urlscan.io logo urlscan.io
SecurityTrails logo

gqdm6.com Open in urlscan Pro
23.224.125.98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gqdm6.com/
Effective URL: https://gqdm6.com/
Submission: On May 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 30 HTTP transactions. The main IP is 23.224.125.98, located in United States and belongs to CNSERVERS, US. The main domain is gqdm6.com.
TLS certificate: Issued by R3 on March 27th 2024. Valid for: 3 months.
This is the only time gqdm6.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 23.224.125.98 40065 (CNSERVERS)
11 23.225.192.24 40065 (CNSERVERS)
1 220.169.152.49 4134 (CHINANET-...)
1 58.254.150.48 136958 (UNICOM-GU...)
4 14.215.183.79 4134 (CHINANET-...)
8 2404:2280:196... 24429 (TAOBAO Zh...)
1 103.235.46.40 55967 (BAIDU Bei...)
30 7
4    23.224.125.98 (United States)

ASN40065 (CNSERVERS, US)
gqdm6.com
11    23.225.192.24 (United States)

ASN40065 (CNSERVERS, US)
v456.xayrc.com
1    220.169.152.49 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
apps.bdimg.com
1    58.254.150.48 (Guangzhou, China)

ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN)
zz.bdstatic.com
4    14.215.183.79 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
hm.baidu.com
8    2404:2280:196:0:3::7e5 (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
lz.sinaimg.cn
1    103.235.46.40 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
sp0.baidu.com
Apex Domain
Subdomains		 Transfer
11 xayrc.com
v456.xayrc.com
40 KB
8 sinaimg.cn
lz.sinaimg.cn — Cisco Umbrella Rank: 310324
504 KB
5 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10507
sp0.baidu.com — Cisco Umbrella Rank: 30298
24 KB
4 gqdm6.com
gqdm6.com
21 KB
1 bdstatic.com
zz.bdstatic.com — Cisco Umbrella Rank: 43573
553 B
1 bdimg.com
apps.bdimg.com — Cisco Umbrella Rank: 165505
34 KB
30 6
Domain Requested by
11 v456.xayrc.com gqdm6.com
v456.xayrc.com
8 lz.sinaimg.cn gqdm6.com
4 hm.baidu.com gqdm6.com
4 gqdm6.com gqdm6.com
1 sp0.baidu.com gqdm6.com
1 zz.bdstatic.com gqdm6.com
1 apps.bdimg.com gqdm6.com
30 7

This site contains links to these domains. Also see Links.

Domain
v.ddtu8.com
susudm2.com
mgg520.tv
Subject Issuer Validity Valid
www.susudm3.com
R3		 2024-03-27 -
2024-06-25		 3 months crt.sh
v456.xayrc.com
R3		 2024-04-20 -
2024-07-19		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
*.weibo.cn
GeoTrust CN RSA CA G1		 2023-12-06 -
2025-01-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://gqdm6.com/
Frame ID: C098CD7C02F6039A24C5688F308561B8
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://gqdm6.com/ HTTP 307
    https://gqdm6.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

87 %
HTTPS

14 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

623 kB
Transfer

851 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gqdm6.com/ HTTP 307
    https://gqdm6.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gqdm6.com/
Redirect Chain
  • http://gqdm6.com/
  • https://gqdm6.com/
81 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gqdm6.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.125.98 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
26ebec6b6d64a67b307068df62721c6548529a2b7eeb0f64011d18b187cf857d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 May 2024 13:37:50 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Location
https://gqdm6.com/
Non-Authoritative-Reason
HttpsUpgrades
stylec_7.css
v456.xayrc.com/zz/css/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v456.xayrc.com/zz/css/stylec_7.css?1.5
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.225.192.24 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Tengine /
Resource Hash
454de0c6bf712959c39c385d44c05be9b7905d9ccc3d156afd20cbf3985204a9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 13:30:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 04:09:57 GMT
server
Tengine
etag
W/"63916395-8392"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 20 May 2024 01:30:56 GMT
h5-slider-3.css
v456.xayrc.com/zz/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v456.xayrc.com/zz/css/h5-slider-3.css?1.5
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.225.192.24 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Tengine /
Resource Hash
6560f7ef0ccb5d1990e0a63fbd5e1061bd6e3a9cfac9cfd7d0f2dfc06adf8918

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 13:30:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 04:09:57 GMT
server
Tengine
etag
W/"63916395-3ba4"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 20 May 2024 01:30:56 GMT
wxv.js
v456.xayrc.com/f/ 		1 KB
910 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v456.xayrc.com/f/wxv.js?1.7
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.225.192.24 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Tengine /
Resource Hash
1c66b8eaebd8c8fb52380c0a92eb1c6c5cac8b51b886cb1a1cc5260ece64bec3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 13:30:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 04:09:58 GMT
server
Tengine
etag
W/"63916396-443"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 20 May 2024 01:30:56 GMT
jquery.min.js
apps.bdimg.com/libs/jquery/1.7.2/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.bdimg.com/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
220.169.152.49 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 13:37:52 GMT
content-encoding
br
ohc-cache-hit
yy2ct76 [2], xiangyctcache62 [2]
ohc-response-time
1 0 0 0 0 0
last-modified
Wed, 07 Jan 2015 09:16:30 GMT
server
JSP3/2.0.14
age
521128
etag
"54acf96e-1727b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
accept-ranges
bytes
ohc-global-saved-time
Fri, 26 Apr 2024 05:19:09 GMT
expires
Sun, 26 May 2024 05:19:09 GMT
jquery.lazyload.min.js
v456.xayrc.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v456.xayrc.com/f/jquery.lazyload.min.js
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.225.192.24 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Tengine /
Resource Hash
93b47be8dc356454f920599dabd4ba6830e60776cae2f9b073b6c7732b4c8bcf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 13:30:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 04:09:58 GMT
server
Tengine
etag
W/"63916396-d36"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 20 May 2024 01:30:56 GMT
common.js
v456.xayrc.com/zz/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v456.xayrc.com/zz/js/common.js
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.225.192.24 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Tengine /
Resource Hash
8c7e725353c984af34b62d19aa305edf98a5d53a72271de6d538f6709ca19b87

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 13:30:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 04:09:58 GMT
server
Tengine
etag
W/"63916396-37c9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 20 May 2024 01:30:56 GMT
function.js
v456.xayrc.com/zz/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v456.xayrc.com/zz/js/function.js
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.225.192.24 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Tengine /
Resource Hash
ada449ebd9283cd81910321f043d949b54af50fd28730f39e7705eec1ce9374f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 13:30:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 04:09:58 GMT
server
Tengine
etag
W/"63916396-4201"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 20 May 2024 01:30:56 GMT
history.js
v456.xayrc.com/zz/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v456.xayrc.com/zz/js/history.js?1.2
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.225.192.24 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Tengine /
Resource Hash
fbfea7295f6ec647e0501ced67b3592c81b2a0457ec9417b08bdbe71648838a2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 13:30:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 04:09:58 GMT
server
Tengine
etag
W/"63916396-1747"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 20 May 2024 01:30:56 GMT
load.gif
gqdm6.com/pic/ 		830 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gqdm6.com/pic/load.gif
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.125.98 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
8ee8940d44a1d7cb5c30071e4ababac0a79726f74d10a8fdb12417bc7df42a5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 13:37:50 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 23 Oct 2023 10:10:56 GMT
server
nginx
etag
"653646b0-33e"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
830
expires
Tue, 18 Jun 2024 13:37:50 GMT
head.js
v456.xayrc.com/mf/ 		2 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v456.xayrc.com/mf/head.js?1.2
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.225.192.24 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Tengine /
Resource Hash
1aafc6b95923d908bef6566f796986649c180cedb2e83db8542366af55b1a32a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 13:30:57 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 04:09:57 GMT
server
Tengine
etag
W/"63916395-6d7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 20 May 2024 01:30:57 GMT
tt6.js
v456.xayrc.com/f/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v456.xayrc.com/f/tt6.js?2.5
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.225.192.24 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Tengine /
Resource Hash
ce4497edbae64777deacdd4a79d25e728aef113b6bf09f58398acccb1bd3f2a5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 13:30:57 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 04:09:58 GMT
server
Tengine
etag
W/"63916396-3f0b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 20 May 2024 01:30:57 GMT
load.gif
gqdm6.com/pic/ 		830 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gqdm6.com/pic/load.gif
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.125.98 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
8ee8940d44a1d7cb5c30071e4ababac0a79726f74d10a8fdb12417bc7df42a5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 13:37:52 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 23 Oct 2023 10:10:56 GMT
server
nginx
etag
"653646b0-33e"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
830
expires
Tue, 18 Jun 2024 13:37:52 GMT
ico.png
v456.xayrc.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v456.xayrc.com/images/ico.png
Requested by
Host: v456.xayrc.com
URL: https://v456.xayrc.com/zz/css/stylec_7.css?1.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.225.192.24 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Tengine /
Resource Hash
513d6ef72e74d979011c4816dee1d5307dc4603f06854106590f4cfebb0f7fc2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://v456.xayrc.com/zz/css/stylec_7.css?1.5
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 13:30:57 GMT
last-modified
Thu, 08 Dec 2022 04:09:58 GMT
server
Tengine
etag
"63916396-13cd"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5069
expires
Tue, 18 Jun 2024 13:30:57 GMT
login.png
v456.xayrc.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v456.xayrc.com/images/login.png
Requested by
Host: v456.xayrc.com
URL: https://v456.xayrc.com/zz/css/stylec_7.css?1.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.225.192.24 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Tengine /
Resource Hash
c88c6e6b43636d6ebe8be7cd995e4477909d155e9eed67ffe498cca05bfb39b6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://v456.xayrc.com/zz/css/stylec_7.css?1.5
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 13:30:57 GMT
last-modified
Thu, 08 Dec 2022 04:09:58 GMT
server
Tengine
etag
"63916396-c8d"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3213
expires
Tue, 18 Jun 2024 13:30:57 GMT
push.js
zz.bdstatic.com/linksubmit/ 		308 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zz.bdstatic.com/linksubmit/push.js
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
58.254.150.48 Guangzhou, China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 13:37:53 GMT
content-encoding
br
tracecode
03912446500287414026051915
ohc-response-time
1 0 0 0 0 0
last-modified
Sat, 20 Apr 2024 14:10:23 GMT
server
JSP3/2.0.14
age
22967
etag
"6623cccf-134"
ohc-cache-hit
gz3un62 [2], zhuzuncache52 [2]
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
ohc-global-saved-time
Sun, 19 May 2024 07:06:31 GMT
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?a42b56b2756fabf169fccd17d6046794
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
143c1390ee24caebda80fdd2f087f1a8a6c103df6e46ad468df7ef08eae65d72
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 19 May 2024 13:37:53 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
696940840e205b892388e8c299b5994e
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11258
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?e1ad3de3f92aeed1bf0ba6f39ee01ea6
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
f05d3916135252caaefad03504f0eac568494c5aa9df0b251991557302894efb
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 19 May 2024 13:37:54 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
9d5f742db2681907a93e161fbb6c6d03
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11254
0076NW5Ngy1ge3ztw2rdej307i0b90uy.jpg
lz.sinaimg.cn/mw690/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lz.sinaimg.cn/mw690/0076NW5Ngy1ge3ztw2rdej307i0b90uy.jpg
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:196:0:3::7e5 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
44f480a52800cb4e0de0fb697850969c88659a827e8026e6818ad08eeec697a0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 21 Mar 2024 14:17:59 GMT
x-fc-max-memory-usage
86.70
via
cache29.l2us1[0,0,200-0,H], cache20.l2us1[1,0], ens-cache16.se2[0,0,200-0,H], ens-cache5.se2[3,0]
x-oss-request-id
65FC41971CB9E83936C6D8F6
x-fc-invocation-duration
4
age
5095195
x-swift-cachetime
4262035
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-fc-request-id
65FC41971CB9E83936C6D8F6
x-oss-cdn-auth
success
x-swift-savetime
Sat, 11 May 2024 06:24:04 GMT
content-length
56616
x-via-cdn
f=aliyun,s=ens-cache5.se2,c=2001:1b60:2:240:3247::7;
x-request-id
1-64f4922a-a861ba3e11e9a2c2d753c9f3
pragma
public
last-modified
Mon, 08 Jul 2013 18:06:40 GMT
server
Tengine
x-debug-hit
sto(56616,0.009)
etag
1-ef3894702546693f619aef385379f5ab
ali-swift-global-savetime
1711030679
content-type
image/jpeg
access-control-expose-headers
Date,x-fc-request-id,x-fc-error-type,x-fc-code-checksum,x-fc-invocation-duration,x-fc-max-memory-usage,x-fc-log-result,x-fc-invocation-code-version,x-fc-instance-id
cache-control
max-age=864000
x-fc-instance-id
c-657852f2-e100aa9552ab4a2f93d0
timing-allow-origin
*
x-fc-code-checksum
1750841129494459279
eagleid
2ff62c9917161258743577811e
x-fc-invocation-service-version
113
expires
Sun, 31 Mar 2024 14:17:59 GMT
8a65eec0gy1hnu9mdyrx1j207i0amgmz.jpg
lz.sinaimg.cn/large/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lz.sinaimg.cn/large/8a65eec0gy1hnu9mdyrx1j207i0amgmz.jpg
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:196:0:3::7e5 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4851b644d05cb9a162479cb9143d00f74d047ee7cbf36acc390c6d28076e49c9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 17 Mar 2024 12:35:43 GMT
via
cache6.l2us1[0,0,200-0,H], cache35.l2us1[1,0], ens-cache7.se2[0,0,200-0,H], ens-cache5.se2[2,0]
x-oss-request-id
65F6E39F3D441B3033749157
age
5446931
x-swift-cachetime
3873508
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-fc-request-id
65F6E39F3D441B3033749157
x-oss-cdn-auth
success
x-swift-savetime
Sat, 11 May 2024 16:37:15 GMT
content-length
60915
x-via-cdn
f=aliyun,s=ens-cache5.se2,c=2001:1b60:2:240:3247::7;
last-modified
Mon, 08 Jul 2013 18:06:40 GMT
server
Tengine
x-debug-hit
sto(60915,35.000)
etag
"1-7a3284fa3dae7d97b2301bf12ba95bd4"
ali-swift-global-savetime
1710678943
content-type
image/jpeg
cache-control
max-age=864000
timing-allow-origin
*
eagleid
2ff62c9917161258743587814e
x-oss-server-time
62
expires
Wed, 27 Mar 2024 12:35:43 GMT
8a65eec0gy1heostehk58j207i0aimxl.jpg
lz.sinaimg.cn/large/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lz.sinaimg.cn/large/8a65eec0gy1heostehk58j207i0aimxl.jpg
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:196:0:3::7e5 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
b684cad925b89cea3d7cfb3ca84b1b0272e852fcfdd7676647c9e71f9ace96c5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 23 Apr 2024 05:44:14 GMT
date
Sat, 13 Apr 2024 05:44:14 GMT
via
cache25.l2us1[0,0,304-0,H], cache29.l2us1[1,0], ens-cache8.se2[0,0,200-0,H], ens-cache5.se2[1,0]
x-fc-max-memory-usage
120.61
x-oss-request-id
661A1BAEA8317D36386AEA4D
x-fc-invocation-duration
3
age
3138820
x-swift-cachetime
5526099
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-fc-request-id
661A1BAEA8317D36386AEA4D
x-oss-cdn-auth
success
x-swift-savetime
Sun, 19 May 2024 06:42:35 GMT
content-length
26254
x-via-cdn
f=aliyun,s=ens-cache5.se2,c=2001:1b60:2:240:3247::7;
pragma
public
last-modified
Mon, 08 Jul 2013 18:06:40 GMT
server
Tengine
x-debug-hit
sto(26254,93.000)
etag
"1-c1a7a2c3ad4c4ec738d452e118087436"
ali-swift-global-savetime
1712987054
content-type
image/jpeg
access-control-expose-headers
Date,x-fc-request-id,x-fc-error-type,x-fc-code-checksum,x-fc-invocation-duration,x-fc-max-memory-usage,x-fc-log-result,x-fc-invocation-code-version,x-fc-instance-id
cache-control
max-age=864000
x-fc-instance-id
c-65c86e66-13f77bca-e7ecdcfda732
timing-allow-origin
*
x-fc-code-checksum
6696395370898988471
eagleid
2ff62c9917161258743597815e
x-fc-invocation-service-version
124
x-oss-server-time
113
8a65eec0gy1hnu9ffpercj207i0aidh4.jpg
lz.sinaimg.cn/large/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lz.sinaimg.cn/large/8a65eec0gy1hnu9ffpercj207i0aidh4.jpg
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:196:0:3::7e5 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2607dc9265870e52b9f57e62e56819348526b24fb790b3a312c0f89bffe05204

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 09:32:26 GMT
via
cache7.l2us1[0,0,200-0,H], cache15.l2us1[1,0], ens-cache20.se2[0,0,200-0,H], ens-cache5.se2[3,0]
x-oss-request-id
663DE9AACB1CB03031D25F34
age
792328
x-swift-cachetime
8528909
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-fc-request-id
663DE9AACB1CB03031D25F34
x-oss-cdn-auth
success
x-swift-savetime
Sat, 11 May 2024 16:23:57 GMT
content-length
57747
x-via-cdn
f=aliyun,s=ens-cache5.se2,c=2001:1b60:2:240:3247::7;
last-modified
Mon, 08 Jul 2013 18:06:40 GMT
server
Tengine
x-debug-hit
sto(57747,108.000)
etag
"1-d605f0dbb1719267a007a38def4d3af8"
ali-swift-global-savetime
1715333546
content-type
image/jpeg
cache-control
max-age=864000
timing-allow-origin
*
eagleid
2ff62c9917161258743577812e
x-oss-server-time
127
expires
Mon, 20 May 2024 09:32:26 GMT
8a65eec0gy1hnu9pubhpzj207i0aldgz.jpg
lz.sinaimg.cn/large/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lz.sinaimg.cn/large/8a65eec0gy1hnu9pubhpzj207i0aldgz.jpg
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:196:0:3::7e5 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2daa565535ced4e326349ecdfdcfc148157b9f2c949c1e0963b0a88253ec2fa0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 17 Mar 2024 12:36:47 GMT
via
cache33.l2us1[0,0,200-0,H], cache32.l2us1[1,0], ens-cache11.se2[0,0,200-0,H], ens-cache5.se2[1,0]
x-oss-request-id
65F6E3DFA905253530247E59
age
5446867
x-swift-cachetime
3869677
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-fc-request-id
65F6E3DFA905253530247E59
x-oss-cdn-auth
success
x-swift-savetime
Sat, 11 May 2024 17:42:10 GMT
content-length
52643
x-via-cdn
f=aliyun,s=ens-cache5.se2,c=2001:1b60:2:240:3247::7;
last-modified
Mon, 08 Jul 2013 18:06:40 GMT
server
Tengine
x-debug-hit
sto(52643,23.000)
etag
"1-90d982022321bdfc978ec10562d90bf5"
ali-swift-global-savetime
1710679007
content-type
image/jpeg
cache-control
max-age=864000
timing-allow-origin
*
eagleid
2ff62c9917161258743597816e
x-oss-server-time
44
expires
Wed, 27 Mar 2024 12:36:47 GMT
006si4WOgy1gfjzighv73j307i0apjry.jpg
lz.sinaimg.cn/large/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lz.sinaimg.cn/large/006si4WOgy1gfjzighv73j307i0apjry.jpg
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:196:0:3::7e5 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c56fa250c6d20bf37a28ae9ecdf94c2c1d89f9e639dfa48e2029ad50047dcd51

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 04 Mar 2024 12:50:34 GMT
x-fc-max-memory-usage
44.36
via
cache35.l2us1[0,3,200-0,H], cache16.l2us1[5,0], ens-cache6.se2[0,0,200-0,H], ens-cache5.se2[2,0]
x-oss-request-id
65E5C39A0C33C134385999D4
x-fc-invocation-duration
28
age
6569240
x-swift-cachetime
2781003
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-fc-request-id
65E5C39A0C33C134385999D4
x-oss-cdn-auth
success
x-swift-savetime
Sat, 11 May 2024 08:20:31 GMT
content-length
30616
x-via-cdn
f=aliyun,s=ens-cache5.se2,c=2001:1b60:2:240:3247::7;
x-request-id
1-6561ed41-abbb816258d186220df300a3
pragma
public
last-modified
Mon, 08 Jul 2013 18:06:40 GMT
server
Tengine
etag
"1-8630b6ce44630abe9433e2267a5a0afc"
ali-swift-global-savetime
1709556634
content-type
image/jpeg
access-control-expose-headers
Date,x-fc-request-id,x-fc-error-type,x-fc-code-checksum,x-fc-invocation-duration,x-fc-max-memory-usage,x-fc-log-result,x-fc-invocation-code-version,x-fc-instance-id
cache-control
max-age=864000
x-fc-instance-id
c-6561e368-4e3c59dc8a4e4675a184
timing-allow-origin
*
x-fc-code-checksum
17799519912393595615
eagleid
2ff62c9917161258743607817e
x-fc-invocation-service-version
117
expires
Thu, 14 Mar 2024 12:50:34 GMT
8a65eec0gy1hnu2yvkycdj207i0alwij.jpg
lz.sinaimg.cn/large/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lz.sinaimg.cn/large/8a65eec0gy1hnu2yvkycdj207i0alwij.jpg
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:196:0:3::7e5 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
3cf701a2ab9774f54311e4a478ab7b7aa752ea7b86b5f20063fad6bbc09aba5a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 16:15:43 GMT
via
cache25.l2us1[0,15,200-0,H], cache8.l2us1[17,0], ens-cache17.se2[0,0,200-0,H], ens-cache5.se2[1,0]
x-oss-request-id
663A53AFD725663132E9F06C
age
1027331
x-swift-cachetime
8329035
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-fc-request-id
663A53AFD725663132E9F06C
x-oss-cdn-auth
success
x-swift-savetime
Sat, 11 May 2024 06:38:28 GMT
content-length
159671
x-via-cdn
f=aliyun,s=ens-cache5.se2,c=2001:1b60:2:240:3247::7;
last-modified
Mon, 08 Jul 2013 18:06:40 GMT
server
Tengine
x-debug-hit
sto(159671,95.000)
etag
"1-f4072cee07d35661d19a2f65bcd34697"
ali-swift-global-savetime
1715098543
content-type
image/jpeg
cache-control
max-age=864000
timing-allow-origin
*
eagleid
2ff62c9917161258744607868e
x-oss-server-time
125
expires
Fri, 17 May 2024 16:15:43 GMT
8a65eec0gy1hnu2wwikuwj207i0aljsx.jpg
lz.sinaimg.cn/large/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lz.sinaimg.cn/large/8a65eec0gy1hnu2wwikuwj207i0aljsx.jpg
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:196:0:3::7e5 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
5956aa2a9f03caa41e362d32c1b6058a8ba81172f8a6a4aa184883e86c30353a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 04:40:02 GMT
via
cache11.l2us1[0,0,200-0,H], cache36.l2us1[1,0], ens-cache2.se2[0,0,200-0,H], ens-cache5.se2[1,0]
x-oss-request-id
66137522BA007A3232EC3C30
age
3574672
x-swift-cachetime
5783154
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-fc-request-id
66137522BA007A3232EC3C30
x-oss-cdn-auth
success
x-swift-savetime
Sat, 11 May 2024 06:14:08 GMT
content-length
67167
x-via-cdn
f=aliyun,s=ens-cache5.se2,c=2001:1b60:2:240:3247::7;
last-modified
Mon, 08 Jul 2013 18:06:40 GMT
server
Tengine
x-debug-hit
sto(67167,50.000)
etag
"1-966066171ebf5abdddf25d27709e4407"
ali-swift-global-savetime
1712551202
content-type
image/jpeg
cache-control
max-age=864000
timing-allow-origin
*
eagleid
2ff62c9917161258744607869e
x-oss-server-time
74
expires
Thu, 18 Apr 2024 04:40:02 GMT
s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://gqdm6.com/
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.40 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 19 May 2024 13:37:56 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1241750208&si=a42b56b2756fabf169fccd17d6046794&v=1.3.0&lv=1&sn=26364&r=0&ww=1600&u=https%3A%2F%2Fgqdm6.com%2F&tt=%E5%8A%A8%E7%94%BB%E4%B8%8B%E8%BD%BD_%E6%A8%B1%E8%8A%B1%E5%8A%A8%E6%BC%AB%E4%B8%8B%E8%BD%BD_%E5%8A%A8%E7%94%BB%E5%9C%A8%E7%BA%BF%E6%92%AD%E6%94%BE%20-%20%E9%80%9F%E9%80%9F%E5%8A%A8%E6%BC%AB
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 19 May 2024 13:37:56 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=2074532139&si=e1ad3de3f92aeed1bf0ba6f39ee01ea6&v=1.3.0&lv=1&sn=26365&r=0&ww=1600&u=https%3A%2F%2Fgqdm6.com%2F&tt=%E5%8A%A8%E7%94%BB%E4%B8%8B%E8%BD%BD_%E6%A8%B1%E8%8A%B1%E5%8A%A8%E6%BC%AB%E4%B8%8B%E8%BD%BD_%E5%8A%A8%E7%94%BB%E5%9C%A8%E7%BA%BF%E6%92%AD%E6%94%BE%20-%20%E9%80%9F%E9%80%9F%E5%8A%A8%E6%BC%AB
Requested by
Host: gqdm6.com
URL: https://gqdm6.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 19 May 2024 13:37:55 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
favicon.ico
gqdm6.com/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gqdm6.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.125.98 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
e588ad4da610824b6e8a0f2a09b4ad385492efc9d27aead238bb8f4ee2627a23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gqdm6.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 13:37:56 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 23 Oct 2023 10:10:56 GMT
server
nginx
etag
"653646b0-10be"
content-type
image/x-icon
accept-ranges
bytes
content-length
4286

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| isWeiXin function| isMobile boolean| is_qq number| qq_m undefined| URL_1 string| sitePath function| $ function| jQuery function| AJAX function| checkAll function| checkOthers function| textareasize function| set function| view function| hide function| getScroll function| HtmlEncode function| getElementsByName function| closeWin function| openWindow function| openWindow2 function| selectTogg function| checkInput function| copyToClipboard function| getUrlArgs function| setTab function| $$ function| Order object| ajax function| reportErr function| viewComment function| submitComment function| diggVideo function| treadVideo function| diggNews function| treadNews function| alertFrontWin function| getAspParas function| getHtmlParas function| handleParas function| regexpSplice function| getPageValue function| getPageGoUrl function| goSearchPage function| goCascadePage function| leaveWord function| getVideoHit function| getNewsHit function| markscore0 function| showpf function| markscore1 function| markNews2 function| markNews function| markVideo2 function| markVideo function| addFavorite function| setHome function| addFace function| openWin function| loadSlide function| stringReplaceAll function| addRemoteFavor object| base64DecodeChars function| base64decode object| $MH number| _btn_ty_1 function| setTab_2 function| addjs function| mredirect function| checknj function| isiphone function| isfeijisu function| isqqweb function| showdd function| addddj function| hidebaidu2 function| baocuo function| getval string| w string| h function| openplay function| openplay_load function| CheckPlayTypeOk function| is_weixn function| is_iPad function| showplay2 function| showplaytext11 function| showplaytext44 function| showplaytext33 function| showt0 function| showplaytext22 function| showplaytextjm function| showplaytextzz function| showplaytextother string| finalurl number| g_i4 string| g_ifrmaurl number| g_r_height number| g_layer function| goplay function| goplay2 object| jQuery17209718596270795545 boolean| _bdhm_loaded_a42b56b2756fabf169fccd17d6046794 object| _hmt object| mini_tangram_log_a3xpio boolean| _bdhm_loaded_e1ad3de3f92aeed1bf0ba6f39ee01ea6 object| mini_tangram_log_yemx53

5 Cookies

Domain/Path Name / Value
.gqdm6.com/ Name: Hm_lvt_a42b56b2756fabf169fccd17d6046794
Value: 1716125874
.gqdm6.com/ Name: Hm_lpvt_a42b56b2756fabf169fccd17d6046794
Value: 1716125874
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 7A9294DC4406B309
.gqdm6.com/ Name: Hm_lvt_e1ad3de3f92aeed1bf0ba6f39ee01ea6
Value: 1716125875
.gqdm6.com/ Name: Hm_lpvt_e1ad3de3f92aeed1bf0ba6f39ee01ea6
Value: 1716125875

20 Console Messages

Source Level URL
Text
security warning URL: https://gqdm6.com/
Message:
Mixed Content: The page at 'https://gqdm6.com/' was loaded over HTTPS, but requested an insecure element 'http://lz.sinaimg.cn/mw690/0076NW5Ngy1ge3ztw2rdej307i0b90uy.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gqdm6.com/
Message:
Mixed Content: The page at 'https://gqdm6.com/' was loaded over HTTPS, but requested an insecure element 'http://lz.sinaimg.cn/large/8a65eec0gy1hnu9mdyrx1j207i0amgmz.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gqdm6.com/
Message:
Mixed Content: The page at 'https://gqdm6.com/' was loaded over HTTPS, but requested an insecure element 'http://lz.sinaimg.cn/large/8a65eec0gy1heostehk58j207i0aimxl.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gqdm6.com/
Message:
Mixed Content: The page at 'https://gqdm6.com/' was loaded over HTTPS, but requested an insecure element 'http://lz.sinaimg.cn/large/8a65eec0gy1hnu9ffpercj207i0aidh4.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gqdm6.com/
Message:
Mixed Content: The page at 'https://gqdm6.com/' was loaded over HTTPS, but requested an insecure element 'http://lz.sinaimg.cn/large/8a65eec0gy1hnu9pubhpzj207i0aldgz.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gqdm6.com/
Message:
Mixed Content: The page at 'https://gqdm6.com/' was loaded over HTTPS, but requested an insecure element 'http://lz.sinaimg.cn/large/006si4WOgy1gfjzighv73j307i0apjry.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gqdm6.com/
Message:
Mixed Content: The page at 'https://gqdm6.com/' was loaded over HTTPS, but requested an insecure element 'http://lz.sinaimg.cn/large/8a65eec0gy1hnu2yvkycdj207i0alwij.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gqdm6.com/
Message:
Mixed Content: The page at 'https://gqdm6.com/' was loaded over HTTPS, but requested an insecure element 'http://lz.sinaimg.cn/large/8a65eec0gy1hnu2wwikuwj207i0aljsx.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other warning URL: https://gqdm6.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning URL: https://gqdm6.com/
Message:
Mixed Content: The page at 'https://gqdm6.com/' was loaded over HTTPS, but requested an insecure element 'http://lz.sinaimg.cn/mw690/0076NW5Ngy1ge3ztw2rdej307i0b90uy.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gqdm6.com/
Message:
Mixed Content: The page at 'https://gqdm6.com/' was loaded over HTTPS, but requested an insecure element 'http://lz.sinaimg.cn/large/8a65eec0gy1hnu9ffpercj207i0aidh4.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gqdm6.com/
Message:
Mixed Content: The page at 'https://gqdm6.com/' was loaded over HTTPS, but requested an insecure element 'http://lz.sinaimg.cn/large/8a65eec0gy1hnu9mdyrx1j207i0amgmz.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gqdm6.com/
Message:
Mixed Content: The page at 'https://gqdm6.com/' was loaded over HTTPS, but requested an insecure element 'http://lz.sinaimg.cn/large/8a65eec0gy1heostehk58j207i0aimxl.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gqdm6.com/
Message:
Mixed Content: The page at 'https://gqdm6.com/' was loaded over HTTPS, but requested an insecure element 'http://lz.sinaimg.cn/large/8a65eec0gy1hnu9pubhpzj207i0aldgz.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gqdm6.com/
Message:
Mixed Content: The page at 'https://gqdm6.com/' was loaded over HTTPS, but requested an insecure element 'http://lz.sinaimg.cn/large/006si4WOgy1gfjzighv73j307i0apjry.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gqdm6.com/
Message:
Mixed Content: The page at 'https://gqdm6.com/' was loaded over HTTPS, but requested an insecure element 'http://lz.sinaimg.cn/large/8a65eec0gy1hnu2yvkycdj207i0alwij.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://gqdm6.com/
Message:
Mixed Content: The page at 'https://gqdm6.com/' was loaded over HTTPS, but requested an insecure element 'http://lz.sinaimg.cn/large/8a65eec0gy1hnu2wwikuwj207i0aljsx.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other warning URL: https://gqdm6.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gqdm6.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gqdm6.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.bdimg.com
gqdm6.com
hm.baidu.com
lz.sinaimg.cn
sp0.baidu.com
v456.xayrc.com
zz.bdstatic.com
103.235.46.40
14.215.183.79
220.169.152.49
23.224.125.98
23.225.192.24
2404:2280:196:0:3::7e5
58.254.150.48
143c1390ee24caebda80fdd2f087f1a8a6c103df6e46ad468df7ef08eae65d72
1aafc6b95923d908bef6566f796986649c180cedb2e83db8542366af55b1a32a
1c66b8eaebd8c8fb52380c0a92eb1c6c5cac8b51b886cb1a1cc5260ece64bec3
2607dc9265870e52b9f57e62e56819348526b24fb790b3a312c0f89bffe05204
26ebec6b6d64a67b307068df62721c6548529a2b7eeb0f64011d18b187cf857d
2daa565535ced4e326349ecdfdcfc148157b9f2c949c1e0963b0a88253ec2fa0
3cf701a2ab9774f54311e4a478ab7b7aa752ea7b86b5f20063fad6bbc09aba5a
44f480a52800cb4e0de0fb697850969c88659a827e8026e6818ad08eeec697a0
454de0c6bf712959c39c385d44c05be9b7905d9ccc3d156afd20cbf3985204a9
4851b644d05cb9a162479cb9143d00f74d047ee7cbf36acc390c6d28076e49c9
513d6ef72e74d979011c4816dee1d5307dc4603f06854106590f4cfebb0f7fc2
5956aa2a9f03caa41e362d32c1b6058a8ba81172f8a6a4aa184883e86c30353a
6560f7ef0ccb5d1990e0a63fbd5e1061bd6e3a9cfac9cfd7d0f2dfc06adf8918
8c7e725353c984af34b62d19aa305edf98a5d53a72271de6d538f6709ca19b87
8ee8940d44a1d7cb5c30071e4ababac0a79726f74d10a8fdb12417bc7df42a5a
93b47be8dc356454f920599dabd4ba6830e60776cae2f9b073b6c7732b4c8bcf
ada449ebd9283cd81910321f043d949b54af50fd28730f39e7705eec1ce9374f
b684cad925b89cea3d7cfb3ca84b1b0272e852fcfdd7676647c9e71f9ace96c5
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
c56fa250c6d20bf37a28ae9ecdf94c2c1d89f9e639dfa48e2029ad50047dcd51
c88c6e6b43636d6ebe8be7cd995e4477909d155e9eed67ffe498cca05bfb39b6
ce4497edbae64777deacdd4a79d25e728aef113b6bf09f58398acccb1bd3f2a5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e588ad4da610824b6e8a0f2a09b4ad385492efc9d27aead238bb8f4ee2627a23
f05d3916135252caaefad03504f0eac568494c5aa9df0b251991557302894efb
fbfea7295f6ec647e0501ced67b3592c81b2a0457ec9417b08bdbe71648838a2