urlscan.io logo urlscan.io
SecurityTrails logo

qrd3.vip Open in urlscan Pro
172.247.18.162  Public Scan

Go To Rescan Add Verdict Report
URL: https://qrd3.vip/
Submission: On July 21 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 16 domains to perform 51 HTTP transactions. The main IP is 172.247.18.162, located in United States and belongs to CNSERVERS, US. The main domain is qrd3.vip.
TLS certificate: Issued by R11 on July 14th 2024. Valid for: 3 months.
This is the only time qrd3.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 172.247.18.162 40065 (CNSERVERS)
24 14.215.182.140 4134 (CHINANET-...)
12 12 43.202.168.202 16509 (AMAZON-02)
12 2606:4700:303... 13335 (CLOUDFLAR...)
1 194.53.53.8 209242 (CLOUDFLAR...)
1 172.247.176.202 40065 (CNSERVERS)
51 5
13    172.247.18.162 (United States)

ASN40065 (CNSERVERS, US)
qrd3.vip
24    14.215.182.140 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
hm.baidu.com
12    43.202.168.202 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-202-168-202.ap-northeast-2.compute.amazonaws.com
img.732335.com
img.273115.com
img.179115.com
img.332861.com
img.731551.com
img.911787.com
img.878871.com
img.327855.com
img.658229.com
img.955271.com
img.563997.com
12    2606:4700:3037::6815:53a0 (United States)

ASN13335 (CLOUDFLARENET, US)
files.backmoestream1.top
1    194.53.53.8 (Moscow Oblast, Russian Federation)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
mj.pki.net.cn
1    172.247.176.202 (United States)

ASN40065 (CNSERVERS, US)
hou2.qingrendao.love
Apex Domain
Subdomains		 Transfer
24 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8226
141 KB
13 qrd3.vip
qrd3.vip
726 KB
12 backmoestream1.top
files.backmoestream1.top — Cisco Umbrella Rank: 185139
2 MB
2 911787.com
img.911787.com
295 B
1 qingrendao.love
hou2.qingrendao.love
9 KB
1 563997.com
img.563997.com
148 B
1 955271.com
img.955271.com
148 B
1 658229.com
img.658229.com
148 B
1 pki.net.cn
mj.pki.net.cn — Cisco Umbrella Rank: 800830
16 KB
1 327855.com
img.327855.com
148 B
1 878871.com
img.878871.com
148 B
1 731551.com
img.731551.com
148 B
1 332861.com
img.332861.com
148 B
1 179115.com
img.179115.com
148 B
1 273115.com
img.273115.com — Cisco Umbrella Rank: 193895
148 B
1 732335.com
img.732335.com
148 B
51 16
Domain Requested by
24 hm.baidu.com qrd3.vip
13 qrd3.vip qrd3.vip
12 files.backmoestream1.top qrd3.vip
2 img.911787.com 2 redirects
1 hou2.qingrendao.love qrd3.vip
1 img.563997.com 1 redirects
1 img.955271.com 1 redirects
1 img.658229.com 1 redirects
1 mj.pki.net.cn qrd3.vip
1 img.327855.com 1 redirects
1 img.878871.com 1 redirects
1 img.731551.com 1 redirects
1 img.332861.com 1 redirects
1 img.179115.com 1 redirects
1 img.273115.com 1 redirects
1 img.732335.com 1 redirects
51 16

This site contains no links.

Subject Issuer Validity Valid
qrd0.vip
R11		 2024-07-14 -
2024-10-12		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2024-07-08 -
2025-08-09		 a year crt.sh
mj.pki.net.cn
WE1		 2024-06-12 -
2024-09-10		 3 months crt.sh
hou2.qingrendao.love
R10		 2024-07-14 -
2024-10-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://qrd3.vip/
Frame ID: ABEBDFF93B374A32AC0C42DC94B26520
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

QINGRENDAO

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

76 %
HTTPS

17 %
IPv6

16
Domains

16
Subdomains

5
IPs

4
Countries

3248 kB
Transfer

3820 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://img.732335.com/images/66937ff23a818f8054b3de09.gif HTTP 302
  • https://files.backmoestream1.top/store/catu/de/09/66937ff23a818f8054b3de09.gif
Request Chain 24
  • https://img.273115.com/images/6693800c3a818f8054b3de0a.gif HTTP 302
  • https://files.backmoestream1.top/store/catu/de/0a/6693800c3a818f8054b3de0a.gif
Request Chain 25
  • https://img.179115.com/images/669a76485c2ea596cd969811.gif HTTP 302
  • https://files.backmoestream1.top/store/catu/98/11/669a76485c2ea596cd969811.gif
Request Chain 26
  • https://img.332861.com/images/66934c3fc00f089a509655e6.gif HTTP 302
  • https://files.backmoestream1.top/store/catu/55/e6/66934c3fc00f089a509655e6.gif
Request Chain 27
  • https://img.731551.com/images/6693578c3a818f8054b3a170.gif HTTP 302
  • https://files.backmoestream1.top/store/catu/a1/70/6693578c3a818f8054b3a170.gif
Request Chain 28
  • https://img.911787.com/images/669a76655c2ea596cd969812.gif HTTP 302
  • https://files.backmoestream1.top/store/catu/98/12/669a76655c2ea596cd969812.gif
Request Chain 29
  • https://img.878871.com/images/6695191b6007a0a5eb61ffad.gif HTTP 302
  • https://files.backmoestream1.top/store/catu/ff/ad/6695191b6007a0a5eb61ffad.gif
Request Chain 30
  • https://img.327855.com/images/669519746007a0a5eb61ffaf.jpg HTTP 302
  • https://files.backmoestream1.top/store/catu/ff/af/669519746007a0a5eb61ffaf.jpg
Request Chain 32
  • https://img.911787.com/images/669519636007a0a5eb61ffae.gif HTTP 302
  • https://files.backmoestream1.top/store/catu/ff/ae/669519636007a0a5eb61ffae.gif
Request Chain 33
  • https://img.658229.com/images/668cd447f4cf0e3123f44362.gif HTTP 302
  • https://files.backmoestream1.top/store/catu/43/62/668cd447f4cf0e3123f44362.gif
Request Chain 34
  • https://img.955271.com/images/668cd491f4cf0e3123f44364.gif HTTP 302
  • https://files.backmoestream1.top/store/catu/43/64/668cd491f4cf0e3123f44364.gif
Request Chain 35
  • https://img.563997.com/images/669a78f55c2ea596cd969813.gif HTTP 302
  • https://files.backmoestream1.top/store/catu/98/13/669a78f55c2ea596cd969813.gif

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
qrd3.vip/ 		2 KB
898 B 		Document
General
Check archive.org
Download Go to
Full URL
https://qrd3.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.18.162 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
ec0adc696d2245b002551852ddf9dbace72c28529632682531fd0b57f27fdd25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 21 Jul 2024 18:00:38 GMT
etag
W/"66925bc0-6fb"
last-modified
Sat, 13 Jul 2024 10:49:36 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
style.css
qrd3.vip/css/ 		254 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qrd3.vip/css/style.css
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.18.162 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
e531021b26b52828a05cd3be0b1b297a2b3581403304c994d9dc10920657d706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:39 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 12 Jul 2024 14:23:56 GMT
server
nginx
etag
W/"66913c7c-3f6a2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 22 Jul 2024 06:00:39 GMT
tj.js
qrd3.vip/js/ 		3 KB
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qrd3.vip/js/tj.js
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.18.162 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
6f03045490381c8ee75cab1dedf3136dc48de14a0a23f708e22c50419f43d5ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:39 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 15 Jul 2024 09:59:10 GMT
server
nginx
etag
W/"6694f2ee-bf4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 22 Jul 2024 06:00:39 GMT
jquery.min.js
qrd3.vip/js/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qrd3.vip/js/jquery.min.js
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.18.162 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:39 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 16 Apr 2024 17:17:28 GMT
server
nginx
etag
W/"661eb2a8-15d84"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 22 Jul 2024 06:00:39 GMT
crypto-js.min.js
qrd3.vip/js/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qrd3.vip/js/crypto-js.min.js
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.18.162 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:39 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 16 Apr 2024 17:17:24 GMT
server
nginx
etag
W/"661eb2a4-bb78"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 22 Jul 2024 06:00:39 GMT
swiper-bundle.min.js
qrd3.vip/js/ 		85 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qrd3.vip/js/swiper-bundle.min.js
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.18.162 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
c75f5760a170f7057a0f98292236de6ccaa4c1227be309b91fc3b4d73346f8b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:39 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 07 Jun 2024 03:06:45 GMT
server
nginx
etag
W/"66627945-15396"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 22 Jul 2024 06:00:39 GMT
base.js
qrd3.vip/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qrd3.vip/js/base.js
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.18.162 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
886aea6d7638154be32267a99097010084d4ad646cee78a3c0a7962a2454b201
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:39 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 14 Jul 2024 05:32:24 GMT
server
nginx
etag
W/"669362e8-d7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 22 Jul 2024 06:00:39 GMT
gg.js
qrd3.vip/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qrd3.vip/js/gg.js
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.18.162 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
77131629749014a8627a1d1dc81428f8b6ce275e47290beaae3eea62a062565c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:39 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 20 Jul 2024 08:24:33 GMT
server
nginx
etag
W/"669b7441-324d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 22 Jul 2024 06:00:39 GMT
api.js
qrd3.vip/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qrd3.vip/js/api.js
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.18.162 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
896ad941bf1450033bc0c12cbd47a6a003b69dc1b3a35567a5e91cef90dde675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:39 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 15 Jul 2024 13:08:30 GMT
server
nginx
etag
W/"66951f4e-3889"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 22 Jul 2024 06:00:39 GMT
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?ab4319db38774f8796c6a8638489e06f
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/js/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
5f0c4e299dbcae59843f51a6feaed833fb7af09376106f00cbe33d32a6db73a0
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 18:00:40 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
28e176b6ac5955cfe01004505de1824b
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11289
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?8a9e2d9569f6544976e045696791f4e2
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/js/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
9cc70690daa75372021e8251a3d2b7cea228910548628541d82e312445b74269
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 18:00:40 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
d80b35b616cafdec181278b1d7c4b37b
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11289
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?0573e998d9040a0ad575feb25b5a451f
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/js/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
e04716d2525ea6316038b072f3de0ec35b0813b873963354394734cb1eb803ce
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 18:00:40 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
2bb4e1b2f13c1943d9a35faa65e006dd
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11289
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?fee9f502ee5ad1b722ddd821e7dfb6ec
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/js/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
f4805519ebb702c1b4282b28ca7f405fc6c7733a81aefa6aea4b8ec98f9cfc52
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 18:00:40 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
01aed192fb5dbcf6638dd5827588a412
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11289
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?6b38bdb0e83e75fae9189e1e64d7ce8d
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/js/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
661f9c68d56f8fed478c25d3ca4f399b24a0cb94d71d7676f138e5d7122478a9
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 18:00:40 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
ed9de5afbc47412830f7f6e9eb2a0a57
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11289
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?7d44d41ebd93a4fc95c24970d1ff87d6
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/js/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
a21df382172825d69b0e5a7d59f596cc144d6e937de2590ffb46ed8f4057cbfb
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 18:00:40 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
b5c066ec93578eb1b5fb87926dd24ff2
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11289
hm.js
hm.baidu.com/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?b936f9e93c94640f45711aab942f20e0
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/js/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
f3cb66102ed7c60343f7c6f1120044c4c729541e3ff844da088b56b4a7cf7783
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 18:00:41 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
33f11906a7f24db3ca2eda7588b92632
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11289
hm.js
hm.baidu.com/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?98fc3ccd4d6a4ab425f7289aed667392
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/js/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
54c95a6aa6c573201399b636b85b2c91937c5f4423b465c34de170733f19e54d
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 18:00:41 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
b2e029d4052891d5eacaa97b42328de6
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11289
hm.js
hm.baidu.com/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?f9e555227513036bdebf0f3b83fd073e
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/js/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
f9136b11932e8e007bf84cdad25d7f6ede839fd1c7e8195faff5ee5b6e65bf99
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 18:00:41 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
9a7f1631ae64233e6822ffcfe5360dcf
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11289
hm.js
hm.baidu.com/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?73b4f72a7d9f9601b2d53b5913e1f51a
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/js/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
0cf03dd0bc8e0e559bf05a8d2af3e2dcd68be47580143ae711790f5c3c0c589e
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 18:00:41 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
d2181cd68ffe3260573d5627b9df6f06
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11289
hm.js
hm.baidu.com/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?5a7cd50515583cd2567a112ce20f41bc
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/js/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
24935cee88f73f86cef66802b375b1c43217b5026cdb8c66a24b710daafc7436
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 18:00:41 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
12e474ca3e683cc7d4f24838bfda0a97
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11293
hm.js
hm.baidu.com/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?ec7db65b8935dca7ebd567a28ae8f30c
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/js/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
847acc37a23d1a0b5b7bfaf1ad5fc0d987840231f7f53f6f23e44c8de27d1536
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 18:00:41 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
4b47bf6f33e3337a25e8c50291a08c62
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11293
logo1.png
qrd3.vip/images/ 		583 KB
567 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qrd3.vip/images/logo1.png
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.18.162 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
6ce58417dd949230e6f22bd96cca402edb867968f8b7d71151f07f0f168bf7db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:39 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 11 Jul 2024 09:53:30 GMT
server
nginx
etag
W/"668fab9a-91c04"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
expires
Tue, 20 Aug 2024 18:00:39 GMT
menu_home.png
qrd3.vip/images/ 		613 B
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qrd3.vip/images/menu_home.png
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.18.162 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
4f33263f5de66c58f844ce885b92ac12b8593a0133ecf39c2c99fb1aa6531f82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:39 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 06 Jul 2024 04:18:03 GMT
server
nginx
etag
"6688c57b-265"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
613
expires
Tue, 20 Aug 2024 18:00:39 GMT
menu_new.png
qrd3.vip/images/ 		764 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qrd3.vip/images/menu_new.png
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.18.162 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
4b012ca7b7daf0eb260b2da9da5376456407af9e200d88f58d0dc0361619a936
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:39 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 06 Jul 2024 04:18:10 GMT
server
nginx
etag
"6688c582-2fc"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
764
expires
Tue, 20 Aug 2024 18:00:39 GMT
66937ff23a818f8054b3de09.gif
files.backmoestream1.top/store/catu/de/09/
Redirect Chain
  • https://img.732335.com/images/66937ff23a818f8054b3de09.gif
  • https://files.backmoestream1.top/store/catu/de/09/66937ff23a818f8054b3de09.gif
706 KB
706 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.backmoestream1.top/store/catu/de/09/66937ff23a818f8054b3de09.gif
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H3
Server
2606:4700:3037::6815:53a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05333d9a66bc9a5ff88bd05d17189f19dba95035a8f5422ab2ef27742b7ba8a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:42 GMT
cf-cache-status
HIT
last-modified
Sun, 14 Jul 2024 07:36:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
629955
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=75Fsh7efrwl3Zjp3eFsb0Ivg6ZL58oj%2Fqma9caTcQh58z1s93jDcs%2B0qyHSmoEbnHxysU%2BctYgQqtFUHEHbEKN2j%2FPGyB52l7kmX8U%2FXZScIRrmmhzF%2BwInuIBQuIONUecqMgAY6KfA7nyYxxAVR89eC11m9C7k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8a6d1790290bc341-EWR
alt-svc
h3=":443"; ma=86400
content-length
722573

Redirect headers

location
https://files.backmoestream1.top/store/catu/de/09/66937ff23a818f8054b3de09.gif
cache-control
max-age=600
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=86400
content-length
0
6693800c3a818f8054b3de0a.gif
files.backmoestream1.top/store/catu/de/0a/
Redirect Chain
  • https://img.273115.com/images/6693800c3a818f8054b3de0a.gif
  • https://files.backmoestream1.top/store/catu/de/0a/6693800c3a818f8054b3de0a.gif
786 KB
787 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.backmoestream1.top/store/catu/de/0a/6693800c3a818f8054b3de0a.gif
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H3
Server
2606:4700:3037::6815:53a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dd9ce8f9d5ff62a7d3e82475fbe2f41562ee6b797ec9ad9cc502aa8cd7baeee

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:42 GMT
cf-cache-status
HIT
last-modified
Sun, 14 Jul 2024 07:36:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
629955
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wTPR%2FRtE5DEZxTOtfi6V66GlQWLtzItdjZ8JWBsY1dlMXcLAxMBAs2RSucpe8DjVBJR%2B%2Fz%2FL2By29bU4YXGYmasYeX%2BuPGa1ZQvxaK%2FXjk4iPuNB%2F1NTjYmdJYAObU1B%2BZNZA9f%2FG5F21B1xJA39Hx2f1Dzw8DE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8a6d1790290fc341-EWR
alt-svc
h3=":443"; ma=86400
content-length
804763

Redirect headers

location
https://files.backmoestream1.top/store/catu/de/0a/6693800c3a818f8054b3de0a.gif
cache-control
max-age=600
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=86400
content-length
0
669a76485c2ea596cd969811.gif
files.backmoestream1.top/store/catu/98/11/
Redirect Chain
  • https://img.179115.com/images/669a76485c2ea596cd969811.gif
  • https://files.backmoestream1.top/store/catu/98/11/669a76485c2ea596cd969811.gif
250 KB
250 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.backmoestream1.top/store/catu/98/11/669a76485c2ea596cd969811.gif
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H3
Server
2606:4700:3037::6815:53a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e164fa195ce1d5522fe54adc2f6f65fbed1f6bfc67a3b1e1ccbcd19599864c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:42 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Jul 2024 14:20:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
184765
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2FL1Q4H51SHo9m9Q3KkHFyH1GOoKhvbsYp41J%2BV6HzYS%2FXINcgfnCrYl2RucGARYSvzX6Hysz3X8jlLVYaIr7HvIu1F3F3Tz3k2CS7qPCqH3iPI3vMfwdJa3VHtpuCFa8XCIzUKm%2BbTZRlQ4diqR3cC4B5QWkZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8a6d1790290dc341-EWR
alt-svc
h3=":443"; ma=86400
content-length
255958

Redirect headers

location
https://files.backmoestream1.top/store/catu/98/11/669a76485c2ea596cd969811.gif
cache-control
max-age=600
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=86400
content-length
0
66934c3fc00f089a509655e6.gif
files.backmoestream1.top/store/catu/55/e6/
Redirect Chain
  • https://img.332861.com/images/66934c3fc00f089a509655e6.gif
  • https://files.backmoestream1.top/store/catu/55/e6/66934c3fc00f089a509655e6.gif
19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.backmoestream1.top/store/catu/55/e6/66934c3fc00f089a509655e6.gif
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H3
Server
2606:4700:3037::6815:53a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3530f512a0360e3b9e7d1dfdbbd9f34018ea139ec003be911201cc475ef65590

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:42 GMT
cf-cache-status
HIT
last-modified
Sun, 14 Jul 2024 03:55:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
651665
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L7EenEPD7riBCB0z1a0Awn%2BcGvZcRarjnqFniyl9Iq40uwRdaPN0diutoykH736sUEBmWv6jjFkorKYnXmt%2BRWvyqC0uGbSS1B%2B0Qec95R%2FrkknqkMIJro8sluOo4D3eyABDuLXkrt1KHiEi1vofPbwGqBqOLrM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8a6d17916a1bc341-EWR
alt-svc
h3=":443"; ma=86400
content-length
19619

Redirect headers

location
https://files.backmoestream1.top/store/catu/55/e6/66934c3fc00f089a509655e6.gif
cache-control
max-age=600
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=86400
content-length
0
6693578c3a818f8054b3a170.gif
files.backmoestream1.top/store/catu/a1/70/
Redirect Chain
  • https://img.731551.com/images/6693578c3a818f8054b3a170.gif
  • https://files.backmoestream1.top/store/catu/a1/70/6693578c3a818f8054b3a170.gif
18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.backmoestream1.top/store/catu/a1/70/6693578c3a818f8054b3a170.gif
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H3
Server
2606:4700:3037::6815:53a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6c3557997c5cb80c1f87469d4fcee123d0ef4077172916c101c4773e8d69ef4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:43 GMT
cf-cache-status
HIT
last-modified
Sun, 14 Jul 2024 04:44:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
646592
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PVN0k1IZRyI%2Fs%2BriF%2FDzIRekPRpybja%2Baqp1goa9VuKEjk%2FzlA8k9M14XDYw5P7QyFGxQjwhiv91Pj8GjJ3s%2B6BxjscrsVDJSCgtcp0StLTJBBLHZy5Pj4okU%2BoTJg4mIA4Yi8VoXN9TOZADGQzU2CTHzna%2FdKw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8a6d1794bca1c341-EWR
alt-svc
h3=":443"; ma=86400
content-length
18594

Redirect headers

location
https://files.backmoestream1.top/store/catu/a1/70/6693578c3a818f8054b3a170.gif
cache-control
max-age=600
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=86400
content-length
0
669a76655c2ea596cd969812.gif
files.backmoestream1.top/store/catu/98/12/
Redirect Chain
  • https://img.911787.com/images/669a76655c2ea596cd969812.gif
  • https://files.backmoestream1.top/store/catu/98/12/669a76655c2ea596cd969812.gif
76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.backmoestream1.top/store/catu/98/12/669a76655c2ea596cd969812.gif
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H3
Server
2606:4700:3037::6815:53a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5f7d88da11d57b5b206c33919086de4859b88f1c52ee7ee3f581b235935e3fa

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:43 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Jul 2024 14:21:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
184766
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yZkwIN8keQ8mJdsrfPB7ZPIdPyI%2Bp8JDZixc7CFohCkXnTbXt82%2FGNRItjCrcJnKneAvUgbD%2Bq4OX2Ch60KrGLG4wMhmDIOJOS3QDCziUUmRm3DQX5pczarMBBtshtUv2gHSbqwbYWJzLNkXLFiYlIPdN6RWmPM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8a6d1796ee56c341-EWR
alt-svc
h3=":443"; ma=86400
content-length
77561

Redirect headers

location
https://files.backmoestream1.top/store/catu/98/12/669a76655c2ea596cd969812.gif
cache-control
max-age=600
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=86400
content-length
0
6695191b6007a0a5eb61ffad.gif
files.backmoestream1.top/store/catu/ff/ad/
Redirect Chain
  • https://img.878871.com/images/6695191b6007a0a5eb61ffad.gif
  • https://files.backmoestream1.top/store/catu/ff/ad/6695191b6007a0a5eb61ffad.gif
29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.backmoestream1.top/store/catu/ff/ad/6695191b6007a0a5eb61ffad.gif
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H3
Server
2606:4700:3037::6815:53a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
745e098534c4fd0918694188bf7c903005853df211197230cf845e224a00ddc8

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:43 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Jul 2024 12:42:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
536300
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ZHyloVKLNNRb6wQmBP37Rx2MGxMQQeOVQJ1D6Hxt3WPFPTYn7P7mL3OuoWu6QKTOdTiAS1KYSOsa%2FO%2FVrpToVnu6jC6Gc2bp3oNVNsAuozdbKdBtmRHptpXhPBJLvQ9kNsIvoGT%2Bl0ZY5ub1KB4an2PLdIJVyU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8a6d179a087dc341-EWR
alt-svc
h3=":443"; ma=86400
content-length
29434

Redirect headers

location
https://files.backmoestream1.top/store/catu/ff/ad/6695191b6007a0a5eb61ffad.gif
cache-control
max-age=600
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=86400
content-length
0
669519746007a0a5eb61ffaf.jpg
files.backmoestream1.top/store/catu/ff/af/
Redirect Chain
  • https://img.327855.com/images/669519746007a0a5eb61ffaf.jpg
  • https://files.backmoestream1.top/store/catu/ff/af/669519746007a0a5eb61ffaf.jpg
31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.backmoestream1.top/store/catu/ff/af/669519746007a0a5eb61ffaf.jpg
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H3
Server
2606:4700:3037::6815:53a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb8f2b840f256ea313c63d552f8432bd6d37384d921aa14f506a5699f9c542b3

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
534002
alt-svc
h3=":443"; ma=86400
content-length
31989
cf-bgj
h2pri
last-modified
Mon, 15 Jul 2024 12:43:33 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CSUFmnb5AxC833KjPPcgUQq%2FBR%2BlGJ8XU1e5l6sriAPylUTnzSGRhLYmy6Ny6M%2B3VvpISqxOXjfP8inj4lJB5s5BqCBW4HW4%2FaCKUWoz3EKHLoiY9HyDhULv1g1NDzZfSE6glj8zE6DW1ZzmoFOnIzsm9%2Bt6cg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8a6d179a087fc341-EWR

Redirect headers

location
https://files.backmoestream1.top/store/catu/ff/af/669519746007a0a5eb61ffaf.jpg
cache-control
max-age=600
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=86400
content-length
0
9uu-50X50.jpg
mj.pki.net.cn/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mj.pki.net.cn/img/9uu-50X50.jpg
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.53.53.8 Moscow Oblast, Russian Federation, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e1f8e414222832d1b32c6360467daf34e9ba211be2ff3034e9d36795d6f0c0c

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:42 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 19 Apr 2023 07:41:16 GMT
server
cloudflare
etag
"643f9b1c-3fdb"
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3660
accept-ranges
bytes
cf-ray
8a6d178faa316992-PHL
access-control-allow-headers
*
content-length
16347
expires
Sun, 21 Jul 2024 19:01:42 GMT
669519636007a0a5eb61ffae.gif
files.backmoestream1.top/store/catu/ff/ae/
Redirect Chain
  • https://img.911787.com/images/669519636007a0a5eb61ffae.gif
  • https://files.backmoestream1.top/store/catu/ff/ae/669519636007a0a5eb61ffae.gif
142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.backmoestream1.top/store/catu/ff/ae/669519636007a0a5eb61ffae.gif
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H3
Server
2606:4700:3037::6815:53a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce4e33af286073bbe03be5d4ace25ec7c0081d7492a376970b3c62dbb59ad71

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:43 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Jul 2024 12:43:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
532814
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rENFo5t5siQxHbEbzMfpzDbcoUWKeZEPeiiRyIRwHojT1ztKFYc9nfEH81Mh%2BHsSKs8Z06haHpZu%2BEsg1MtribMmP7ee%2BhkW0aTQwyWXXeTU4lYx81i%2FcRbafXNtSkQdD7Szi1Sk2sSN14msHAPk75hxU7zb4c0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8a6d1796ee55c341-EWR
alt-svc
h3=":443"; ma=86400
content-length
145065

Redirect headers

location
https://files.backmoestream1.top/store/catu/ff/ae/669519636007a0a5eb61ffae.gif
cache-control
max-age=600
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=86400
content-length
0
668cd447f4cf0e3123f44362.gif
files.backmoestream1.top/store/catu/43/62/
Redirect Chain
  • https://img.658229.com/images/668cd447f4cf0e3123f44362.gif
  • https://files.backmoestream1.top/store/catu/43/62/668cd447f4cf0e3123f44362.gif
111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.backmoestream1.top/store/catu/43/62/668cd447f4cf0e3123f44362.gif
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H3
Server
2606:4700:3037::6815:53a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb91cd977e8d3aed0f07d373b0d4d6b9579a2e3a41464a7b23f3f17ce6ef8036

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:44 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Jul 2024 06:10:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
664744
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=73dbqSEhU0v%2B6m4XI5LS%2B%2F2nV0DF%2FoXL8LE02LZpnwvSCN1XxI3u0Hc4a9rM4OtefGAYoM0PY%2B4mX7pVLYh%2FN8eXqYGJgBqo6JQdtekOHyVrZ2hVn5mmlYIQJpl7s7XI60oRbZBOF1RnkVM%2Fp1qaxCM6W9oerhg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8a6d179b799ec341-EWR
alt-svc
h3=":443"; ma=86400
content-length
113497

Redirect headers

location
https://files.backmoestream1.top/store/catu/43/62/668cd447f4cf0e3123f44362.gif
cache-control
max-age=600
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=86400
content-length
0
668cd491f4cf0e3123f44364.gif
files.backmoestream1.top/store/catu/43/64/
Redirect Chain
  • https://img.955271.com/images/668cd491f4cf0e3123f44364.gif
  • https://files.backmoestream1.top/store/catu/43/64/668cd491f4cf0e3123f44364.gif
87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.backmoestream1.top/store/catu/43/64/668cd491f4cf0e3123f44364.gif
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H3
Server
2606:4700:3037::6815:53a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abeef37cf972baf44f712ab7b9c5b267a5404c5ee69200a51c885a60d5a1c689

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:44 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Jul 2024 06:11:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
664744
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3jSdPBsDOrnpP8c1t1L%2FHvTK2JhlooRgY1%2FpN0Q4icNVP7WpFgBiMjFMEW1mutn9fXn2gq9xZWLzCUMm5bs0wu6132azJXkg4HKSwMAlqTfsbLuNV87JNm8boexQjKoqVDosdQycj8B8J7O6s1vV9UvwOsIbAc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8a6d179d3ae6c341-EWR
alt-svc
h3=":443"; ma=86400
content-length
89593

Redirect headers

location
https://files.backmoestream1.top/store/catu/43/64/668cd491f4cf0e3123f44364.gif
cache-control
max-age=600
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=86400
content-length
0
669a78f55c2ea596cd969813.gif
files.backmoestream1.top/store/catu/98/13/
Redirect Chain
  • https://img.563997.com/images/669a78f55c2ea596cd969813.gif
  • https://files.backmoestream1.top/store/catu/98/13/669a78f55c2ea596cd969813.gif
95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.backmoestream1.top/store/catu/98/13/669a78f55c2ea596cd969813.gif
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
H3
Server
2606:4700:3037::6815:53a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5b37795415bd8541b2541b5a9832c48359ac20e949965575822562aa659c2f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:43 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Jul 2024 14:32:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
120149
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtZ44BL69xPrxbETgjOOs%2FIvVMWhPFpag9men7LjUP1wX91iVjdT%2FfDS8c9i%2BdNL4sRFw1hajRnayK6DcyzgZgmCU7GP%2BwxLBL91ypStifTIIdm%2BQH9mcdwKWihyAT4NksRCBGCy5ci3aps8hCv7bVC9pqjhimE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
8a6d179a98d1c341-EWR
alt-svc
h3=":443"; ma=86400
content-length
97434

Redirect headers

location
https://files.backmoestream1.top/store/catu/98/13/669a78f55c2ea596cd969813.gif
cache-control
max-age=600
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=86400
content-length
0
getShouyeList
hou2.qingrendao.love//api.php/index/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hou2.qingrendao.love//api.php/index/getShouyeList
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.176.202 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
b4091fc340647a3a76102da0ad53ebf32df8a619dcce5fdfa0bf3c0c01176e6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:41 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
x-requested-with, content-type
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=EFB67B49D851F1E7&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1938801894&si=7d44d41ebd93a4fc95c24970d1ff87d6&v=1.3.2&lv=1&sn=45926&r=0&ww=1600&u=https%3A%2F%2Fqrd3.vip%2F&tt=QINGRENDAO
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jul 2024 18:00:42 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=EFB67B49D851F1E7&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1279016503&si=fee9f502ee5ad1b722ddd821e7dfb6ec&v=1.3.2&lv=1&sn=45926&r=0&ww=1600&u=https%3A%2F%2Fqrd3.vip%2F&tt=QINGRENDAO
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jul 2024 18:00:43 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=EFB67B49D851F1E7&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=354769359&si=6b38bdb0e83e75fae9189e1e64d7ce8d&v=1.3.2&lv=1&sn=45926&r=0&ww=1600&u=https%3A%2F%2Fqrd3.vip%2F&tt=QINGRENDAO
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jul 2024 18:00:43 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=EFB67B49D851F1E7&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1352878542&si=0573e998d9040a0ad575feb25b5a451f&v=1.3.2&lv=1&sn=45926&r=0&ww=1600&u=https%3A%2F%2Fqrd3.vip%2F&tt=QINGRENDAO
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jul 2024 18:00:43 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=EFB67B49D851F1E7&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1983794689&si=ab4319db38774f8796c6a8638489e06f&v=1.3.2&lv=1&sn=45926&r=0&ww=1600&u=https%3A%2F%2Fqrd3.vip%2F&tt=QINGRENDAO
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jul 2024 18:00:43 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=EFB67B49D851F1E7&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=800144906&si=8a9e2d9569f6544976e045696791f4e2&v=1.3.2&lv=1&sn=45926&r=0&ww=1600&u=https%3A%2F%2Fqrd3.vip%2F&tt=QINGRENDAO
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jul 2024 18:00:43 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=EFB67B49D851F1E7&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=812803121&si=b936f9e93c94640f45711aab942f20e0&v=1.3.2&lv=1&sn=45926&r=0&ww=1600&u=https%3A%2F%2Fqrd3.vip%2F&tt=QINGRENDAO
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jul 2024 18:00:43 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=EFB67B49D851F1E7&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=119920211&si=f9e555227513036bdebf0f3b83fd073e&v=1.3.2&lv=1&sn=45926&r=0&ww=1600&u=https%3A%2F%2Fqrd3.vip%2F&tt=QINGRENDAO
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jul 2024 18:00:43 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=EFB67B49D851F1E7&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1367250281&si=98fc3ccd4d6a4ab425f7289aed667392&v=1.3.2&lv=1&sn=45926&r=0&ww=1600&u=https%3A%2F%2Fqrd3.vip%2F&tt=QINGRENDAO
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jul 2024 18:00:43 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=EFB67B49D851F1E7&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=291511324&si=73b4f72a7d9f9601b2d53b5913e1f51a&v=1.3.2&lv=1&sn=45926&r=0&ww=1600&u=https%3A%2F%2Fqrd3.vip%2F&tt=QINGRENDAO
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jul 2024 18:00:43 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=EFB67B49D851F1E7&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=740558540&si=5a7cd50515583cd2567a112ce20f41bc&v=1.3.2&lv=1&sn=45926&r=0&ww=1600&u=https%3A%2F%2Fqrd3.vip%2F&tt=QINGRENDAO
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jul 2024 18:00:43 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=EFB67B49D851F1E7&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1625510631&si=ec7db65b8935dca7ebd567a28ae8f30c&v=1.3.2&lv=1&sn=45926&r=0&ww=1600&u=https%3A%2F%2Fqrd3.vip%2F&tt=QINGRENDAO
Requested by
Host: qrd3.vip
URL: https://qrd3.vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jul 2024 18:00:43 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
favicon.ico
qrd3.vip/ 		138 B
218 B 		Other
General
Check archive.org
Download Go to
Full URL
https://qrd3.vip/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.18.162 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f

Request headers

Referer
https://qrd3.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:00:44 GMT
server
nginx
etag
"669379fc-8a"
content-length
138
content-type
text/html

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _hmt function| $ function| jQuery object| CryptoJS function| Swiper string| my string| domain object| body function| getId function| closeCouplet function| setCookie function| getCookie function| removeCookie function| copyUrl function| getTimeStr function| getParameterByName string| souSuo function| check function| shuffleArray string| appName string| updateUrl string| yuming string| email number| restrict object| logoimg object| hfData object| xtbData object| dpimg object| adData object| btmData object| diData object| diData2 object| touTxtz string| footerStr string| headerHtml string| btmSpons string| xtbData1 string| dpimg1 string| btmSpons1 string| hfDataStr string| agentstr object| agentreg string| fanhui object| data string| fenLei string| class1 object| ziLei number| p string| url function| indexApi function| videoApi function| searchApi function| playApi boolean| _bdhm_loaded_7d44d41ebd93a4fc95c24970d1ff87d6 boolean| _bdhm_loaded_fee9f502ee5ad1b722ddd821e7dfb6ec boolean| _bdhm_loaded_6b38bdb0e83e75fae9189e1e64d7ce8d boolean| _bdhm_loaded_0573e998d9040a0ad575feb25b5a451f boolean| _bdhm_loaded_ab4319db38774f8796c6a8638489e06f boolean| _bdhm_loaded_8a9e2d9569f6544976e045696791f4e2 boolean| _bdhm_loaded_b936f9e93c94640f45711aab942f20e0 boolean| _bdhm_loaded_f9e555227513036bdebf0f3b83fd073e boolean| _bdhm_loaded_98fc3ccd4d6a4ab425f7289aed667392 boolean| _bdhm_loaded_73b4f72a7d9f9601b2d53b5913e1f51a boolean| _bdhm_loaded_5a7cd50515583cd2567a112ce20f41bc boolean| _bdhm_loaded_ec7db65b8935dca7ebd567a28ae8f30c

26 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: B27CDAC6FD79C318
.qrd3.vip/ Name: Hm_lvt_7d44d41ebd93a4fc95c24970d1ff87d6
Value: 1721584841
.qrd3.vip/ Name: Hm_lpvt_7d44d41ebd93a4fc95c24970d1ff87d6
Value: 1721584841
.qrd3.vip/ Name: HMACCOUNT
Value: EFB67B49D851F1E7
.qrd3.vip/ Name: Hm_lvt_fee9f502ee5ad1b722ddd821e7dfb6ec
Value: 1721584841
.qrd3.vip/ Name: Hm_lpvt_fee9f502ee5ad1b722ddd821e7dfb6ec
Value: 1721584841
.qrd3.vip/ Name: Hm_lvt_6b38bdb0e83e75fae9189e1e64d7ce8d
Value: 1721584841
.qrd3.vip/ Name: Hm_lpvt_6b38bdb0e83e75fae9189e1e64d7ce8d
Value: 1721584841
.qrd3.vip/ Name: Hm_lvt_0573e998d9040a0ad575feb25b5a451f
Value: 1721584841
.qrd3.vip/ Name: Hm_lpvt_0573e998d9040a0ad575feb25b5a451f
Value: 1721584841
.qrd3.vip/ Name: Hm_lvt_ab4319db38774f8796c6a8638489e06f
Value: 1721584841
.qrd3.vip/ Name: Hm_lpvt_ab4319db38774f8796c6a8638489e06f
Value: 1721584841
.qrd3.vip/ Name: Hm_lvt_8a9e2d9569f6544976e045696791f4e2
Value: 1721584841
.qrd3.vip/ Name: Hm_lpvt_8a9e2d9569f6544976e045696791f4e2
Value: 1721584841
.qrd3.vip/ Name: Hm_lvt_b936f9e93c94640f45711aab942f20e0
Value: 1721584841
.qrd3.vip/ Name: Hm_lpvt_b936f9e93c94640f45711aab942f20e0
Value: 1721584841
.qrd3.vip/ Name: Hm_lvt_f9e555227513036bdebf0f3b83fd073e
Value: 1721584841
.qrd3.vip/ Name: Hm_lpvt_f9e555227513036bdebf0f3b83fd073e
Value: 1721584841
.qrd3.vip/ Name: Hm_lvt_98fc3ccd4d6a4ab425f7289aed667392
Value: 1721584841
.qrd3.vip/ Name: Hm_lpvt_98fc3ccd4d6a4ab425f7289aed667392
Value: 1721584841
.qrd3.vip/ Name: Hm_lvt_73b4f72a7d9f9601b2d53b5913e1f51a
Value: 1721584841
.qrd3.vip/ Name: Hm_lpvt_73b4f72a7d9f9601b2d53b5913e1f51a
Value: 1721584841
.qrd3.vip/ Name: Hm_lvt_5a7cd50515583cd2567a112ce20f41bc
Value: 1721584841
.qrd3.vip/ Name: Hm_lpvt_5a7cd50515583cd2567a112ce20f41bc
Value: 1721584841
.qrd3.vip/ Name: Hm_lvt_ec7db65b8935dca7ebd567a28ae8f30c
Value: 1721584841
.qrd3.vip/ Name: Hm_lpvt_ec7db65b8935dca7ebd567a28ae8f30c
Value: 1721584841

1 Console Messages

Source Level URL
Text
network error URL: https://qrd3.vip/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

files.backmoestream1.top
hm.baidu.com
hou2.qingrendao.love
img.179115.com
img.273115.com
img.327855.com
img.332861.com
img.563997.com
img.658229.com
img.731551.com
img.732335.com
img.878871.com
img.911787.com
img.955271.com
mj.pki.net.cn
qrd3.vip
14.215.182.140
172.247.176.202
172.247.18.162
194.53.53.8
2606:4700:3037::6815:53a0
43.202.168.202
0cf03dd0bc8e0e559bf05a8d2af3e2dcd68be47580143ae711790f5c3c0c589e
1e1f8e414222832d1b32c6360467daf34e9ba211be2ff3034e9d36795d6f0c0c
24935cee88f73f86cef66802b375b1c43217b5026cdb8c66a24b710daafc7436
301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f
3530f512a0360e3b9e7d1dfdbbd9f34018ea139ec003be911201cc475ef65590
4b012ca7b7daf0eb260b2da9da5376456407af9e200d88f58d0dc0361619a936
4dd9ce8f9d5ff62a7d3e82475fbe2f41562ee6b797ec9ad9cc502aa8cd7baeee
4f33263f5de66c58f844ce885b92ac12b8593a0133ecf39c2c99fb1aa6531f82
54c95a6aa6c573201399b636b85b2c91937c5f4423b465c34de170733f19e54d
5f0c4e299dbcae59843f51a6feaed833fb7af09376106f00cbe33d32a6db73a0
661f9c68d56f8fed478c25d3ca4f399b24a0cb94d71d7676f138e5d7122478a9
6ce58417dd949230e6f22bd96cca402edb867968f8b7d71151f07f0f168bf7db
6f03045490381c8ee75cab1dedf3136dc48de14a0a23f708e22c50419f43d5ad
745e098534c4fd0918694188bf7c903005853df211197230cf845e224a00ddc8
77131629749014a8627a1d1dc81428f8b6ce275e47290beaae3eea62a062565c
847acc37a23d1a0b5b7bfaf1ad5fc0d987840231f7f53f6f23e44c8de27d1536
886aea6d7638154be32267a99097010084d4ad646cee78a3c0a7962a2454b201
896ad941bf1450033bc0c12cbd47a6a003b69dc1b3a35567a5e91cef90dde675
9cc70690daa75372021e8251a3d2b7cea228910548628541d82e312445b74269
a21df382172825d69b0e5a7d59f596cc144d6e937de2590ffb46ed8f4057cbfb
abeef37cf972baf44f712ab7b9c5b267a5404c5ee69200a51c885a60d5a1c689
b4091fc340647a3a76102da0ad53ebf32df8a619dcce5fdfa0bf3c0c01176e6c
ba5b37795415bd8541b2541b5a9832c48359ac20e949965575822562aa659c2f
c75f5760a170f7057a0f98292236de6ccaa4c1227be309b91fc3b4d73346f8b3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6c3557997c5cb80c1f87469d4fcee123d0ef4077172916c101c4773e8d69ef4
dce4e33af286073bbe03be5d4ace25ec7c0081d7492a376970b3c62dbb59ad71
e04716d2525ea6316038b072f3de0ec35b0813b873963354394734cb1eb803ce
e05333d9a66bc9a5ff88bd05d17189f19dba95035a8f5422ab2ef27742b7ba8a
e531021b26b52828a05cd3be0b1b297a2b3581403304c994d9dc10920657d706
e5f7d88da11d57b5b206c33919086de4859b88f1c52ee7ee3f581b235935e3fa
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc
eb8f2b840f256ea313c63d552f8432bd6d37384d921aa14f506a5699f9c542b3
eb91cd977e8d3aed0f07d373b0d4d6b9579a2e3a41464a7b23f3f17ce6ef8036
ec0adc696d2245b002551852ddf9dbace72c28529632682531fd0b57f27fdd25
f3cb66102ed7c60343f7c6f1120044c4c729541e3ff844da088b56b4a7cf7783
f4805519ebb702c1b4282b28ca7f405fc6c7733a81aefa6aea4b8ec98f9cfc52
f6e164fa195ce1d5522fe54adc2f6f65fbed1f6bfc67a3b1e1ccbcd19599864c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9136b11932e8e007bf84cdad25d7f6ede839fd1c7e8195faff5ee5b6e65bf99