urlscan.io logo urlscan.io
SecurityTrails logo

qirancy.com Open in urlscan Pro
104.18.17.176  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://qirancy.com/
Effective URL: https://qirancy.com/
Submission Tags: #phishing @ecarlesi Search All
Submission: On July 20 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 40 HTTP transactions. The main IP is 104.18.17.176, located in and belongs to CLOUDFLARENET, US. The main domain is qirancy.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 19th 2022. Valid for: a year.
This is the only time qirancy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 104.18.17.176 13335 (CLOUDFLAR...)
25 103.160.204.4 209242 (CLOUDFLAR...)
1 151.101.65.21 54113 (FASTLY)
1 2606:4700:440... 13335 (CLOUDFLAR...)
4 23.36.163.246 20940 (AKAMAI-ASN1)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 8.45.52.250 24429 (TAOBAO Zh...)
1 103.160.204.10 209242 (CLOUDFLAR...)
40 8
7    104.18.17.176 (None, )

ASN13335 (CLOUDFLARENET, US)
qirancy.com
25    103.160.204.4 (Hong Kong)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
static-theme.cdncloud.top
img.cdncloud.top
1    151.101.65.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
4    23.36.163.246 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-246.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    8.45.52.250 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
at.alicdn.com
1    103.160.204.10 (Hong Kong)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.itaboola.com
Apex Domain
Subdomains		 Transfer
25 cdncloud.top
static-theme.cdncloud.top — Cisco Umbrella Rank: 203480
img.cdncloud.top — Cisco Umbrella Rank: 117917
2 MB
7 qirancy.com
qirancy.com
13 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 919
89 KB
1 itaboola.com
www.itaboola.com — Cisco Umbrella Rank: 333307
451 B
1 alicdn.com
at.alicdn.com — Cisco Umbrella Rank: 11142
43 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
26 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1311
5 KB
1 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2205
40 8
Domain Requested by
19 static-theme.cdncloud.top qirancy.com
static-theme.cdncloud.top
7 qirancy.com 1 redirects static-theme.cdncloud.top
static.cloudflareinsights.com
6 img.cdncloud.top qirancy.com
4 analytics.tiktok.com qirancy.com
analytics.tiktok.com
1 www.itaboola.com static-theme.cdncloud.top
1 at.alicdn.com static-theme.cdncloud.top
1 connect.facebook.net qirancy.com
1 static.cloudflareinsights.com qirancy.com
1 www.paypal.com qirancy.com
40 9

This site contains no links.

Subject Issuer Validity Valid
qirancy.com
Cloudflare Inc ECC CA-3		 2022-07-19 -
2023-07-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-30 -
2023-05-30		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-12 -
2023-04-12		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-29 -
2022-07-28		 3 months crt.sh
*.alicdn.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-07-04 -
2023-08-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://qirancy.com/
Frame ID: EDCC1FC31BAE12296795B8604E004CB9
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

qirancy

Page URL History Show full URLs

  1. http://qirancy.com/ HTTP 301
    https://qirancy.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

100 %
HTTPS

25 %
IPv6

8
Domains

9
Subdomains

8
IPs

4
Countries

2583 kB
Transfer

3944 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://qirancy.com/ HTTP 301
    https://qirancy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
qirancy.com/
Redirect Chain
  • http://qirancy.com/
  • https://qirancy.com/
48 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qirancy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.17.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9199abe21eabbc2a5687c9451c65aa462059bc4224e3fbf749cb449f6a9fb1d8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72dd0889fa5698ea-ARN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 16:22:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-Cache-Status
DYNAMIC
CF-Ray
72dd0886b8c39933-ARN
Connection
keep-alive
Content-Type
text/html
Date
Wed, 20 Jul 2022 16:22:02 GMT
Location
https://qirancy.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
styles.min.css
static-theme.cdncloud.top/liquid/buyer/public/css/ 		313 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/css/styles.min.css?t=20220708185145
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a531863287ef363669d36fe8dc31793d32ce8fbc38b3eb18db50cc778b8cb6e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1055664
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
PQ028NWQNA8C2ST3
x-amz-id-2
Ypz5xCeKxa9MvaagRSvU9y215xDUUx+zGuAteR+OexmHUGsmR9xBiSGz6CG9SrWFA9nFDoAOklM=
last-modified
Fri, 08 Jul 2022 10:50:31 GMT
server
cloudflare
etag
W/"71ab6fbff5ae2d57cd9e1e39f6953dc6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
Rrg7VSTTRCRF7B0HcnIKjv5DYw6lnGZg
cf-ray
72dd08954c38fe20-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
shopify001.comm.min.css
static-theme.cdncloud.top/s/files/public/css/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/s/files/public/css/shopify001.comm.min.css?t=20220708185145
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cd5bd3eea0170b3fd5874a4a576b93a1887af50c1e0b6b88d564202ea68ec91

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
content-encoding
br
cf-cache-status
HIT
age
1052794
cf-ray
72dd08954c3cfe20-HEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
J3SRD5CSEAZ0ZY44
x-amz-id-2
7tQvUzPSy289RDYt22fSkkrlc3SPjVjC04i8zsGVoUeMcmhK1ZbAr+AtKRm2+b2HV55b/cGMdQY=
last-modified
Fri, 08 Jul 2022 10:50:31 GMT
server
cloudflare
etag
W/"f8b74f53fa5a11eb90fce4ac263cd495"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
Vzvr1gQBwDtU2_T.lmCdkNAI6E_LALQn
cache-control
public, max-age=14400
content-type
text/css
expires
Wed, 20 Jul 2022 20:22:04 GMT
init.js
static-theme.cdncloud.top/liquid/buyer/public/js/ 		1 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/js/init.js
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b937c77a3a9fda104fa3a1cd772c90bbe7a897251f22986d28f14ffcbf80fade

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1846189
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ATY33FM45BZ5RFWR
x-amz-id-2
DE/zAQ2neW5aQJaSgjZ7PDzPwW2q0g5qo4vcq+dh0os/dePp+kQupr9n3YeCmZapMyWXA69jZqQ=
last-modified
Fri, 02 Jul 2021 08:50:17 GMT
server
cloudflare
etag
W/"4bee4977c2da6cd1e2a55df8b38d45b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
M5gZPN_5f3OjYYGBArlil.gsyomdGX3e
cf-ray
72dd08954c3dfe20-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
jquery.js
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c42a7f762dff0348a739456ab0f0fc990921471759a548edb183b146942c9b5f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1846189
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ATY14Z131VQD7HGQ
x-amz-id-2
unPxfa5CDN0kRyh5v1o2vSg5AA5g8KAR5HD1TGJYAfFA9RjOo/9yqHnNixSsmrgsRpHEz2sUrnU=
last-modified
Fri, 02 Jul 2021 08:50:18 GMT
server
cloudflare
etag
W/"46442f55456bd45abc5b9a3152d2416d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
0DRAwBeib6dVYD7KDNm0muP_DUe4H_MA
cf-ray
72dd08954c40fe20-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
js
www.paypal.com/sdk/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=0&merchant-id=0&currency=USD&enable-funding=card,credit,paylater
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Iusir+QCV6v4fRiSSFAvw1diaUpNQ4LNm0BmyuuTy4VjSqVR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Iusir+QCV6v4fRiSSFAvw1diaUpNQ4LNm0BmyuuTy4VjSqVR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Iusir+QCV6v4fRiSSFAvw1diaUpNQ4LNm0BmyuuTy4VjSqVR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Iusir+QCV6v4fRiSSFAvw1diaUpNQ4LNm0BmyuuTy4VjSqVR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
p3p
true
paypal-debug-id
f671883707195
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
217
x-xss-protection
1; mode=block
x-served-by
cache-hhn4043-HHN
traceparent
00-0000000000000000000f671883707195-5e3d4933fd2aa7c5-01
x-timer
S1658334124.763633,VS0,VE246
x-frame-options
SAMEORIGIN
date
Wed, 20 Jul 2022 16:22:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
etag
W/"d9-WiHrl7nxczTcSz93956jo+X57IA"
accept-ranges
bytes
x-cache-hits
0
Swiper.js
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ 		121 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/Swiper.js
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ef172aa4800b8232e983684503c2367e292ae8613839eb13517a6cae89620d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1846189
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
AQD5Q7PST9ZPPNTE
x-amz-id-2
k22lILxz+/d0kM9Lk9GRbZHUYPxpIc/8CqmUGAurXXwBE2WzWD08h7UruvTAalC/SYLSqlxwQxM=
last-modified
Mon, 27 Dec 2021 07:31:02 GMT
server
cloudflare
etag
W/"e04c2dbd165eb77452595484642f2b86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
tkrxP5I9ewD.KVpCUQRml0VoNXPAmj9_
cf-ray
72dd08954c46fe20-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
fingerprint2.min.js
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/fingerprint2.min.js
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bbf62ad203c1261b1f628721481e4d387b4d3bece69aa9328e7e49a98b39375

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1846189
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
PFXPYND55A83P1TJ
x-amz-id-2
aJ0WraonSA2nUY08umVwlUijs2ABTZKdcc+dkAQf0cgOCLHGbwa5MTN3G4MXxMO54mUekoGKVSA=
last-modified
Fri, 25 Feb 2022 06:02:51 GMT
server
cloudflare
etag
W/"707f902ed38efb1d56de9a5b5004dae6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
JHZOfH.LnTKZiyYt3vu_8DUmkNn3qpCC
cf-ray
72dd08954c41fe20-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
vendor.min.js
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/vendor.min.js?t=20220708185145
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
17accff499542caec138b081f007ff4d3409ca8b324db3c6d916ce2e1fad2a17

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1055664
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
PQ04D6B76PTK8C1W
x-amz-id-2
FpDmxzstD0Hd6ctDV0cg+XtqiU0W31HnyV3YobY9AVF1HhpBv9i4vH8U7hgiVAMn5Dwu/O3kguU=
last-modified
Fri, 08 Jul 2022 10:50:43 GMT
server
cloudflare
etag
W/"e162f1319260e51ebbc1d686951448d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
L1HZ.5MbERzwcOR0gFEzNeYracG9EwGT
cf-ray
72dd08954c45fe20-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
575e89757ad61e843d470b2c49dae479.jpg
img.cdncloud.top/uploader/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.cdncloud.top/uploader/575e89757ad61e843d470b2c49dae479.jpg?x-oss-process=image/blur,r_10,s_10
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4d9a300548af55e7e41339bfc6271c51fde7adc3cc4dd4635449e52c6a6011

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-oss-request-id
62D82BAED2F3A63435A4B871
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
137197
x-oss-object-type
Multipart
last-modified
Tue, 19 Jul 2022 05:55:50 GMT
server
cloudflare
etag
"7303C7A22F33EC8A7E402FF592A27FAF-1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
72dd089b1c61376f-HEL
x-oss-hash-crc64ecma
4127905404629749011
x-oss-server-time
140
expires
Wed, 20 Jul 2022 20:22:07 GMT
575e89757ad61e843d470b2c49dae479.jpg
img.cdncloud.top/uploader/ 		522 KB
523 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.cdncloud.top/uploader/575e89757ad61e843d470b2c49dae479.jpg
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ffe8936a0ddde0d13b4a50ea16d6cc647e2e1b43bca5b01b2cb78d67fd754fc

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:07 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-oss-request-id
62D82BAE07BF9731385FE485
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
534846
x-oss-object-type
Multipart
last-modified
Tue, 19 Jul 2022 05:55:50 GMT
server
cloudflare
etag
"7303C7A22F33EC8A7E402FF592A27FAF-1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
72dd089b1c5f376f-HEL
x-oss-hash-crc64ecma
4778663798311266651
x-oss-server-time
38
expires
Wed, 20 Jul 2022 20:22:07 GMT
default.png
static-theme.cdncloud.top/buyer/public/img/ 		56 B
686 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-theme.cdncloud.top/buyer/public/img/default.png
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
80aa3fe5432df59b7abab02e52151e388ee927734221eb102e6d44f6cf89f650

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
737081
cf-polished
origFmt=png, origSize=6788
last-modified
Sat, 24 Oct 2020 07:52:36 GMT
content-disposition
inline; filename="default.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
RJE626HW8FR9A3JE
x-amz-id-2
vj2aaLsATrYG2fAIT2nZ39sffg+vfHZKD5u7w0YeDaf0s3nYr/H0UEWQlNaUX7myiu3IqnwWkVg=
accept-ranges
bytes
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"4cebe560ed4ee509dbb64d1972403039"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
HeIYKlT8qOiZWPOX.SL1Ufr702u8SXwn
content-length
56
cf-ray
72dd08967ce9376c-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
6052f38d5dd6c3cbb4fdca0e15451a3936b75d3e.jpeg
img.cdncloud.top/uploader/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.cdncloud.top/uploader/6052f38d5dd6c3cbb4fdca0e15451a3936b75d3e.jpeg
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed6b5e28081145a7ebe3b4dae7517a87cfbcafca5974fa226edb3045f6f3f66a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-md5
zM6Te9DNuzrPQvb2TRd0FQ==
x-oss-request-id
62D82BAFE67E4F353433D19F
content-disposition
inline; filename="787688608c107de412ecb00633986c9b2d07a68547_78768"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
100106
x-oss-object-type
Normal
last-modified
Sat, 25 Jun 2022 06:44:39 GMT
server
cloudflare
etag
"CCCE937BD0CDBB3ACF42F6F64D177415"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
72dd089b1c65376f-HEL
x-oss-hash-crc64ecma
5907547053209649957
x-oss-server-time
10
expires
Wed, 20 Jul 2022 20:22:08 GMT
paypal.png
static-theme.cdncloud.top/buyer/public/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-theme.cdncloud.top/buyer/public/img/paypal.png
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9158c942ad899cdee196355e6792afadd33e0b10f77c4a09c5fd2911fce61d04

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
247655
cf-polished
origFmt=png, origSize=2738
last-modified
Sat, 24 Oct 2020 07:52:37 GMT
content-disposition
inline; filename="paypal.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
R31VH95967D8KN1F
x-amz-id-2
w2jAdt5/oV0VLeGgLw8aaj2E32PeiD4KTqPYLYJ6y9qxdakx1nffo4HDnCGWC2jEtXtAM9CU6mw=
accept-ranges
bytes
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"00b29082e7463919e82a52632f106263"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
PxW.xSQNe2yxYE0gVygadZ38_bX97i8r
content-length
2034
cf-ray
72dd08967cee376c-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
paypal.svg
static-theme.cdncloud.top/liquid/buyer/public/img/payment/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/img/payment/paypal.svg
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbbe5813f53cf337acc360952a5bc1c623f42abc4160fd0304eb230cad45a55b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1924101
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
6PMST7T679M4V50H
x-amz-id-2
CPGQUVGrbGfopj0GctQRMfBy15nzi9U0aAQ74e7sQIANFyPmfd/Dz1hyzNFSz+an6aS4wCdd4kk=
last-modified
Fri, 25 Feb 2022 06:02:50 GMT
server
cloudflare
etag
W/"07f7d3ec656e55353c7a7046196a250d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
qH6kZ3pOLsNmnLDyefgWpMyzYeDtNtzc
cf-ray
72dd08967cfd376c-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
visa1.svg
static-theme.cdncloud.top/liquid/buyer/public/img/payment/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/img/payment/visa1.svg
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a91ec4e3e40185e8c894b5c158532373333331219b55f31b232895becd8e55ee

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1923032
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1Z1W7XPS0NX6Y5PT
x-amz-id-2
RKM3EAgULHpKhznp8WpUq0SUO/0Uy2srFXc7AW1YP773jWxQPJNEe08Uvpz9TE+LqWCxzZpu7EY=
last-modified
Fri, 25 Feb 2022 06:02:50 GMT
server
cloudflare
etag
W/"ce1d012126ce25c72e3a731060e8fe2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
0TaSczpsYOSNV5v75LpnA8NCq3Cr.CfF
cf-ray
72dd08967cfe376c-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
mastercard.svg
static-theme.cdncloud.top/liquid/buyer/public/img/payment/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/img/payment/mastercard.svg
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d18c859b3b60b5e1f77185d440a61af49502a178edaaca66dd076d98af11890

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1923032
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
PJZD0ZP8W34A9844
x-amz-id-2
L2AQDA/4SWYJH+6zxBRI/8GribnqjYvOzUnq37UtIYrl3qm4ZKn+3Z5aVjQWDyuIzKD3OMZQOq8=
last-modified
Fri, 25 Feb 2022 06:02:50 GMT
server
cloudflare
etag
W/"9ad047015966e1288b080a07fd2d7ebc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
oTb1CzBHJZrLSGPiHThSfHCgowwlxXF.
cf-ray
72dd08967d03376c-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
maestro.svg
static-theme.cdncloud.top/liquid/buyer/public/img/payment/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/img/payment/maestro.svg
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dacdee596e1bb252d671f8f0afb51c46981e37240c9d4b2377bb66129d4beec

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1923032
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FMTMDGK13R44J4P9
x-amz-id-2
4vFzFtXfkKEB55gGVsJ/EcuM2padfrx9Bsf6TV3ip9p2lh5Cya92EFef6MPN0HsgZTh2Hh3QdYI=
last-modified
Sat, 02 Apr 2022 09:33:57 GMT
server
cloudflare
etag
W/"c4350bd99ddc853d49568cbe8a7ba0b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
OT_JdTa92.aQNnvQ0lFyEq0G7mZ6Oqkf
cf-ray
72dd08967d04376c-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
AmericanExpress.svg
static-theme.cdncloud.top/liquid/buyer/public/img/payment/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/img/payment/AmericanExpress.svg
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
43d0a062df3eccf50cf81f80ee88b7d37d7ccd3953a06e3b000e888ca11d2194

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1923032
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
8152751T6QC77DJB
x-amz-id-2
dCgyswycl+eE9+HOYFERKb4EPC54lIvjPgCvXAQ2RTzGeJ5aYrwc67U+4QZXCyZB39BQ28iZ8/8=
last-modified
Fri, 25 Feb 2022 06:02:49 GMT
server
cloudflare
etag
W/"3a8b0094025fcc75887ba44fa896a347"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
aYBgnqZD_7JyqhWObowG6HM3_ykjymbE
cf-ray
72dd08967d06376c-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://qirancy.com/
Origin
https://qirancy.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
72dd0896f850fe3c-HEL
event.js
static-theme.cdncloud.top/liquid/buyer/public/js/lib/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/js/lib/event.js?t=20220708185145
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48fc0c00a491f69684ee6d9c1f4d3f18621273a37de49f460f28421eb1be26c7

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1055664
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HTET0GGHKD13KD1H
x-amz-id-2
IrWJRio/2K6FH1AB1PLL7Tzrdnx8ZraNCc96oLyBvTBist1b1CI8l+2fZJPoWUFHpj44I2rcf8M=
last-modified
Fri, 08 Jul 2022 10:50:43 GMT
server
cloudflare
etag
W/"3f00be69baed72b0d18f11261a6cb471"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
Ce9za9cDh3Y9R9K8uI0UVNnyiED8DDF_
cf-ray
72dd08960d3afe20-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
index.js
static-theme.cdncloud.top/liquid/buyer/public/js/lib/ 		634 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/js/lib/index.js?t=20220708185145
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e3b4da50e6f3846f53aa553a6b7185cd07dd32f346ca6f987c9759e8380e1a1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1055664
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HTEP88YGH8RPZFSH
x-amz-id-2
93BX0qlupYhN6WfrUU81h19cf9NldsLFzW58pJaIdnhivNNk+vsmyrioNnFNV7uaKn2Ym+d35Nc=
last-modified
Fri, 08 Jul 2022 10:50:43 GMT
server
cloudflare
etag
W/"d79a3801b3e42b12f1b32e2440061511"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
NGkSg3IThkiKlIlWCk6iNllcyY6ThCKu
cf-ray
72dd08961d3cfe20-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		126 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=&lib=ttq
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.246 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-246.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1eba8268d112d2903105c9b82da51799cd7467c382af9b3b94bcb41295d9c1dc

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
4e54194e.520ae28c
date
Wed, 20 Jul 2022 16:22:04 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-222-16-44.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-218.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
109,23.36.161.218
server-timing
cdn-cache; desc=MISS, edge; dur=110, origin; dur=15, inner; dur=4
pragma
no-cache
server
nginx
x-tt-logid
202207201622040100040040077350020060FF4D26E
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
15,23.222.16.44
x-tt-trace-host
017426f44ba3b05c8f54b6602d9331d0dd1293a1504549923681b631b5f4e2d0af4a5962413aa4b316283cae52335437492f33a41819433dc96157bf637b13e315c8a415eff5db9d848b9b3750b70093d4b2a43dc66b4179d0b6c3d19c60e44acc9473cf8e615de8335d30bf812c057add
expires
Wed, 20 Jul 2022 16:22:04 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26001
x-xss-protection
0
pragma
public
x-fb-debug
s0JSmUgtXgU0tTQ+ak6tRjIIY8Pvgj6sZ4Dzle8Q7d3hKZPzPVTsNX7KagKDM84p9UrWUWjIt7LHZZWYL0ijBA==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 20 Jul 2022 16:22:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
font_871426_ou7555ftk8o.woff2
at.alicdn.com/t/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at.alicdn.com/t/font_871426_ou7555ftk8o.woff2?t=1631848450369
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/css/styles.min.css?t=20220708185145
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.45.52.250 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
7d81f3c3e1c65379bfdec8620a41bd87581d45677316e57becc16692b8737d3a

Request headers

Referer
https://static-theme.cdncloud.top/
Origin
https://qirancy.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 03:21:31 GMT
via
cache22.l2ot7-1[0,0,200-0,H], cache8.l2ot7-1[1,0], cache2.us8[0,0,200-0,H], cache10.us8[1,0]
x-oss-request-id
614409BB14A30E36330D91AB
content-md5
rgWHwHbPVaCTap787BYoqg==
age
26485233
x-cache
HIT TCP_MEM_HIT dirn:6:709185715
x-swift-cachetime
15636303
x-swift-savetime
Tue, 15 Mar 2022 03:56:29 GMT
content-length
43280
x-oss-object-type
Normal
last-modified
Fri, 17 Sep 2021 03:14:10 GMT
server
Tengine
etag
"AE0587C076CF55A0936A9EFCEC1628AA"
ali-swift-global-savetime
1631848892
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=63072000
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
16904730654307218689
eagleid
082d349e16583341250785968e
x-oss-server-time
2
Lato-Regular.ttf
static-theme.cdncloud.top/s/files/public/css/font/ 		117 KB
118 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/s/files/public/css/font/Lato-Regular.ttf
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/s/files/public/css/shopify001.comm.min.css?t=20220708185145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7

Request headers

Referer
https://static-theme.cdncloud.top/s/files/public/css/shopify001.comm.min.css?t=20220708185145
Origin
https://qirancy.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
cf-cache-status
HIT
age
117773
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
Z9R7AZCR13QZQ5JC
x-amz-id-2
pMCj9FF/5/x5DdBLIxYODvBN8HtzZvBDKcikXVlUWV+qLZHl6oakG1NlI6aeAGxe0F9dYgDOnJ8=
accept-ranges
bytes
last-modified
Thu, 26 Aug 2021 10:20:22 GMT
server
cloudflare
etag
"7f690e503a254e0b8349aec0177e07aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
dpVC2kxXye_NKsoDzy0E6qsBWFwClMSQ
content-length
120196
cf-ray
72dd0896aeca376a-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
OpenSans-Regular.ttf
static-theme.cdncloud.top/s/files/public/css/font/ 		212 KB
213 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/s/files/public/css/font/OpenSans-Regular.ttf
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/s/files/public/css/shopify001.comm.min.css?t=20220708185145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8

Request headers

Referer
https://static-theme.cdncloud.top/s/files/public/css/shopify001.comm.min.css?t=20220708185145
Origin
https://qirancy.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
cf-cache-status
HIT
age
117773
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
MP5YQW9TA5AVYGXM
x-amz-id-2
VJu+YXnJnPGbL3aCrJ84KeoAg1AlfJuAQtjhqBe4Q7YfsCj8zpcaRB/3Cxia3FBurqc+kyWn1zI=
accept-ranges
bytes
last-modified
Thu, 26 Aug 2021 10:20:33 GMT
server
cloudflare
etag
"d7d5d4588a9f50c99264bc12e4892a7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
pV_FH3mVpvewEk.snjhhBL6L4xO2xwL.
content-length
217276
cf-ray
72dd0896aec7376a-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
AvenirNext-Regular.ttf
static-theme.cdncloud.top/s/files/public/css/font/ 		411 KB
412 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/s/files/public/css/font/AvenirNext-Regular.ttf
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/s/files/public/css/shopify001.comm.min.css?t=20220708185145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f3eed8e891997529629227d479b1b9d83ae2e1bbaabbf499fcd22e4b303126c

Request headers

Referer
https://static-theme.cdncloud.top/s/files/public/css/shopify001.comm.min.css?t=20220708185145
Origin
https://qirancy.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:04 GMT
cf-cache-status
HIT
age
117773
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
F1ZWWQ54CWRVC7ES
x-amz-id-2
9MPsOldK1KWE3vGHtK+S/iCjxRPBILbcdbxcCnvZHPqaml5+8vhCs6bJEhCJStmHd7QRmL0aWno=
accept-ranges
bytes
last-modified
Thu, 26 Aug 2021 10:20:47 GMT
server
cloudflare
etag
"4d8fdeb265ff6d34fb3bd8e4292665c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
DwHCpP2goZS.TT72NfX6Nc.1JlaMBugB
content-length
421096
cf-ray
72dd0896aecc376a-HEL
expires
Wed, 20 Jul 2022 20:22:04 GMT
user-capi
qirancy.com/buyer/user/ 		79 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://qirancy.com/buyer/user/user-capi
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21d499734783809cfcf7354e04cf179447b8d5ac98f62575524f314fe0345171

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://qirancy.com/
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 16:22:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cf-ray
72dd0899784b990f-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
select-coupon
qirancy.com/buyer/user/ 		64 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://qirancy.com/buyer/user/select-coupon
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5cc2a52627a859899dd766d22294b29bb0523f0b842215c5baa776fbf5952e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://qirancy.com/
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 16:22:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cf-ray
72dd0899784c990f-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
swiper.js
www.itaboola.com/ 		0
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.itaboola.com/swiper.js?ul=https%3A%2F%2Fqirancy.com%2F&ht=qirancy.com&ua=mozilla%2F5.0+(windows+nt+10.0%3B+win64%3B+x64)+applewebkit%2F537.36+(khtml%2C+like+gecko)+chrome%2F103.0.5060.134+safari%2F537.36&lp=true&sr=direct&rl=&s=79304&u=4276452243&ev=PageView&fu=1a299be77f32b1d7f38749f0ca4ad133&p=index&ts=1658334130475&cd=%257B%257D&utmso=&utmmd=&utmcp=&utmct=&utmtm=&lib=JS&latest_ref=&latest_url=https%3A%2F%2Fqirancy.com%2F&customer_id=&is_login=false&session_id=s.1.1658334130476.58b84c9ec0805
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.10 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://qirancy.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:07 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 16:22:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
72dd08a03cc4fe48-HEL
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Wed, 20 Jul 2022 20:22:07 GMT
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.246 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-246.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
4f64adfe.520ae7e2
date
Wed, 20 Jul 2022 16:22:05 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-222-16-70.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-218.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
100,23.36.161.218
server-timing
cdn-cache; desc=MISS, edge; dur=103, origin; dur=7, inner; dur=3
pragma
no-cache
server
nginx
x-tt-logid
2022072016220501000204500773500202902BB4DF7
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.222.16.70
x-tt-trace-host
017426f44ba3b05c8f54b6602d9331d0dd1293a1504549923681b631b5f4e2d0afcddbf8bf9824b1bb150d9354d9f95fdc55eb14d18da887cc5b8cb40d5d54d319a28a4e058f3ac9179de35fef4c2d75d01e4e89bc7e4ac09972136256a6f6f2c22b2054c50f319f11b15215110b724bd2
expires
Wed, 20 Jul 2022 16:22:05 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=&hostname=qirancy.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.246 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-246.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b80f3aec5ad80f7d5fb64b9c4a804c470f531de95e6983abcea18f0780b052a6

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
5790c49b.520ae8bb
date
Wed, 20 Jul 2022 16:22:05 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-222-16-63.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-218.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
117,23.36.161.218
server-timing
cdn-cache; desc=MISS, edge; dur=102, origin; dur=22, inner; dur=2
content-length
19423
pragma
no-cache
server
nginx
x-tt-logid
2022072016220501000400300773500204100D1F081
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
22,23.222.16.63
x-tt-trace-host
017426f44ba3b05c8f54b6602d9331d0dd1293a1504549923681b631b5f4e2d0af0d565024f78d0c6829a522e4d0dd70db7f64d0bcabed94f28be019fed5c023d56661b8881001106f46bab882b622bf109da1922b40d1ce7ba02dd3f715282c17401db009ec0d6beeb6ebc2671f016cad
expires
Wed, 20 Jul 2022 16:22:05 GMT
a295651a39eeec663cd886029288393a710d3019.jpeg
img.cdncloud.top/uploader/ 		348 KB
349 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.cdncloud.top/uploader/a295651a39eeec663cd886029288393a710d3019.jpeg
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e343488f96408aea44782d62e4545685d02d996bb0ad6ef5be3c68552e997e8f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:05 GMT
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
sQcBVXuyHTAy72oyN67MDw==
age
7137
cf-polished
origSize=377981, status=webp_bigger
x-oss-request-id
62D80FCBFF3CAC39351F102E
last-modified
Sat, 25 Jun 2022 06:44:36 GMT
content-disposition
inline; filename="78768ffe1f988241b4d15a191979503c84b7c98601_78768"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
356587
x-oss-object-type
Normal
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"B10701557BB21D3032EF6A3237AECC0F"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
72dd089b1c67376f-HEL
x-oss-hash-crc64ecma
5233663427884978740
x-oss-server-time
29
expires
Wed, 20 Jul 2022 20:22:05 GMT
3d819d133cb434ff9cc5b02500d0b4ae63b01f6d.jpeg
img.cdncloud.top/uploader/ 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.cdncloud.top/uploader/3d819d133cb434ff9cc5b02500d0b4ae63b01f6d.jpeg
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
badac064c42cb3fb15e99081017de61afade4a42732ed459b57167b0ce610a5d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:05 GMT
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
zzkq7uEKX4HrZUXJCwQCUQ==
age
7137
cf-polished
origSize=133638, status=webp_bigger
x-oss-request-id
62D80FCBBA9D1033390BF30A
last-modified
Sat, 25 Jun 2022 06:44:40 GMT
content-disposition
inline; filename="78768f4de6a77eb5761207b26371e5f08f80b85627_78768"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
128283
x-oss-object-type
Normal
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"CF392AEEE10A5F81EB6545C90B040251"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
72dd089b1c68376f-HEL
x-oss-hash-crc64ecma
2687826651485913683
x-oss-server-time
24
expires
Wed, 20 Jul 2022 20:22:05 GMT
bca6021eaa1d41cd36f7cd6721801c7c21847841.jpeg
img.cdncloud.top/uploader/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.cdncloud.top/uploader/bca6021eaa1d41cd36f7cd6721801c7c21847841.jpeg
Requested by
Host: qirancy.com
URL: https://qirancy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee67da59a98b15eee7e5940b02e4d0d5664592c48e6a92caab1c9fefb3a55089

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://qirancy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:22:05 GMT
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
S6f4LKXCRExYYH2pPnz2Tg==
age
7137
cf-polished
origSize=165869, status=webp_bigger
x-oss-request-id
62D80FCB22F64B30346715F6
last-modified
Sat, 25 Jun 2022 06:44:38 GMT
content-disposition
inline; filename="78768b2768f736465dea6dc2962bb9f75304521208_78768"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
157513
x-oss-object-type
Normal
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"4BA7F82CA5C2444C58607DA93E7CF64E"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
72dd089b1c69376f-HEL
x-oss-hash-crc64ecma
15796676245734374267
x-oss-server-time
35
expires
Wed, 20 Jul 2022 20:22:05 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
719 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.246 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-246.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://qirancy.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
f7f8dfdb.520aec8b
date
Wed, 20 Jul 2022 16:22:05 GMT
x-cache-remote
TCP_MISS from a23-220-105-87.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-218.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
125,23.36.161.218
server-timing
cdn-cache; desc=MISS, edge; dur=124, origin; dur=30, inner; dur=9
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202207201622050100040030077350020420ACBE4C7
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
30,23.220.105.87
x-tt-trace-host
017426f44ba3b05c8f54b6602d9331d0dd1293a1504549923681b631b5f4e2d0afe6e995fc6679431e424241f75a1ec17a70b987b83d5c15410e4c49eb95e0149091043d71b6935f8dcb86495673e4ab67aa2e5de46d7a68548c4180caf5dcc0a7ab1fd468f383b25cb8c5a485c365ec1f
expires
Wed, 20 Jul 2022 16:22:05 GMT
cart
qirancy.com/buyer/ 		910 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://qirancy.com/buyer/cart
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540e356fc44fab690f8d9e6f8ed5d2aea3deb3f47263c614d598e4d7f990ab53

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://qirancy.com/
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 16:22:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cf-ray
72dd089e7fea990f-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
free-express
qirancy.com/buyer/express/ 		71 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://qirancy.com/buyer/express/free-express
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f11f657befbc50e25094542377231e5d487293a9b26c1d1d0c067ad6b66c19d5

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://qirancy.com/
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 16:22:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cf-ray
72dd08a03a83990f-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rum
qirancy.com/cdn-cgi/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://qirancy.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://qirancy.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
application/json

Response headers

date
Wed, 20 Jul 2022 16:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://qirancy.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
72dd08aea8c3990f-ARN
vary
Origin

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation number| dpr number| rem function| $ function| jQuery function| Swiper function| Fingerprint2 function| _createClass function| _classCallCheck function| _typeof object| NP_ENV object| $api object| $tracking boolean| isLazyLoad function| lazyLoad object| $asiabillPayment object| $xborderPayment string| TiktokAnalyticsObject object| ttq string| id function| setCookie function| getCookie string| clientId object| event_id_PageView function| fbq function| _fbq function| userLogin object| __cfBeacon object| $plug object| $http function| xtag function| sharetag function| conversionsApi object| $session object| jQuery1102029109678835253106 string| user_fingerprint object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly

10 Cookies

Domain/Path Name / Value
.qirancy.com/ Name: __cfruid
Value: 4e9cc25293f95737e75de8d1944b4c1ed94d97b1-1658334122
.qirancy.com/ Name: ssid
Value: 79304
.qirancy.com/ Name: utuni
Value: d78ea8b6d35e0d7789244c4f9cc1cb63f21ceb2f9a961a2a95ad77c2df6379b3a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A4276452243%3B%7D
.paypal.com/ Name: tsrce
Value: clientsdknodeweb
.paypal.com/ Name: l7_az
Value: dcg14.slc
.paypal.com/ Name: ts
Value: vreXpYrS%3D1753028523%26vteXpYrS%3D1658335923%26vr%3D1c6a97441820a2d1f20a598cfd619eed%26vt%3D1c6a97441820a2d1f20a598cfd619eec%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D1c6a97441820a2d1f20a598cfd619eed%26vt%3D1c6a97441820a2d1f20a598cfd619eec
.qirancy.com/ Name: client_id
Value: 1658334130029156
qirancy.com/ Name: ga_utm
Value: {}
.tiktok.com/ Name: _ttp
Value: 2CDPLR1UQFfBrhjfOQugpaZMvJk

1 Console Messages

Source Level URL
Text
network error URL: https://www.paypal.com/sdk/js?client-id=0&merchant-id=0&currency=USD&enable-funding=card,credit,paylater
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
at.alicdn.com
connect.facebook.net
img.cdncloud.top
qirancy.com
static-theme.cdncloud.top
static.cloudflareinsights.com
www.itaboola.com
www.paypal.com
103.160.204.10
103.160.204.4
104.18.17.176
151.101.65.21
23.36.163.246
2606:4700:440e::6812:2fe6
2a03:2880:f02d:12:face:b00c:0:3
8.45.52.250
0c5cc2a52627a859899dd766d22294b29bb0523f0b842215c5baa776fbf5952e
0d18c859b3b60b5e1f77185d440a61af49502a178edaaca66dd076d98af11890
0e3b4da50e6f3846f53aa553a6b7185cd07dd32f346ca6f987c9759e8380e1a1
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8
17accff499542caec138b081f007ff4d3409ca8b324db3c6d916ce2e1fad2a17
1a531863287ef363669d36fe8dc31793d32ce8fbc38b3eb18db50cc778b8cb6e
1eba8268d112d2903105c9b82da51799cd7467c382af9b3b94bcb41295d9c1dc
21d499734783809cfcf7354e04cf179447b8d5ac98f62575524f314fe0345171
3dacdee596e1bb252d671f8f0afb51c46981e37240c9d4b2377bb66129d4beec
43d0a062df3eccf50cf81f80ee88b7d37d7ccd3953a06e3b000e888ca11d2194
48fc0c00a491f69684ee6d9c1f4d3f18621273a37de49f460f28421eb1be26c7
540e356fc44fab690f8d9e6f8ed5d2aea3deb3f47263c614d598e4d7f990ab53
5bbf62ad203c1261b1f628721481e4d387b4d3bece69aa9328e7e49a98b39375
5f3eed8e891997529629227d479b1b9d83ae2e1bbaabbf499fcd22e4b303126c
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6ffe8936a0ddde0d13b4a50ea16d6cc647e2e1b43bca5b01b2cb78d67fd754fc
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7
7cd5bd3eea0170b3fd5874a4a576b93a1887af50c1e0b6b88d564202ea68ec91
7d4d9a300548af55e7e41339bfc6271c51fde7adc3cc4dd4635449e52c6a6011
7d81f3c3e1c65379bfdec8620a41bd87581d45677316e57becc16692b8737d3a
80aa3fe5432df59b7abab02e52151e388ee927734221eb102e6d44f6cf89f650
9158c942ad899cdee196355e6792afadd33e0b10f77c4a09c5fd2911fce61d04
9199abe21eabbc2a5687c9451c65aa462059bc4224e3fbf749cb449f6a9fb1d8
a91ec4e3e40185e8c894b5c158532373333331219b55f31b232895becd8e55ee
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b80f3aec5ad80f7d5fb64b9c4a804c470f531de95e6983abcea18f0780b052a6
b937c77a3a9fda104fa3a1cd772c90bbe7a897251f22986d28f14ffcbf80fade
badac064c42cb3fb15e99081017de61afade4a42732ed459b57167b0ce610a5d
c42a7f762dff0348a739456ab0f0fc990921471759a548edb183b146942c9b5f
cbbe5813f53cf337acc360952a5bc1c623f42abc4160fd0304eb230cad45a55b
e343488f96408aea44782d62e4545685d02d996bb0ad6ef5be3c68552e997e8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed6b5e28081145a7ebe3b4dae7517a87cfbcafca5974fa226edb3045f6f3f66a
ee67da59a98b15eee7e5940b02e4d0d5664592c48e6a92caab1c9fefb3a55089
f11f657befbc50e25094542377231e5d487293a9b26c1d1d0c067ad6b66c19d5
f2ef172aa4800b8232e983684503c2367e292ae8613839eb13517a6cae89620d
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505