44f464a9cbe36f6d674d43d0b294e0e8faa3f03b8bd248d47571114

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com .powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mr-wu.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com *.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
x-content-type-options: nosniff
date: Tue, 02 Jul 2024 09:02:32 GMT
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
x-aspnet-version: 4.0.30319
x-networkstatistics: 0,64896,0,0,686,0,24536,188
x-powered-by: ASP.NET
x-databoundary: NONE
x-sharepointhealthscore: 3
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-disposition: attachment;filename*=utf-8''78688114%5Fp0%2Epng;filename="78688114_p0.png"
request-id: b44d38a1-8073-3000-7835-e04dbe7cb211
ms-cv: oThNtHOAADB4NeBNvnyyEQ.0
content-length: 373455
microsoftsharepointteamservices: 16.0.0.25019
x-ms-invokeapp: 1; RequireReadOnly
server: Microsoft-IIS/10.0
sprequestguid: b44d38a1-8073-3000-7835-e04dbe7cb211
etag: "{7481064E-2089-4207-BE35-429215B47A32},2"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=658fd5ed-8feb-4140-bd27-7363d32bb498&destinationEndpoint=195942&frontEnd=FarmDirect&RemoteIP=2a01:4a0:1338:92::"}]}
content-type: image/png
docid: potaa-my.sharepoint.com_1fa1ae8a-aa2b-4717-afdb-f377974ad59a_7481064e-2089-4207-be35-429215b47a32
cache-control: private
ctag: {7481064E-2089-4207-BE35-429215B47A32},2,1
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
accept-ranges: bytes

Redirect headers

date: Tue, 02 Jul 2024 09:02:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
location: https://potaa-my.sharepoint.com/personal/lfs_potaa_onmicrosoft_com/_layouts/15/download.aspx?UniqueId=7481064e-2089-4207-be35-429215b47a32&Translate=false&tempauth=v1.eyJzaXRlaWQiOiIxZmExYWU4YS1hYTJiLTQ3MTctYWZkYi1mMzc3OTc0YWQ1OWEiLCJhcHBfZGlzcGxheW5hbWUiOiJsZnMiLCJhcHBpZCI6ImI1NGQ1MWRkLWM5MzgtNGI0MS04MWNkLTJjN2Y1Nzg3MGFjZCIsImF1ZCI6IjAwMDAwMDAzLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMC9wb3RhYS1teS5zaGFyZXBvaW50LmNvbUA2NThmZDVlZC04ZmViLTQxNDAtYmQyNy03MzYzZDMyYmI0OTgiLCJleHAiOiIxNzE5OTE0NTQ5In0.CgoKBHNuaWQSAjY4EgsIlvL2vPefjT0QBRoOMjAuMTkwLjE0NC4xNzAqLFlJWDhQbnlsYXc3Z3BaZnBrOHpqWXM3ZDhGdXhBZXhvR0phd0s3K0Jwazg9MJoBOAFCEKE4TbOZ8AAwfxo7ww266_VKEGhhc2hlZHByb29mdG9rZW5yKTBoLmZ8bWVtYmVyc2hpcHwxMDAzMjAwMmQ1YjhhYmNlQGxpdmUuY29tegEyggESCe3Vj2Xrj0BBEb0nc2PTK7SYkgEG5a6H55SzmgED5ZC0ogEZbGZzQHBvdGFhLm9ubWljcm9zb2Z0LmNvbaoBEDEwMDMyMDAyRDVCOEFCQ0WyAQxteWZpbGVzLnJlYWTIAQE.7HUvTcoCknY8VCd1lV1ZF_YLwrPw7LtaFy-kMH_bx8U&ApiVersion=2.0
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ep0zZ0PaXAx3Eui6Vbtz6VDZQwJb1KpLPXDsER%2Fm1Ip%2FkEy9ZT7Btk2xN12aqKqukX0DDLktsrB50%2FyevvRf92yajxsquJ%2BfjJ0j%2BoDJ2jJisy7MOAmGgRpeAZo6lvR0PSgcDnd%2BTwXuGRRLE%2BJahQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 89cd75014f109001-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400

GET
H2

200

download.aspx
potaa-my.sharepoint.com/personal/lfs_potaa_onmicrosoft_com/_layouts/15/
Redirect Chain

https://img-1.llilii.cn/origin/donate/main.png
https://lfs-global-onedrive.potaa.top/img//origin/donate/main.png
https://potaa-my.sharepoint.com/personal/lfs_potaa_onmicrosoft_com/_layouts/15/download.aspx?UniqueId=3ac8b9fb-6d00-46df-85f8-49fdef8e9d04&Translate=false&tempauth=v1.eyJzaXRlaWQiOiIxZmExYWU4YS1hYT...

70 KB
71 KB

281ms
280ms

Image
image/png

2a01:111:f402:f0ca::27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potaa-my.sharepoint.com/personal/lfs_potaa_onmicrosoft_com/_layouts/15/download.aspx?UniqueId=3ac8b9fb-6d00-46df-85f8-49fdef8e9d04&Translate=false&tempauth=v1.eyJzaXRlaWQiOiIxZmExYWU4YS1hYTJiLTQ3MTctYWZkYi1mMzc3OTc0YWQ1OWEiLCJhcHBfZGlzcGxheW5hbWUiOiJsZnMiLCJhcHBpZCI6ImI1NGQ1MWRkLWM5MzgtNGI0MS04MWNkLTJjN2Y1Nzg3MGFjZCIsImF1ZCI6IjAwMDAwMDAzLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMC9wb3RhYS1teS5zaGFyZXBvaW50LmNvbUA2NThmZDVlZC04ZmViLTQxNDAtYmQyNy03MzYzZDMyYmI0OTgiLCJleHAiOiIxNzE5OTE0NTUzIn0.CgoKBHNuaWQSAjY4EgsI3u255PefjT0QBRoOMjAuMTkwLjE0NC4xNzAqLGlmZ005WUhoRmZqa0RBb3g1eElBUENjTXZjaVhaekhSYzhGd1VmTTRVSlE9MJoBOAFCEKE4TbSb8AAwfUKLs7Gn4ztKEGhhc2hlZHByb29mdG9rZW5yKTBoLmZ8bWVtYmVyc2hpcHwxMDAzMjAwMmQ1YjhhYmNlQGxpdmUuY29tegEyggESCe3Vj2Xrj0BBEb0nc2PTK7SYkgEG5a6H55SzmgED5ZC0ogEZbGZzQHBvdGFhLm9ubWljcm9zb2Z0LmNvbaoBEDEwMDMyMDAyRDVCOEFCQ0WyAQxteWZpbGVzLnJlYWTIAQE.64uFiCAcA_4U4sB_bjtSjMBxUE6FNkoT5PqwEhhqOm8&ApiVersion=2.0

Requested by

Host: mr-wu.top
URL: https://mr-wu.top/

Protocol

Server

2a01:111:f402:f0ca::27 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1322e76387a7f94eda09e39403bc0651e001476c953b0f74457ac0f7c30f3332

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com .powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mr-wu.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com *.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
x-content-type-options: nosniff
date: Tue, 02 Jul 2024 09:02:33 GMT
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
x-aspnet-version: 4.0.30319
x-networkstatistics: 0,763520,194,581,1035,0,352591,190
x-powered-by: ASP.NET
x-databoundary: NONE
x-sharepointhealthscore: 1
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-disposition: attachment;filename*=utf-8''main%2Epng;filename="main.png"
request-id: b44d38a1-d0b9-3000-7835-e52f9b1306f7
ms-cv: oThNtLnQADB4NeUvmxMG9w.0
content-length: 71890
microsoftsharepointteamservices: 16.0.0.25019
x-ms-invokeapp: 1; RequireReadOnly
server: Microsoft-IIS/10.0
sprequestguid: b44d38a1-d0b9-3000-7835-e52f9b1306f7
etag: "{3AC8B9FB-6D00-46DF-85F8-49FDEF8E9D04},1"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=658fd5ed-8feb-4140-bd27-7363d32bb498&destinationEndpoint=195942&frontEnd=FarmDirect&RemoteIP=2a01:4a0:1338:92::"}]}
content-type: image/png
docid: potaa-my.sharepoint.com_1fa1ae8a-aa2b-4717-afdb-f377974ad59a_3ac8b9fb-6d00-46df-85f8-49fdef8e9d04
cache-control: private
ctag: {3AC8B9FB-6D00-46DF-85F8-49FDEF8E9D04},1,1
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
accept-ranges: bytes

Redirect headers

date: Tue, 02 Jul 2024 09:02:33 GMT
strict-transport-security: max-age=31536000
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
location: https://potaa-my.sharepoint.com/personal/lfs_potaa_onmicrosoft_com/_layouts/15/download.aspx?UniqueId=3ac8b9fb-6d00-46df-85f8-49fdef8e9d04&Translate=false&tempauth=v1.eyJzaXRlaWQiOiIxZmExYWU4YS1hYTJiLTQ3MTctYWZkYi1mMzc3OTc0YWQ1OWEiLCJhcHBfZGlzcGxheW5hbWUiOiJsZnMiLCJhcHBpZCI6ImI1NGQ1MWRkLWM5MzgtNGI0MS04MWNkLTJjN2Y1Nzg3MGFjZCIsImF1ZCI6IjAwMDAwMDAzLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMC9wb3RhYS1teS5zaGFyZXBvaW50LmNvbUA2NThmZDVlZC04ZmViLTQxNDAtYmQyNy03MzYzZDMyYmI0OTgiLCJleHAiOiIxNzE5OTE0NTUzIn0.CgoKBHNuaWQSAjY4EgsI3u255PefjT0QBRoOMjAuMTkwLjE0NC4xNzAqLGlmZ005WUhoRmZqa0RBb3g1eElBUENjTXZjaVhaekhSYzhGd1VmTTRVSlE9MJoBOAFCEKE4TbSb8AAwfUKLs7Gn4ztKEGhhc2hlZHByb29mdG9rZW5yKTBoLmZ8bWVtYmVyc2hpcHwxMDAzMjAwMmQ1YjhhYmNlQGxpdmUuY29tegEyggESCe3Vj2Xrj0BBEb0nc2PTK7SYkgEG5a6H55SzmgED5ZC0ogEZbGZzQHBvdGFhLm9ubWljcm9zb2Z0LmNvbaoBEDEwMDMyMDAyRDVCOEFCQ0WyAQxteWZpbGVzLnJlYWTIAQE.64uFiCAcA_4U4sB_bjtSjMBxUE6FNkoT5PqwEhhqOm8&ApiVersion=2.0
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s5fAWzBwJEPrYJM2yHi6QwFCssMSwBgxW5xXo5YBfTsxdSFXMUZitOuWlfcWQAZlLwJhmb4s%2FTncazjLD8o4bePXuAU40zpyzBu1p78eOg70UV8nMQTF09W0cX%2FlL%2Bhbxd7OW386X8%2Fwg5alXVxyYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 89cd751d1e859001-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e98eeaefd07ab7efdd84b97c44b12624dfc2b25f4c2a50d2a3e12f3e01a2923d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 408 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04e1d6785ab7b07a36d927a5a48741d1435d25ad693261809bbdca28d7297f8f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79b200eddf20a7dfb0c2f5c2cd9561833af712f3a36bc5c8c233c25c398ab1ab

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c3e00d53bc7040188dd244dc2028c9dfa874c9c77b55f8404d622cb947adb5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 send Show response
analysis.llilii.cn/api/ 596 B
817 B 351ms
350ms Fetch
text/plain 2408:877f:30:f::1e
UNICOM-GUIAN Chin...

General

Check archive.org

Show headers Download Go to

Full URL

https://analysis.llilii.cn/api/send

Requested by

Host: analysis.llilii.cn
URL: https://analysis.llilii.cn/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2408:877f:30:f::1e , China, ASN134542 (UNICOM-GUIAN China Unicom IP network, CN),

Reverse DNS

Software

openresty /

Resource Hash

fd5b6dae11adcd15a67dd4fec0583743ff5fffaba69151db0d08fc826f7f43a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
Strict-Transport-Security	max-age=1;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mr-wu.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 02 Jul 2024 09:02:36 GMT
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
x-cache-lookup: Cache Miss, Cache Miss
server: openresty
strict-transport-security: max-age=1;
etag: "17iot79xydzgk"
x-dns-prefetch-control: on
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
x-nws-log-uuid: 4443494621304001868
content-length: 596

OPTIONS
H2 204 send
analysis.llilii.cn/api/ 0
0 989ms
320ms Preflight 2408:877f:30:f::1e
UNICOM-GUIAN Chin...

General

Check archive.org

Show headers Download Go to

Full URL

https://analysis.llilii.cn/api/send

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2408:877f:30:f::1e , China, ASN134542 (UNICOM-GUIAN China Unicom IP network, CN),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
Strict-Transport-Security	max-age=1;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mr-wu.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
date: Tue, 02 Jul 2024 09:02:36 GMT
server: openresty
strict-transport-security: max-age=1;
vary: Access-Control-Request-Headers
x-cache-lookup: Cache Miss Cache Miss
x-dns-prefetch-control: on
x-nws-log-uuid: 12411053837963477062

GET
H2 200 favicon.ico
mr-wu.top/ 4 KB
4 KB 301ms
293ms Other
image/x-icon 2408:8722:840:f8::83
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://mr-wu.top/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2408:8722:840:f8::83 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),

Reverse DNS

Software

openresty /

Resource Hash

e3b527cb4be777ef63792b2a0fec9cec1057328b85b7052a2bdaf941324ee14c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mr-wu.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 23:59:48 GMT
strict-transport-security: max-age=1;
x-cache-lookup: Cache Hit
last-modified: Mon, 01 Jul 2024 20:59:12 GMT
server: openresty
etag: "668318a0-10be"
content-type: image/x-icon
x-nws-log-uuid: 6462506058723797207
accept-ranges: bytes
content-length: 4286

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=1;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analysis.llilii.cn
img-1.llilii.cn
lfs-global-onedrive.potaa.top
mr-wu.top
potaa-my.sharepoint.com
static-1.llilii.cn
static.llilii.cn
188.114.96.3
2408:8722:840:f8::83
2408:877f:30:f::1e
2a01:111:f402:f0ca::27
43.248.189.194
74.48.34.43
04e1d6785ab7b07a36d927a5a48741d1435d25ad693261809bbdca28d7297f8f
1322e76387a7f94eda09e39403bc0651e001476c953b0f74457ac0f7c30f3332
1541b5ecc0deaad04134c6ce649431789017642b1fe33d44da9dfdda19dc5d35
456cf2686431a27e9d5929741469c6afd4420e78ed4518dd9f821ffc10f35d7a
56c3e00d53bc7040188dd244dc2028c9dfa874c9c77b55f8404d622cb947adb5
573128348cd3f6a4e6e5a360739aec6756d217569af45e4ac102c1f597bc24de
79b200eddf20a7dfb0c2f5c2cd9561833af712f3a36bc5c8c233c25c398ab1ab
7f583cd54dc1a5e8ee117869dbfddd8721c01d5dc4b91442512c9c0c49135e16
92a96b8390ab48140aaf9e9b341dbd34012d0377b0361cbe42a4374e9e9f9154
be651289e44f464a9cbe36f6d674d43d0b294e0e8faa3f03b8bd248d47571114
d592f35f4093c240290c75b36a3aaf092bccd20e47a19c124ed010af0c1830b1
e3b527cb4be777ef63792b2a0fec9cec1057328b85b7052a2bdaf941324ee14c
e4bf17663a2e43a9ee87e6ad3b8887aef50dcde984211f0dfe0757d8b74a83e1
e98eeaefd07ab7efdd84b97c44b12624dfc2b25f4c2a50d2a3e12f3e01a2923d
fd5b6dae11adcd15a67dd4fec0583743ff5fffaba69151db0d08fc826f7f43a9

mr-wu.top Open in urlscan Pro 2408:8722:840:f8::83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

42 %HTTPS

50 %IPv6

4 Domains

7 Subdomains

5 IPs

4 Countries

601 kBTransfer

952 kBSize

0 Cookies

7 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

mr-wu.top Open in urlscan Pro
2408:8722:840:f8::83 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

42 %
HTTPS

50 %
IPv6

4
Domains

7
Subdomains

5
IPs

4
Countries

601 kB
Transfer

952 kB
Size

0
Cookies

12 HTTP transactions
4 data transactions