GET 3dqd.com/img/2/meituxiuxiu2203.gif
200 OK 5.7 MB URL GET 3dqd.com/img/2/meituxiuxiu2203.gif
IP
File type GIF image data, version 89a, 800 x 450
Size 5.7 MB (5684725 bytes)
Hash b8033d9dff40e4b97cf79fb4e3623f71
b93f8f51243061224409d4635232e8a7bfa6e8a3
4cd86e58411ef3e1e2f02a29bc9d94d14d437ff13be87c99bca54b52afcfa308
GET /img/2/meituxiuxiu2203.gif HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:09 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 06 Nov 2024 22:09:04 GMT
Vary: Accept-Encoding
ETag: W/"672be900-56bdf5"
Expires: Thu, 15 May 2025 12:01:19 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5c%2BlqxX79TH8Plr9bBo2Ck5Qjyv9CoYAUzIg0vIOD0i3UYFki%2F8pWlI%2B%2F5VIvdCwam%2FTw7odGegTeqzERKdmxKXrrEkV7VtOKNRlNpzo2cmyFONOgzJGtkHp0g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b496089ad56c0-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1224&min_rtt=414&rtt_var=1245&sent=73&recv=19&lost=0&retrans=1&sent_bytes=87771&recv_bytes=4984&delivery_rate=19862825&cwnd=256&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/js/n5vxi33om5vgs.script
200 OK 120 B URL GET 3dqd.com/js/n5vxi33om5vgs.script
IP
File type ASCII text, with no line terminators
Hash 2618d5ca43a58e34aa8cef4a7c58bc9f
9df6bc13062277aed0acc9a43ec4541ae67e040d
c4be8cf28d733cc383fc19202750b026779a2a91bc9efaaa365bbb3b6abd40e3
GET /js/n5vxi33om5vgs.script HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 15 Apr 2025 12:01:07 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2BynltdzTvHdFW0vjLIuGoT2RduSepNVN9A8wDW77zD%2FHiS%2FonKcsSFOBX%2FRLvGV5EAj8noRlzPpOC4UEbEbHbYLFf16a%2Bx7CmyZovR%2FQ2Mzz6%2BLWDeA3e5JGg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b49511c99b51b-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=611&min_rtt=493&rtt_var=193&sent=16&recv=12&lost=0&retrans=0&sent_bytes=11016&recv_bytes=3242&delivery_rate=8660287&cwnd=256&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET hhapk777.getehu.com/3391/1372/1372-960x80.gif
200 OK 386 kB URL GET hhapk777.getehu.com/3391/1372/1372-960x80.gif
IP
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
Certificate IssuerLet's Encrypt
Subjecthhapk777.getehu.com
FingerprintD7:25:02:89:AB:0D:42:B4:BA:ED:AE:71:62:1C:14:A7:1E:46:64:D4
ValidityMon, 24 Feb 2025 09:20:42 GMT - Sun, 25 May 2025 09:20:41 GMT
File type GIF image data, version 89a, 960 x 80
Size 386 kB (385649 bytes)
Hash 99420771ab574e6197a995c28a8e22fb
eb51cd497134b44e1c957b10caf4d2c9569668a5
e0f9613ae55c18751ed65c2b466290eec01e4d71bc4881c52d71578456582d8a
GET /3391/1372/1372-960x80.gif HTTP/1.1
Host: hhapk777.getehu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 385649
strict-transport-security: max-age=5184000
date: Thu, 10 Apr 2025 01:03:30 GMT
expires: Sat, 10 May 2025 01:03:30 GMT
cache-control: max-age=2592000
last-modified: Mon, 20 Jan 2025 07:20:43 GMT
vary: Accept-Encoding
etag: "678df94b-5e271"
accept-ranges: bytes
via: cache24.l2cn3147[0,0,200-0,H], cache18.l2cn3147[6,0], kunlun9.cn7140[0,0,200-0,H], kunlun10.cn7140[2,0]
age: 471458
ali-swift-global-savetime: 1744247010
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Mon, 14 Apr 2025 18:43:28 GMT
x-swift-cachetime: 2182802
timing-allow-origin: *
eagleid: 6f035b1e17447184686013388e
X-Firefox-Spdy: h2
GET img.blkj58.com/images/5d10ab57-6bce-4701-bd02-2651093a4571
302 Found 273 kB URL GET img.blkj58.com/images/5d10ab57-6bce-4701-bd02-2651093a4571
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectimg.blkj58.com
FingerprintB6:48:36:B4:69:43:47:29:16:B4:8C:B6:D4:D8:5A:88:F5:CD:64:48
ValidityWed, 09 Apr 2025 06:06:00 GMT - Tue, 08 Jul 2025 06:05:59 GMT
Size 273 kB (273082 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/5d10ab57-6bce-4701-bd02-2651093a4571 HTTP/1.1
Host: img.blkj58.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 15 Apr 2025 12:01:07 GMT
content-length: 0
location: https://cbu01.alicdn.com/img/ibank/O1CN016r5T9B1Bs332MacCU_!!0-1-cib.gif
server: BunnyCDN-SG1-1274
cdn-pullzone: 3585066
cdn-uid: 8a1e3a5b-fc2a-4295-8794-fe818b65c954
cdn-requestcountrycode: NO
access-control-allow-headers: *
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: *
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cdn-proxyver: 1.22
cdn-requestpullsuccess: True
cdn-requestpullcode: 302
cdn-cachedat: 04/14/2025 14:35:21
cdn-edgestorageid: 1274
cdn-requestid: bc335ec2540caaeec3a1895845015c8e
cdn-cache: HIT
cdn-status: 302
cdn-requesttime: 0
X-Firefox-Spdy: h2
GET v.xn--xhq326aj6yqpw.com/e20241129_2017_1.gif
200 OK 85 kB URL GET v.xn--xhq326aj6yqpw.com/e20241129_2017_1.gif
IP
Certificate IssuerLet's Encrypt
Subjectxn--xhq326aj6yqpw.com
Fingerprint6B:20:84:49:E3:1D:75:3A:0C:9D:62:F5:43:07:B9:14:13:24:2F:71
ValidityWed, 02 Apr 2025 14:07:52 GMT - Tue, 01 Jul 2025 14:07:51 GMT
File type GIF image data, version 89a, 150 x 150
Hash 5d7789307718c0a7e1fde11be46dbf24
9819f03d806e2562b08a1861e26db9c57e66c577
42aa8416b9dcd2ab1b891430b7bcba273e4bf009e437966c1e1f01616e51ff0c
GET /e20241129_2017_1.gif HTTP/1.1
Host: v.xn--xhq326aj6yqpw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 15 Apr 2025 12:01:08 GMT
content-type: image/gif
content-length: 84648
server: cloudflare
accept-ranges: bytes
last-modified: Fri, 29 Nov 2024 12:23:03 GMT
etag: "6749b227-14aa8"
expires: Sat, 10 May 2025 06:53:01 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 450487
cf-ray: 930b495afdc1b51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cbu01.alicdn.com/img/ibank/O1CN01H1QWaQ1Bs32GB17XZ_!!0-1-cib.gif
200 OK 417 kB URL GET cbu01.alicdn.com/img/ibank/O1CN01H1QWaQ1Bs32GB17XZ_!!0-1-cib.gif
IP
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintDA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5
ValidityThu, 06 Mar 2025 10:12:19 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type GIF image data, version 89a, 200 x 200
Size 417 kB (416881 bytes)
Hash dc8ff108f0a8d2faa220b9fdac680589
7b861f20bd0e553e2427984aba8e55491515404f
23cb555b99f9f5d8e13380227ef7da4ca264a905a920f80bcfc14dcbef130668
GET /img/ibank/O1CN01H1QWaQ1Bs32GB17XZ_!!0-1-cib.gif HTTP/1.1
Host: cbu01.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 416881
date: Fri, 21 Feb 2025 06:57:55 GMT
last-modified: Fri, 21 Feb 2025 06:52:05 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.014
traceid: a3b5319717401210752482241e
x-powered-by: Picasso
picasso-image-type: normal
picasso-fmt: gif2
cache-control: max-age=31536000
via: cache24.l2fr1[0,0,200-0,H], cache40.l2fr1[2,0], ens-cache23.fr6[0,0,200-0,H], ens-cache26.fr6[1,0]
access-control-allow-origin: *
age: 4597394
ali-swift-global-savetime: 1740121075
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 11 Apr 2025 18:14:29 GMT
x-swift-cachetime: 27261806
timing-allow-origin: *
eagleid: a3b5fdae17447184696661582e
X-Firefox-Spdy: h2
GET 3dqd.com/img/2/meituxiuxiu2412.gif
200 OK 393 kB URL GET 3dqd.com/img/2/meituxiuxiu2412.gif
IP
File type GIF image data, version 89a, 960 x 540
Size 393 kB (393216 bytes)
Hash a202ff6497141f7af55eb0f49ddf9cbd
9a7dbcdf19cc76ba1700e6d33e8ede40293257e7
b5052442307f410954b3e8371e91b1a75a53ec73bafabb73c5c7d35c143ced4e
GET /img/2/meituxiuxiu2412.gif HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:09 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 06 Nov 2024 22:16:22 GMT
Vary: Accept-Encoding
ETag: W/"672beab6-60000"
Expires: Thu, 15 May 2025 12:01:19 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cmo8WMZDtA8UzP76I0%2FLiMYtyvW6tIqvRhU0NxJyCrj82%2BTp920sL9iAMAgqWoY0Xlv2oagPgQl6pXIrKeXmWtMorMzRXShdrk1hf7UP6IjeyxksG81hdNlCIg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b49608b6eb517-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=3302&min_rtt=476&rtt_var=3420&sent=61&recv=24&lost=0&retrans=1&sent_bytes=71348&recv_bytes=4216&delivery_rate=9535967&cwnd=254&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
POST 3dqd.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1700021385:1744716463:hXw2LP8nSaYAV1tYbuE5mWl0MFYLd1_0_ZVTQANrT0Y/930b49100a697127/oPmW.2w43fozOlc8.ODIYi6WWDaWRI.r.QimOEL7yfc-1744718456-1.2.1.1-oIBStiYpedC1cA91nrOHNpsaizzPYJffWlpy8hqoKBV1NF_Pei7MnLivnq_VR9il
200 OK 16 kB URL POST 3dqd.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1700021385:1744716463:hXw2LP8nSaYAV1tYbuE5mWl0MFYLd1_0_ZVTQANrT0Y/930b49100a697127/oPmW.2w43fozOlc8.ODIYi6WWDaWRI.r.QimOEL7yfc-1744718456-1.2.1.1-oIBStiYpedC1cA91nrOHNpsaizzPYJffWlpy8hqoKBV1NF_Pei7MnLivnq_VR9il
IP
File type ASCII text, with very long lines (16392), with no line terminators
Hash 7ad93b45ed4575a56b6d470309a7c78f
fac34c5f8fd81ce629f0be06d98fbf48e731372a
a420b7e11158f140c729fbd814e4fe83c13786e42f34d9ebf6dcf28aa3fc5306
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1700021385:1744716463:hXw2LP8nSaYAV1tYbuE5mWl0MFYLd1_0_ZVTQANrT0Y/930b49100a697127/oPmW.2w43fozOlc8.ODIYi6WWDaWRI.r.QimOEL7yfc-1744718456-1.2.1.1-oIBStiYpedC1cA91nrOHNpsaizzPYJffWlpy8hqoKBV1NF_Pei7MnLivnq_VR9il HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://3dqd.com/
cf-chl: oPmW.2w43fozOlc8.ODIYi6WWDaWRI.r.QimOEL7yfc-1744718456-1.2.1.1-oIBStiYpedC1cA91nrOHNpsaizzPYJffWlpy8hqoKBV1NF_Pei7MnLivnq_VR9il
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 2038
Origin: http://3dqd.com
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:00:56 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: WBxpLWe6Z2cW32VgoM+8lrIWsok4yVIQEsdRXZjK67c=$EHLtn1p2+3lDhgI4XjmE/g==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ToHyCw4dHnHYMcrvEfz5rq34pLgOGg446ntrEf4ovBq6q5%2FJQflLvTgpbRbvBtpnw5RTANQW%2BPxw9ifef59VDUlwYIt1zrVYE7QeA3I8TVXj4U7dQbp%2B%2FoDr%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b4913d9a8568f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=2390&min_rtt=2390&rtt_var=1195&sent=2&recv=5&lost=0&retrans=0&sent_bytes=0&recv_bytes=2835&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/3m3b8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/
200 OK 28 kB URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/3m3b8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/
IP
Certificate IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28
ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File type HTML document, ASCII text, with very long lines (22054)
Hash 94a9a8f9ae3e9d7534574e94e45f5358
d8038ec078b7f744f452a5e1c15ea3cce0832ebd
8b9648111a30cbc4d3d755f88dbcc5821f68125ca6cb98f6fa6d35998e15b552
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/3m3b8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 15 Apr 2025 12:00:57 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: default-src 'none'; script-src 'nonce-NwormxXF8ubPREXn' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
priority: u=4,i=?0
server: cloudflare
cf-ray: 930b49151df256ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET 3dqd.com/statics/okav/static/fonts/pxibyp8kv8jhgfvrlej6z1xlfq.woff2
200 OK 8.0 kB URL GET 3dqd.com/statics/okav/static/fonts/pxibyp8kv8jhgfvrlej6z1xlfq.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /statics/okav/static/fonts/pxibyp8kv8jhgfvrlej6z1xlfq.woff2 HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/statics/okav/static/css/stylesheet.css
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:07 GMT
Content-Type: font/woff2
Content-Length: 8000
Connection: keep-alive
Last-Modified: Wed, 05 Jun 2024 23:15:00 GMT
ETag: "6660f174-1f40"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bx1YgZr3mEfZIBlemG50agQt4W0Svaio7%2BQBrxWeMKSt0adLkUrDGmEBtRtgzfmlyjM6%2BvqZXccK2kMKq%2FnVQDT5qDXABcfnbVOBq7nE6FK1X0lEPtX2CIp2lg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 930b4952fc84b517-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=2059&min_rtt=476&rtt_var=1247&sent=52&recv=22&lost=0&retrans=0&sent_bytes=62224&recv_bytes=3391&delivery_rate=9535967&cwnd=254&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/js/lbkee.script
200 OK 9.6 kB IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 9a746c6f62e1def29f7f3f7eb054bfde
16575d45d4ed914036592f53591342a584d58958
a1511b6a1931672c5e8ab521a5438f8e5eae1b122753951ac95569808b045a16
GET /js/lbkee.script HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 15 Apr 2025 12:01:06 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2BUl%2BecqFqQjz2AgowFVdy4r9NRGFN%2FbYCH2rXH7rriQh5XGIYfFTTzJB0lcjKw8MlcxLr9gDKiIwkjwi16zmOell124ntM47HEFaH4V80xHb4O1JXkX%2BuGTtw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b494bec26b51b-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=551&min_rtt=493&rtt_var=156&sent=6&recv=8&lost=0&retrans=0&sent_bytes=3715&recv_bytes=1624&delivery_rate=8382054&cwnd=253&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/statics/okav/static/picture/0.gif
200 OK 43 B URL GET 3dqd.com/statics/okav/static/picture/0.gif
IP
File type GIF image data, version 89a, 1 x 1
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /statics/okav/static/picture/0.gif HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:07 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Wed, 05 Jun 2024 23:15:12 GMT
ETag: "6660f180-2b"
Expires: Thu, 15 May 2025 12:01:17 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lSArEoVQxIgb2f%2FOO7BjOhVpQBx%2F5JRuwUCUpxHZPbOW63ZMMMgc4I14kwEbg2YQz56VrBZXxyMAhq8ae%2F5c489qJUUpZovSkWWdXCTv2zOvWqDwoygaf77xcw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 930b49534f9656cb-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1305&min_rtt=415&rtt_var=438&sent=50&recv=24&lost=0&retrans=0&sent_bytes=60259&recv_bytes=3277&delivery_rate=38105263&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/statics/okav/static/js/modernizr-3.5.0.js
200 OK 93 kB URL GET 3dqd.com/statics/okav/static/js/modernizr-3.5.0.js
IP
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (35576)
Hash 344cd468764399d95638b2d70d9024eb
6052715dbb98031608f2786553137438dba76df2
f5427eada130f045783f250d76c0e39f9264460b16e2b5775a87ab70a2d48f36
GET /statics/okav/static/js/modernizr-3.5.0.js HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 Jun 2024 23:15:10 GMT
Vary: Accept-Encoding
ETag: W/"6660f17e-16a51"
Expires: Wed, 16 Apr 2025 00:01:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QiVt5Z2ScXq2ggJFiGIYTsgfYU%2FhIKs4Q5aIOQLTn2YmY6wfrhzgmpWWyNcupYedlpUImA%2B4dtPHP0l1zjPRke4hU0yzoTBnHAtnC9WsPFxUaPYUDCfaKE39rw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b494f5e6bb517-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1677&min_rtt=476&rtt_var=368&sent=24&recv=19&lost=0&retrans=0&sent_bytes=25336&recv_bytes=2459&delivery_rate=9535967&cwnd=254&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET v.xn--xhq326aj6yqpw.com/e20241129_2010_1.gif
200 OK 51 kB URL GET v.xn--xhq326aj6yqpw.com/e20241129_2010_1.gif
IP
Certificate IssuerLet's Encrypt
Subjectxn--xhq326aj6yqpw.com
Fingerprint6B:20:84:49:E3:1D:75:3A:0C:9D:62:F5:43:07:B9:14:13:24:2F:71
ValidityWed, 02 Apr 2025 14:07:52 GMT - Tue, 01 Jul 2025 14:07:51 GMT
File type GIF image data, version 89a, 350 x 200
Hash 8409be7b288e59aa3425e07ace0df045
62a70ecbcb78cbf94037f423f4c2fdad15bc095a
6006973cc12c732b4c7739f2b72199712b27ed50a6b382028ca3a0c944576f47
GET /e20241129_2010_1.gif HTTP/1.1
Host: v.xn--xhq326aj6yqpw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 15 Apr 2025 12:01:09 GMT
content-type: image/gif
content-length: 51379
server: cloudflare
accept-ranges: bytes
last-modified: Fri, 29 Nov 2024 12:18:56 GMT
etag: "6749b130-c8b3"
expires: Mon, 12 May 2025 06:27:24 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 279225
cf-ray: 930b49608d5bb51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET 3dqd.com/img/2/meituxiuxiu3156.gif
200 OK 1.5 MB URL GET 3dqd.com/img/2/meituxiuxiu3156.gif
IP
File type GIF image data, version 89a, 250 x 342
Size 1.5 MB (1544142 bytes)
Hash 00a8831b7d99cf3a6425cea05d35729a
9c09495412fda06ced2a41ad7c10bd1b9c4e5b33
7d19443024933ebe4c88e01a102efce40c3a312b494bff95598b220f4f983c8c
GET /img/2/meituxiuxiu3156.gif HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:09 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 06 Nov 2024 21:35:18 GMT
Vary: Accept-Encoding
ETag: W/"672be116-178fce"
Expires: Thu, 15 May 2025 12:01:19 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cgNMLzTqV6iQwoi%2FJJgCnhPPgEFZylFWOgMXWIPwMMCCHfxkyZR%2FYILMXFEPx%2BE7Eqvq5yYsyDCPqv1JKbCbdqIYDmBoSvzxuBLN8XW08XlgAwDoY7ppKWOXzw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b49608e6656cb-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=6298&min_rtt=415&rtt_var=10314&sent=52&recv=26&lost=0&retrans=0&sent_bytes=61245&recv_bytes=4102&delivery_rate=38105263&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET challenges.cloudflare.com/turnstile/v0/b/580ba44007a6/api.js?onload=cvpQy6&render=explicit
200 OK 48 kB URL GET challenges.cloudflare.com/turnstile/v0/b/580ba44007a6/api.js?onload=cvpQy6&render=explicit
IP
Certificate IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28
ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File type JavaScript source, ASCII text, with very long lines (48122)
Hash d00e161860ff36cf8482d4768e280cab
a6d5b477886524767e67d3edee385cd2c9f41a54
ca540bf2ebcfb08c9c8c92512c58707f1a62a572efd7ac409cba2229b55f012c
GET /turnstile/v0/b/580ba44007a6/api.js?onload=cvpQy6&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://3dqd.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 15 Apr 2025 12:00:56 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 04 Apr 2025 13:58:27 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 930b4912cfe156b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET img.mresou.com/img/23082401.gif%3E%3C/a%3E%3Cdiv%3E%E6%88%90%E4%BA%BA%E6%8A%96%E9%98%B4%3C/div%3E%3C/div%3E%3Cdiv%20style=
404 Not Found 0 B URL GET img.mresou.com/img/23082401.gif%3E%3C/a%3E%3Cdiv%3E%E6%88%90%E4%BA%BA%E6%8A%96%E9%98%B4%3C/div%3E%3C/div%3E%3Cdiv%20style=
IP
Certificate IssuerGoogle Trust Services
Subjectmresou.com
Fingerprint83:14:AB:DE:AB:A3:E4:94:B2:49:5F:1D:3E:DA:B6:4F:4F:EC:8F:3D
ValidityWed, 19 Feb 2025 07:20:45 GMT - Tue, 20 May 2025 08:13:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/23082401.gif%3E%3C/a%3E%3Cdiv%3E%E6%88%90%E4%BA%BA%E6%8A%96%E9%98%B4%3C/div%3E%3C/div%3E%3Cdiv%20style= HTTP/1.1
Host: img.mresou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Tue, 15 Apr 2025 12:01:08 GMT
content-type: text/html
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 930b4959494e0b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET 3dqd.com/statics/okav/static/fonts/pxibyp8kv8jhgfvrlcz7z1xlfq.woff2
200 OK 7.8 kB URL GET 3dqd.com/statics/okav/static/fonts/pxibyp8kv8jhgfvrlcz7z1xlfq.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /statics/okav/static/fonts/pxibyp8kv8jhgfvrlcz7z1xlfq.woff2 HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/statics/okav/static/css/stylesheet.css
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:07 GMT
Content-Type: font/woff2
Content-Length: 7816
Connection: keep-alive
Last-Modified: Wed, 05 Jun 2024 23:15:10 GMT
ETag: "6660f17e-1e88"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F5OmThQNp4SFFG8O6HJeGtqeceGXQD%2FO604ZLG8uNlzInbGQCcCC3mgFW58%2B9b7ccSdAyqTCMbwszTpChnJ0gKmZ2bSReVD6zTxLuKZJApJgXsFWSU%2Fcaz288g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 930b4951feee568f-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=565&rtt_var=656&sent=66&recv=61&lost=0&retrans=0&sent_bytes=65081&recv_bytes=15629&delivery_rate=20909747&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET v.xn--xhq326aj6yqpw.com/gif/e20240611_1719_1.gif
200 OK 73 kB URL GET v.xn--xhq326aj6yqpw.com/gif/e20240611_1719_1.gif
IP
Certificate IssuerLet's Encrypt
Subjectxn--xhq326aj6yqpw.com
Fingerprint6B:20:84:49:E3:1D:75:3A:0C:9D:62:F5:43:07:B9:14:13:24:2F:71
ValidityWed, 02 Apr 2025 14:07:52 GMT - Tue, 01 Jul 2025 14:07:51 GMT
File type GIF image data, version 89a, 300 x 200
Hash c1554e98b402fd448cd4e6800cd7d567
b8c90dad8a07440a6dc26a00eab16cff7e16cc35
aeab67c39ca595b74dce315a126403e540c0033ccd5fd96b57203105577e66f2
GET /gif/e20240611_1719_1.gif HTTP/1.1
Host: v.xn--xhq326aj6yqpw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 15 Apr 2025 12:01:09 GMT
content-type: image/gif
content-length: 72965
server: cloudflare
accept-ranges: bytes
last-modified: Tue, 11 Jun 2024 09:20:41 GMT
etag: "666816e9-11d05"
expires: Mon, 12 May 2025 11:20:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 261614
cf-ray: 930b49608d5fb51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET seyoutupian.dqntwl.com/960x80.gif
200 OK 340 kB URL GET seyoutupian.dqntwl.com/960x80.gif
IP
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
Certificate IssuerTrustAsia Technologies, Inc.
Subjectseyoutupian.dqntwl.com
Fingerprint7A:F2:37:B4:6E:3A:C4:DC:54:0F:0E:73:13:92:E8:DF:8D:9B:97:44
ValidityMon, 24 Feb 2025 00:00:00 GMT - Sat, 24 May 2025 23:59:59 GMT
File type GIF image data, version 89a, 960 x 80
Size 340 kB (339723 bytes)
Hash b58b6b1221c88b281476b143f8065afd
8ab029042de18f365e0d885beb43f16f34231a38
e98878d5096bfda3db02eadb4a30edbaf518b62f2ff997b417429cf5291e2fb2
GET /960x80.gif HTTP/1.1
Host: seyoutupian.dqntwl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 339723
strict-transport-security: max-age=5184000
date: Wed, 09 Apr 2025 09:03:05 GMT
expires: Fri, 09 May 2025 09:03:05 GMT
cache-control: max-age=2592000
last-modified: Wed, 12 Feb 2025 08:43:53 GMT
vary: Accept-Encoding
etag: "67ac5f49-52f0b"
accept-ranges: bytes
via: cache49.l2cn3132[0,0,200-0,H], cache50.l2cn3132[1,0], kunlun16.cn7140[0,0,200-0,H], kunlun20.cn7140[1,0]
age: 529084
ali-swift-global-savetime: 1744189385
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Mon, 14 Apr 2025 17:08:43 GMT
x-swift-cachetime: 2130862
timing-allow-origin: *
eagleid: 6f035b2817447184698558148e
X-Firefox-Spdy: h2
GET 3dqd.com/favicon.ico
403 Forbidden 5.7 kB IP
File type HTML document, ASCII text, with very long lines (5690), with no line terminators
Hash c64300a054453cca9bbb56ae5df17833
d7feaa8fc323efdcefabfcf7b021ecc14a1dba10
c7e699348f25fef5383ccaffd849d464b3b5a4a212b71f57314d9bb4ff1a250b
GET /favicon.ico HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://3dqd.com/?__cf_chl_rt_tk=ynoA3tU.qpz4EgV9foYqUzAC5C54ZVEpQS2Ncy3ODYM-1744718456-1.0.1.1-RF_BQfhrPWPL5rt._TtU8Lpyp44KUFJWW9Ck1rjpJbw
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 15 Apr 2025 12:00:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bZuvQWerQepIrsaiiW9kSX65HXrzQwf5BYVz%2B%2FfcDsIgO1461MLmvVlestBTf9OMCaS50D5k8fT7qYkwkSJxXIjgIi4%2FyR%2FGl5v4pUQ%2FnwW9baMUZ8wWPqMX2g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 930b49117b83569a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: chlray;desc="930b49117b83569a", cfL4;desc="?proto=TCP&rtt=656&min_rtt=492&rtt_var=88&sent=29&recv=23&lost=0&retrans=0&sent_bytes=36543&recv_bytes=968&delivery_rate=27473214&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/favicon.ico
403 Forbidden 5.5 kB IP
File type HTML document, ASCII text, with very long lines (5541), with no line terminators
Hash a1c29feb7ad9011d78f034fa46d974c0
cbec07114f51fc12d3ec1e1f7306f322f35edb39
eddde5385f3c272201c49613b3db59fb689cbd45ec8750618714d6b3f416d0a7
GET /favicon.ico HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://3dqd.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 15 Apr 2025 12:00:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fVOeLzypH4eYCh41bWkktSy0R0QpOMcxYh4KGXlYt1tiOY7NoNb6sPckVpVtJFgM5l7J8NxN3mg%2B5cNh%2BkPrwTcFDVdLXAm0jviWnCnIkhhDuTdklezA%2BBVMtA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 930b49122c2856be-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: chlray;desc="930b49122c2856be", cfL4;desc="?proto=TCP&rtt=511&min_rtt=511&rtt_var=255&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=341&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/930b49151df256ca/1744718457830/-T4-46KqcKhL5lx
200 OK 61 B URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/930b49151df256ca/1744718457830/-T4-46KqcKhL5lx
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/3m3b8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/
Certificate IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28
ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File type PNG image data, 90 x 21, 8-bit/color RGB, non-interlaced
Hash cba517ef0a0f4975ab498b82f8aed12a
829743669ed4cbd26002ecd3e05f3e5b44f29f12
232d922ac0b1072919dcb2d5c0a5c06ba4ad6bffcd9ec18bd2fc5cb62188f64d
GET /cdn-cgi/challenge-platform/h/b/d/930b49151df256ca/1744718457830/-T4-46KqcKhL5lx HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/3m3b8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 15 Apr 2025 12:01:01 GMT
content-type: image/png
content-length: 61
priority: u=4,i=?0
server: cloudflare
cf-ray: 930b492e2f0956ca-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
200 OK 72 kB IP
File type HTML document, Unicode text, UTF-8 text, with very long lines (535)
Hash cc372b022794cfa131d4dde0dddce12b
c1f7357bce787328ba81cea5772c0ff4dca68cf8
a79ab58f576e02d82de5648b9784f7c717d54310786d41bed3cca21f8ba6d2cd
POST / HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://3dqd.com/?__cf_chl_tk=ynoA3tU.qpz4EgV9foYqUzAC5C54ZVEpQS2Ncy3ODYM-1744718456-1.0.1.1-RF_BQfhrPWPL5rt._TtU8Lpyp44KUFJWW9Ck1rjpJbw
Content-Type: application/x-www-form-urlencoded
Content-Length: 2478
Origin: http://3dqd.com
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:05 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 15 Apr 2025 12:01:05 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3f2RYgOgVpHoiKcqZzqI3hwa%2B5rN5%2FVuqgV%2FgKSIzxZ29pKamqvMBGFeWZfKXYyg3bsc73BZhE5JnPlPyy7bbi4Q9Or6bQMtQqPSAAN1FtVbdWfG4VhQXB726g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b49460e58568f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1373&min_rtt=690&rtt_var=359&sent=22&recv=29&lost=0&retrans=0&sent_bytes=18415&recv_bytes=11473&delivery_rate=10673218&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/statics/okav/static/css/bootstrap.min.css
200 OK 197 kB URL GET 3dqd.com/statics/okav/static/css/bootstrap.min.css
IP
File type ASCII text, with very long lines (679)
Size 197 kB (196961 bytes)
Hash f8eb4df4e4eea6de69c6c63e648bb1b2
b53d3b5a6cb3849606939c9641e6429eb9dbc281
79f3f5378bc3ebec7fc45ef75600a19b410c71f6f2623995f3cdf9ca69957a2e
GET /statics/okav/static/css/bootstrap.min.css HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 06 Nov 2024 09:31:24 GMT
Vary: Accept-Encoding
ETag: W/"672b376c-30161"
Expires: Wed, 16 Apr 2025 00:01:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VAZvP4Lp%2FF9JLBWTmzcOsl8QpqnW7TbWiWQdEqUtDwAxhc%2FbCgP%2F4Vu8qmKAUilQ46sHT3QwoC9emYkff4N52ecCk6p8fIBw3LweitVdSxD%2FVbHq4KZnCzvB5g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b49492ad2568f-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=969&min_rtt=668&rtt_var=355&sent=30&recv=37&lost=0&retrans=0&sent_bytes=26809&recv_bytes=12307&delivery_rate=13389696&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/statics/okav/static/css/responsive.css
200 OK 14 kB URL GET 3dqd.com/statics/okav/static/css/responsive.css
IP
Hash 00fc10a06017cb8a7fea2ec1f91797f7
fb6f9d867fba0b322b4f7819521f04a74049a9ca
d41e391915c319670f057c209afaf5012086aca6e19d0d27723e8acc20adabaf
GET /statics/okav/static/css/responsive.css HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:05 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 Jun 2024 23:14:56 GMT
Vary: Accept-Encoding
ETag: W/"6660f170-351b"
Expires: Wed, 16 Apr 2025 00:01:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jT55afP7GIuUP9iKRSp3Ay58zndsGWcNdmDnZxsVaANV78LGEinyOkRMOtEgx9ulEOnv%2Bm03wlgjT0gxa7XPvuTOySO0Y5t%2FdptBXVAxduvf939%2Fua59Du9XZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b49492848b51b-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=493&min_rtt=493&rtt_var=246&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=831&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/favicon.png
200 OK 19 kB IP
File type PNG image data, 534 x 180, 8-bit/color RGBA, non-interlaced
Hash 9839a50d5e879d1e410b1947d664189e
eb7fd5f9c667c0c69528e86c50a8d2c461c87b2c
17b1ae7fd5059dcb106973e707dd1fccf410514187cd9df343c2af12dad77f37
GET /favicon.png HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:07 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 04 Nov 2024 09:53:44 GMT
Vary: Accept-Encoding
ETag: W/"672899a8-4b41"
Expires: Thu, 15 May 2025 12:01:17 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bMXfIx%2BlDyR2VRJC5ey9vV3MuFgvE3A%2BU2r%2Bv88iOdsQPmhlhr%2F6Hryw0IjN1uTtdxvKc2vAcmjXnWhz%2Bzo1G9uOeJvDl9aSUz2aEhV1A%2BvFMqhsXP1FV0ftXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b49528fb356a5-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=787&min_rtt=426&rtt_var=278&sent=33&recv=18&lost=0&retrans=0&sent_bytes=30655&recv_bytes=4053&delivery_rate=23654609&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET v.xn--xhq326aj6yqpw.com/e20241129_2040_2.gif
200 OK 57 kB URL GET v.xn--xhq326aj6yqpw.com/e20241129_2040_2.gif
IP
Certificate IssuerLet's Encrypt
Subjectxn--xhq326aj6yqpw.com
Fingerprint6B:20:84:49:E3:1D:75:3A:0C:9D:62:F5:43:07:B9:14:13:24:2F:71
ValidityWed, 02 Apr 2025 14:07:52 GMT - Tue, 01 Jul 2025 14:07:51 GMT
File type GIF image data, version 89a, 960 x 80
Hash 731da5859a5a9f13280e80e993acc109
82865fe0c3c18319e309307abc2a3e4da1eb1fef
249c4e6939cb6e27b8c337c63c8d057736c7929df6e2f3c468c87331eca2ae56
GET /e20241129_2040_2.gif HTTP/1.1
Host: v.xn--xhq326aj6yqpw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 15 Apr 2025 12:01:08 GMT
content-type: image/gif
content-length: 56558
server: cloudflare
accept-ranges: bytes
last-modified: Fri, 29 Nov 2024 12:41:53 GMT
etag: "6749b691-dcee"
expires: Tue, 29 Apr 2025 14:19:00 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1374128
cf-ray: 930b495b1de7b51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET img.blkj58.com/images/c4c8451c-31d5-4c62-9a95-ce39f8f8073e
302 Found 417 kB URL GET img.blkj58.com/images/c4c8451c-31d5-4c62-9a95-ce39f8f8073e
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectimg.blkj58.com
FingerprintB6:48:36:B4:69:43:47:29:16:B4:8C:B6:D4:D8:5A:88:F5:CD:64:48
ValidityWed, 09 Apr 2025 06:06:00 GMT - Tue, 08 Jul 2025 06:05:59 GMT
Size 417 kB (416881 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/c4c8451c-31d5-4c62-9a95-ce39f8f8073e HTTP/1.1
Host: img.blkj58.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 15 Apr 2025 12:01:07 GMT
content-length: 0
location: https://cbu01.alicdn.com/img/ibank/O1CN01H1QWaQ1Bs32GB17XZ_!!0-1-cib.gif
server: BunnyCDN-SG1-1274
cdn-pullzone: 3585066
cdn-uid: 8a1e3a5b-fc2a-4295-8794-fe818b65c954
cdn-requestcountrycode: NO
access-control-allow-headers: *
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: *
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cdn-proxyver: 1.22
cdn-requestpullsuccess: True
cdn-requestpullcode: 302
cdn-cachedat: 04/14/2025 14:37:33
cdn-edgestorageid: 1274
cdn-requestid: 84a288ce6e1fe6ff3e4ce74ebb9ed5f3
cdn-cache: HIT
cdn-status: 302
cdn-requesttime: 0
X-Firefox-Spdy: h2
GET 3dqd.com/js/jrgq.script
200 OK 1.1 kB IP
File type HTML document, Unicode text, UTF-8 text, with very long lines (353), with CRLF line terminators
Hash 95a9f55b6d047e47cbf099d9eb689a4f
f23f37a70d0628123afd7caa6154a1b392b3d395
78601dcbdfa694ab9398f8aa7ce497123dd4f016c1a60c274109a939fbcc5093
GET /js/jrgq.script HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 15 Apr 2025 12:01:07 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G1KNQi4io23ZmVpvAdZeBUN%2B5jLuH1M4B32g1odWWXjoRekNdcPbSIJw%2FIikArmk%2FufTY%2BETY1zKJouQf5z2Vv%2Fhx4FXh14OrmnT3u7prYmebe4zETcgp8INYg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b4950bb8256cb-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1403&min_rtt=415&rtt_var=427&sent=47&recv=22&lost=0&retrans=0&sent_bytes=58815&recv_bytes=2444&delivery_rate=38105263&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
403 Forbidden 5.5 kB IP
File type HTML document, ASCII text, with very long lines (5508), with no line terminators
Hash 057491fcdad7834da6cc7cc565306a33
ec2a5d5c2273c471ce7441dc2ef9a3fd06a701ee
265ee9dd1cffda0ad77c285870209aa41a58e33158489b8306a0f8a660a34a43
GET / HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 15 Apr 2025 12:00:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ElTCQt3eBHmc0JdbShCN%2BVG2h7hPkBkymQ8J93uH2ofzdvVlhXq5AzmeEFpTDHyo%2BMPBJqrd99qWzPbZ4PsSKBS6xBIL9rzRFq10vILJSJKWTQKUEqRPfgJ0%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 930b49100a697127-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: chlray;desc="930b49100a697127", cfL4;desc="?proto=TCP&rtt=477&min_rtt=477&rtt_var=238&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=393&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=930b49100a697127
200 OK 95 kB URL GET 3dqd.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=930b49100a697127
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 176c017bc2c873782569b1454f5dc8b1
9249fe689f4086012190e37aecf21fe02c40a988
2b21d005e5982e3ce587643da9235fd0ad9f8e08a4734fd04a05df5f0f1c07a6
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=930b49100a697127 HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://3dqd.com/?__cf_chl_rt_tk=ynoA3tU.qpz4EgV9foYqUzAC5C54ZVEpQS2Ncy3ODYM-1744718456-1.0.1.1-RF_BQfhrPWPL5rt._TtU8Lpyp44KUFJWW9Ck1rjpJbw
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:00:56 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DOdbjzOSyFxovOcHE0RgSsbg4%2Bmkwvk94UshITMnCVhU47TNXfy9i51zEm512seP%2F%2Fvrk%2BqaboUEOYpd16mfWYxhscfbNgYipLTfINufpkQGJ2%2FmfLWMDiYyIg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b49112b2c569a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=492&min_rtt=492&rtt_var=246&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=505&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/statics/okav/static/css/font-awesome.min.css
200 OK 31 kB URL GET 3dqd.com/statics/okav/static/css/font-awesome.min.css
IP
File type ASCII text, with very long lines (30763)
Hash 861b93b125da96c853cb9680e0c844d2
078ef3b7983ccef60eeaa80c2591201c8d47d264
8d4a4872dc0faa2ff83bb6664338e63c6f9b52a603e29b1aa764f2866763b7fc
GET /statics/okav/static/css/font-awesome.min.css HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:05 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 Jun 2024 23:14:56 GMT
Vary: Accept-Encoding
ETag: W/"6660f170-78ce"
Expires: Wed, 16 Apr 2025 00:01:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EZeKQ24ZNKye0tLA8U6%2B8w3XVOYvcMQ%2FJXh17rfhIYikGhsp3GwFLnQd7cy2xV9Ki50q4lRTB8LFIBMa1vwJMBum%2BS9kg2hhwnN4gBYsonDSwxy6bEctxOQJTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b4949285056a5-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=426&min_rtt=426&rtt_var=213&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=837&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/js/injvowq.script
200 OK 7.4 kB URL GET 3dqd.com/js/injvowq.script
IP
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 7f846219a117f4e643258e0fbb1ef191
6a31afd5c34893f3d1e03f92b46d504702a831ee
f24c96a55a647f761feff97f4849a7ef1afd056946f015e145e4dcbde4431afe
GET /js/injvowq.script HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 15 Apr 2025 12:01:06 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YcvWUa5k1iQZrtb96f7C16OlkOVqms19dXGFNW4IycpisBKR6VZ7CjotqVe0SQiK7PSgf1EuuJuOH6Jst0j%2FV74%2BYqRACOXOMUsrI20UMjExqt7HHxC0dnbb4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b494bdc9456a5-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=637&min_rtt=426&rtt_var=186&sent=10&recv=12&lost=0&retrans=0&sent_bytes=8732&recv_bytes=1632&delivery_rate=14498122&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/js/kniew.script
200 OK 3.3 kB IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 35f997f71268d79d1eb7b14fe0fad0eb
0b0adfb955a1c5eadb66d9a74606c9aaee4cea9e
2117f36595f01ca26e86f5b048e99d20d5c2b7b613405155920ea565a3c36ed0
GET /js/kniew.script HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 15 Apr 2025 12:01:06 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IryoD10Xg15kuEdZwZtffUeNo79YcLyoTQ7bS31B91wNNc8zLNDdAB3kxHzeHpMcJaDytr%2FQ5rGV%2BsC9Z29bGOasDcSCnItiyAFneuMejh6NERgn2SZ1KJBIVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b494cbfd0568f-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1100&min_rtt=668&rtt_var=232&sent=54&recv=55&lost=0&retrans=0&sent_bytes=59856&recv_bytes=13100&delivery_rate=20909747&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/statics/okav/static/js/popper.min.js
200 OK 21 kB URL GET 3dqd.com/statics/okav/static/js/popper.min.js
IP
File type JavaScript source, ASCII text, with very long lines (20800)
Hash 7e58cd01528ac4394af369c152c17bc2
9496922c892ea80e86d868c4509610d61a1f2847
587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560
GET /statics/okav/static/js/popper.min.js HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 Jun 2024 23:15:20 GMT
Vary: Accept-Encoding
ETag: W/"6660f188-51ed"
Expires: Wed, 16 Apr 2025 00:01:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vg%2BevBAHMMo0AtKwZxhfgi5Br3w0Oqsbsd82i4%2BRlV5sOAeghFcQadm6ejrXmL7Z3qMt3xeBwMBGLQM3heV0qj%2FicOCziKSYYwahPd6ggPGEk1ou6kbTli3L7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b494cf9fbb517-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1668&min_rtt=476&rtt_var=468&sent=15&recv=17&lost=0&retrans=0&sent_bytes=16286&recv_bytes=1640&delivery_rate=9535967&cwnd=254&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/statics/okav/static/js/lazysizes.min.js
200 OK 7.8 kB URL GET 3dqd.com/statics/okav/static/js/lazysizes.min.js
IP
File type JavaScript source, ASCII text, with very long lines (7744), with CRLF line terminators
Hash 40c0bfc764764587555c066d46fe6071
77007109dfd235994e20fc580b553d0749d2e973
498676c34eb225e85357ab0ce19c3c1244f3bd0bf595e5684d1b9d50ea4fbc42
GET /statics/okav/static/js/lazysizes.min.js HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 Jun 2024 23:15:02 GMT
Vary: Accept-Encoding
ETag: W/"6660f176-1e5d"
Expires: Wed, 16 Apr 2025 00:01:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uwcd3fSThTJWZFt2vbun3TU2R8J8QQkw5bPFgZX5C6U0AIU3VrnyG3yER5iwiY85KguneYsrgDD6qJWYXmj7HiNXaznB1ROIKiAzN4zM2NG7lq7KYKewSHiQZA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b494e880eb51b-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=578&min_rtt=493&rtt_var=172&sent=10&recv=10&lost=0&retrans=0&sent_bytes=6400&recv_bytes=2441&delivery_rate=8382054&cwnd=256&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/statics/okav/static/js/mains.js
200 OK 561 B URL GET 3dqd.com/statics/okav/static/js/mains.js
IP
File type ASCII text, with CRLF line terminators
Hash e718bf05277073543151b9f675b60172
55518f585d58e4da907c14cf87d6142af1f96d90
7ea329dcfc92cf026df0313f41db122069053932e103dd93cfcef274e6cdaeda
GET /statics/okav/static/js/mains.js HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 Jun 2024 23:15:10 GMT
ETag: W/"6660f17e-231"
Expires: Wed, 16 Apr 2025 00:01:16 GMT
Cache-Control: max-age=43200
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ex40TlzGtu2pHBddC3oQ36K94LlBt1iYm4tMrGabFHtNcHmOEoEc9Kr1cV0lrARJn1GVE96De8KzH9bHUJ8FKAeyXOsHkkMnD2OwRhXpR%2FBF7A8N4QhPS8%2BafQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 930b494f1c5556c0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=524&min_rtt=414&rtt_var=174&sent=10&recv=10&lost=0&retrans=0&sent_bytes=5340&recv_bytes=2435&delivery_rate=8580740&cwnd=256&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET txdy.2016os.com/960x80-2.gif
200 OK 524 kB URL GET txdy.2016os.com/960x80-2.gif
IP
Certificate IssuerLet's Encrypt
Subjecttxdy.2016os.com
FingerprintE7:5F:81:4A:4E:88:2F:A0:68:C2:F7:26:53:28:C3:30:B7:C8:DB:3B
ValidityWed, 05 Feb 2025 22:32:01 GMT - Tue, 06 May 2025 22:32:00 GMT
File type GIF image data, version 89a, 960 x 80
Size 524 kB (523764 bytes)
Hash 8102b307619a90c2245da75bc7445fd9
21ed3095f76e34fe8134cf4575c75b785616c4a7
c2e316430822c76ff6bb32ba2b68876d2d930398f8e3f88cb70578c0b8fe03d7
GET /960x80-2.gif HTTP/1.1
Host: txdy.2016os.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 523764
strict-transport-security: max-age=5184000
date: Sun, 23 Mar 2025 07:52:26 GMT
expires: Tue, 22 Apr 2025 07:52:26 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: cache2.l2cn3130[0,0,304-0,H], cache8.l2cn3130[2,0], kunlun8.cn192[0,0,200-0,H], kunlun9.cn192[1,0]
last-modified: Wed, 12 Feb 2025 08:43:48 GMT
vary: Accept-Encoding
etag: "67ac5f44-7fdf4"
age: 2002122
ali-swift-global-savetime: 1742716346
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 23 Mar 2025 07:52:30 GMT
x-swift-cachetime: 2591996
timing-allow-origin: *
eagleid: 3adad01d17447184684558652e
X-Firefox-Spdy: h2
GET v.xn--xhq326aj6yqpw.com/954f8570089e6b795f1209fad46cce31.gif
200 OK 340 kB URL GET v.xn--xhq326aj6yqpw.com/954f8570089e6b795f1209fad46cce31.gif
IP
Certificate IssuerLet's Encrypt
Subjectxn--xhq326aj6yqpw.com
Fingerprint6B:20:84:49:E3:1D:75:3A:0C:9D:62:F5:43:07:B9:14:13:24:2F:71
ValidityWed, 02 Apr 2025 14:07:52 GMT - Tue, 01 Jul 2025 14:07:51 GMT
File type GIF image data, version 89a, 200 x 200
Size 340 kB (339768 bytes)
Hash 26ed3c2e513a52c63ae8312bddb5d296
3e13342cddc820fa70fa916f6f2158f343a4e683
fff3577df289c5d3c0ba7d20d810955c22296163f7538cb7eb4ea634b8f835a9
GET /954f8570089e6b795f1209fad46cce31.gif HTTP/1.1
Host: v.xn--xhq326aj6yqpw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 15 Apr 2025 12:01:08 GMT
content-type: image/gif
content-length: 339768
server: cloudflare
accept-ranges: bytes
last-modified: Sat, 08 Jun 2024 13:01:33 GMT
etag: "6664562d-52f38"
expires: Mon, 12 May 2025 07:41:20 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 274788
cf-ray: 930b49599bcab51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET 3dqd.com/img/2/meituxiuxiu3164.gif
200 OK 1.4 MB URL GET 3dqd.com/img/2/meituxiuxiu3164.gif
IP
File type GIF image data, version 89a, 640 x 480
Size 1.4 MB (1409024 bytes)
Hash a46619c763ebb66eb61f8e49b4116fb7
00de600402c1071d0203d8b8d2cfb805d90daec6
9ca88b3e0b8ade8c6eb0e4b1d3a5c5ee7b06c0d114881860c35e0f9d463b7a51
GET /img/2/meituxiuxiu3164.gif HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:10 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 06 Nov 2024 22:16:56 GMT
Vary: Accept-Encoding
ETag: W/"672bead8-158000"
Expires: Thu, 15 May 2025 12:01:19 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q7QKLSb1Wifzyha%2FycF9mtaUyDtYgfJaVAc8s9PEO%2BDlyEnElYk1YXaKHpO2MfyuzI908l8pPZciyJkjwn%2FkCi1n4eR7dPQ22F69t7OdZjPCMq2Aq%2BzTjLqPsg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b49608e18568f-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1136&min_rtt=565&rtt_var=613&sent=74&recv=63&lost=0&retrans=0&sent_bytes=73806&recv_bytes=16454&delivery_rate=20909747&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET hm.baidu.com/hm.js?057702fc668e08ad1bf48a5e3daa5a06
200 OK 30 kB URL GET hm.baidu.com/hm.js?057702fc668e08ad1bf48a5e3daa5a06
IP
ASN #9808 China Mobile Communications Group Co., Ltd.
Requested by https://bofangqi.aaa.vin/mama.html
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0
ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT
File type JavaScript source, ASCII text, with very long lines (617)
Hash 29c6bf59b7d9ecf97255cae374b2c800
81cf667f8ec13a28439ba6941cfb05e4a053caf8
1089ad3810e5ee4ec980f510faf5dc34a12b59693fcbe18e789dae64dfdf65a2
GET /hm.js?057702fc668e08ad1bf48a5e3daa5a06 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bofangqi.aaa.vin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11287
Content-Type: application/javascript
Date: Tue, 15 Apr 2025 12:01:12 GMT
Etag: a9acf5e6caa494819809392a21c424e6
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A6D36B6B4BD6BA4F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
403 Forbidden 7.7 kB IP
Certificate IssuerGoogle Trust Services
Subject3dqd.com
Fingerprint47:6E:64:18:4E:21:87:6C:9E:3B:81:9C:AA:42:4D:CD:CD:4C:2E:EF
ValiditySun, 06 Apr 2025 07:05:27 GMT - Sat, 05 Jul 2025 08:02:37 GMT
File type HTML document, ASCII text, with very long lines (7727), with no line terminators
Hash 094fe63fb28d8dffd3db5e9909103cb7
a3a677a3766f6dad5efed1444a9bb7d08087afe1
ef7ade5373c300b86433405514bcada76a0d9a029528513aae52a4fcb5233cb2
GET / HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Tue, 15 Apr 2025 12:00:56 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
cf-ray: 930b490f1a130b55-OSL
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYDcpM5pPX68I1USUUtvwiQ17QZNTPrnHFzRgUOHWgPZaFiYwu%2F9mVB5cM9uKw%2FRau5ToM76rbzcTk0K3kFpmv5LK%2FVoxH3J9T%2FqmA8JC13XQSFc9nGNL57R9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: chlray;desc="930b490f1a130b55", cfL4;desc="?proto=TCP&rtt=550&min_rtt=507&rtt_var=128&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3262&recv_bytes=1241&delivery_rate=6995169&cwnd=253&unsent_bytes=0&cid=486221867d3ebff4&ts=52&x=0"
X-Firefox-Spdy: h2
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1
200 OK 61 B URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/3m3b8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/
Certificate IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28
ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File type PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Hash 9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/3m3b8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 15 Apr 2025 12:00:57 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
priority: u=4,i=?0
server: cloudflare
cf-ray: 930b4915ef3e56ca-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET 3dqd.com/js/ljbeqrq.script
200 OK 4.6 kB URL GET 3dqd.com/js/ljbeqrq.script
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 9e712f39e089f7796a2456a3573db09b
755ff2af66e7b57705e246275696fb55da787c50
5c362a1fca693dbd46cd0985a9f4b17d2bd6b28c006013bb62b868b37ea5813e
GET /js/ljbeqrq.script HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 15 Apr 2025 12:01:06 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BWRj%2F6rKjFl819nGCWCmECu8jyCyS4SLdDDUnz2aNMLqctP5XsAOzXlSkb6SfzuMzHaobGPV%2F0D3maI9p0jefOVzpJr3zuoZ21htwe6wyH%2FrtsA5E3TLQPEN9w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b494bbea156c0-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=507&min_rtt=414&rtt_var=185&sent=6&recv=8&lost=0&retrans=0&sent_bytes=3209&recv_bytes=1626&delivery_rate=8580740&cwnd=253&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/statics/okav/static/js/bootstrap.min.js
200 OK 56 kB URL GET 3dqd.com/statics/okav/static/js/bootstrap.min.js
IP
File type JavaScript source, ASCII text, with very long lines (55494)
Hash 6895e8cd60b62646ce12426015888f58
de908c9ed184d74eb525fa7a30449b67fc3a1c14
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
GET /statics/okav/static/js/bootstrap.min.js HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 Jun 2024 23:15:00 GMT
Vary: Accept-Encoding
ETag: W/"6660f174-d9df"
Expires: Wed, 16 Apr 2025 00:01:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IkZAd4tFgOgd1qW0wMPOgKl5jyDbQk2Ji9OhyAJwd32nASfO2wUFFot%2F7AfaUDA4RCXegOThab%2B3UXipVfdLjFhcu1q1IxVJsnnMgmwY5SrNG2cWObuNvjF5WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b494e78af56a5-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=787&min_rtt=426&rtt_var=439&sent=14&recv=14&lost=0&retrans=0&sent_bytes=10948&recv_bytes=2449&delivery_rate=14498122&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/js/kniew.script
200 OK 3.3 kB IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 35f997f71268d79d1eb7b14fe0fad0eb
0b0adfb955a1c5eadb66d9a74606c9aaee4cea9e
2117f36595f01ca26e86f5b048e99d20d5c2b7b613405155920ea565a3c36ed0
GET /js/kniew.script HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Last-Modified: Tue, 15 Apr 2025 12:01:06 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1vCu41XHBuyB8CgYmC%2FuDrx0bWcan%2F2mxluHN6CYy5FGb39M4w0uqPpkKD3FmpjaxeDFZVQDo5SL7GrzSXb4Ysceji7uQ1HoLy1dxSZ8FKB8TFQUBdKX1a9f5w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b4951781456c0-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=559&min_rtt=414&rtt_var=200&sent=13&recv=12&lost=0&retrans=0&sent_bytes=6568&recv_bytes=3228&delivery_rate=8580740&cwnd=256&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET hm.baidu.com/hm.gif?hca=A6D36B6B4BD6BA4F&cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=8&et=0&ja=0&ln=en-us&lo=0&rnd=879432354&si=057702fc668e08ad1bf48a5e3daa5a06&su=http%3A%2F%2F3dqd.com%2F&v=1.3.2&lv=1&sn=45703&r=0&ww=0&u=https%3A%2F%2Fbofangqi.aaa.vin%2Fmama.html
200 OK 43 B URL GET hm.baidu.com/hm.gif?hca=A6D36B6B4BD6BA4F&cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=8&et=0&ja=0&ln=en-us&lo=0&rnd=879432354&si=057702fc668e08ad1bf48a5e3daa5a06&su=http%3A%2F%2F3dqd.com%2F&v=1.3.2&lv=1&sn=45703&r=0&ww=0&u=https%3A%2F%2Fbofangqi.aaa.vin%2Fmama.html
IP
ASN #9808 China Mobile Communications Group Co., Ltd.
Requested by https://bofangqi.aaa.vin/mama.html
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0
ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?hca=A6D36B6B4BD6BA4F&cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=8&et=0&ja=0&ln=en-us&lo=0&rnd=879432354&si=057702fc668e08ad1bf48a5e3daa5a06&su=http%3A%2F%2F3dqd.com%2F&v=1.3.2&lv=1&sn=45703&r=0&ww=0&u=https%3A%2F%2Fbofangqi.aaa.vin%2Fmama.html HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bofangqi.aaa.vin/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 15 Apr 2025 12:01:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4B11F0ECFACC59AC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
POST 3dqd.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1700021385:1744716463:hXw2LP8nSaYAV1tYbuE5mWl0MFYLd1_0_ZVTQANrT0Y/930b49100a697127/oPmW.2w43fozOlc8.ODIYi6WWDaWRI.r.QimOEL7yfc-1744718456-1.2.1.1-oIBStiYpedC1cA91nrOHNpsaizzPYJffWlpy8hqoKBV1NF_Pei7MnLivnq_VR9il
200 OK 4.2 kB URL POST 3dqd.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1700021385:1744716463:hXw2LP8nSaYAV1tYbuE5mWl0MFYLd1_0_ZVTQANrT0Y/930b49100a697127/oPmW.2w43fozOlc8.ODIYi6WWDaWRI.r.QimOEL7yfc-1744718456-1.2.1.1-oIBStiYpedC1cA91nrOHNpsaizzPYJffWlpy8hqoKBV1NF_Pei7MnLivnq_VR9il
IP
File type ASCII text, with very long lines (4200), with no line terminators
Hash 1a14ef9ade62b195c1cee3750b737113
0224dc8068c4fde9fe30a9cf4aaa130d4e548f71
133872edec3e7dc38bc340372a89b1e351e9a963ede6dfeaf0e69579ceb6451a
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1700021385:1744716463:hXw2LP8nSaYAV1tYbuE5mWl0MFYLd1_0_ZVTQANrT0Y/930b49100a697127/oPmW.2w43fozOlc8.ODIYi6WWDaWRI.r.QimOEL7yfc-1744718456-1.2.1.1-oIBStiYpedC1cA91nrOHNpsaizzPYJffWlpy8hqoKBV1NF_Pei7MnLivnq_VR9il HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://3dqd.com/
cf-chl: oPmW.2w43fozOlc8.ODIYi6WWDaWRI.r.QimOEL7yfc-1744718456-1.2.1.1-oIBStiYpedC1cA91nrOHNpsaizzPYJffWlpy8hqoKBV1NF_Pei7MnLivnq_VR9il
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 4257
Origin: http://3dqd.com
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX; HttpOnly; SameSite=Strict; Path=/; Domain=3dqd.com; Expires=Wed, 15 Apr 2026 12:01:04 GMT
cf-chl-out: Q4HVB798L7HNucU5iU8SNb5dQqwD9hyT5w5S44ipWyOkxx7KrgX2xwqpBRkA8DzM66nWkT5COY+rlS+uc4CYdA==$LTyN4oishAQJEBO8STI5qA==
cf-chl-out-s: grh4HWp5aoQkWKQHyuJbhNrIsXWltW6WlncQJUmGk+wPfB4AT7X0tT0fu8mFETkCBHUDgiVJc6uMA0O8gCmBYmR75MLG09xJBf8/BoLQxXVKB5dS1tzH0PK01rTiK6PPKi8NqwbM6pmd4X/yVDWcG+hg8XUQGJZdSxfoyBYBm+k6AenEENnw2PAHqXCisbBvvok2Sta72/sBPgZHBj4k6r+7CLr5I58A1o6nx0+M3XDTdmslcHGLa3vUSJV2RLKpx3aofagEEmn1r8RDs9Ldnez+/jVRZkTrLSluBWzxH0z+F0zkL0DAJKMh6/4KRCuifVhKRvlIqioXLxdyo++K614A5IyW0VrcCRaU1Y//9Oz5lHscvr2or+5QBQnvp3J1LJ0H6FT4QYaBmhZJQzYBWQ==$jePL5dUiwniKHYZLSKH77g==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Guw3ljNIyWx%2FNuicxFRGgM3X4GPj%2FhfgtPrNwrybnQZEBC41qQiA7ZApT%2F7cFs96a3paxA5S%2FHj%2BMjHNZq8Yj5XhIc6ijzIYfJnMSvCeJEIbfjNwbSEwnKauAg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b4944bc77568f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=2176&min_rtt=1917&rtt_var=213&sent=15&recv=20&lost=0&retrans=0&sent_bytes=13243&recv_bytes=7889&delivery_rate=6611872&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/statics/okav/static/js/jquery-3.3.1.min.js
200 OK 97 kB URL GET 3dqd.com/statics/okav/static/js/jquery-3.3.1.min.js
IP
File type JavaScript source, ASCII text, with very long lines (32077)
Hash 0fca26b5a37a66d68d0f4406976be4b5
ee000eb654b3bd37185665d3901e93b34ce1aa52
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /statics/okav/static/js/jquery-3.3.1.min.js HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 Jun 2024 23:15:10 GMT
Vary: Accept-Encoding
ETag: W/"6660f17e-17b8a"
Expires: Wed, 16 Apr 2025 00:01:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vFny2Viln%2BPTLqupqTSNUofH00MPwWj%2FCKL7lcknK0aYWiWP%2F3SXn8ujgfb7viiZaev1Tb%2BBb%2FDD%2F8bAP3v%2F8Ae3cUbksDvZLOUbv30tBA4CS%2FPaZAssfu6wdA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b494cdcfe56cb-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1559&min_rtt=415&rtt_var=441&sent=17&recv=19&lost=0&retrans=0&sent_bytes=19813&recv_bytes=1652&delivery_rate=11708894&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/statics/okav/static/fonts/fontawesome-webfont.woff2
200 OK 77 kB URL GET 3dqd.com/statics/okav/static/fonts/fontawesome-webfont.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /statics/okav/static/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/statics/okav/static/css/font-awesome.min.css
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:07 GMT
Content-Type: font/woff2
Content-Length: 77160
Connection: keep-alive
Last-Modified: Wed, 05 Jun 2024 23:15:04 GMT
ETag: "6660f178-12d68"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9OENcqSY6MeMCzS68%2B%2BEPYGzWYhu2XJI2vp3drUQ3LocNXMR1kbGwhSZ0PChKzVKEL2aVLKsWCi7FSUx1XU9HNCe7qpSE36DJYBzA6pU5oT%2FQJd2YSh0N9hAUw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 930b4951883856c0-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=572&min_rtt=414&rtt_var=175&sent=17&recv=14&lost=0&retrans=0&sent_bytes=8258&recv_bytes=4159&delivery_rate=8580740&cwnd=256&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET mlnl.wbqqo.com/gif/e20240908_2200_1.gif
301 Moved Permanently 0 B URL GET mlnl.wbqqo.com/gif/e20240908_2200_1.gif
IP
Certificate IssuerGoogle Trust Services
Subjectwbqqo.com
FingerprintCF:C2:3C:50:66:11:DF:F4:D6:07:BA:CB:6C:3D:AE:B2:EC:38:A5:F4
ValidityWed, 05 Mar 2025 18:23:22 GMT - Tue, 03 Jun 2025 19:22:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gif/e20240908_2200_1.gif HTTP/1.1
Host: mlnl.wbqqo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 15 Apr 2025 12:01:08 GMT
content-type: text/html
location: https://tul.xn--qrq298gm4o.com/gif/e20240908_2200_1.gif
server: cloudflare
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: EXPIRED
cf-ray: 930b4957f84856c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1539973405:1744716499:YKlyhftdyHp2uExZkD7tuzfTC4HqPJ1HyESdnC4giXY/930b49151df256ca/kzLva_3gRDbVZWR.TFpD9YbhzSz7SPg4mKOt6GN1jjA-1744718457-1.1.1.1-AX0JKW_H5Ku4ZdCporo6sk3rT0NU4Y2rcAOdQAOSpZp00TAiv40oBC_aMokwkIDA
200 OK 229 kB URL POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1539973405:1744716499:YKlyhftdyHp2uExZkD7tuzfTC4HqPJ1HyESdnC4giXY/930b49151df256ca/kzLva_3gRDbVZWR.TFpD9YbhzSz7SPg4mKOt6GN1jjA-1744718457-1.1.1.1-AX0JKW_H5Ku4ZdCporo6sk3rT0NU4Y2rcAOdQAOSpZp00TAiv40oBC_aMokwkIDA
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/3m3b8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/
Certificate IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28
ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 229 kB (228856 bytes)
Hash 867c1df469a66dcb1518775b41dbebd1
246818b37191da591bc76e824cb00f19eadadc6d
44fb5b38ff27678e7f7eac4afea6c3bf20bea5924e5b1d6e97d7cd70077dcf06
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1539973405:1744716499:YKlyhftdyHp2uExZkD7tuzfTC4HqPJ1HyESdnC4giXY/930b49151df256ca/kzLva_3gRDbVZWR.TFpD9YbhzSz7SPg4mKOt6GN1jjA-1744718457-1.1.1.1-AX0JKW_H5Ku4ZdCporo6sk3rT0NU4Y2rcAOdQAOSpZp00TAiv40oBC_aMokwkIDA HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/3m3b8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/
cf-chl: kzLva_3gRDbVZWR.TFpD9YbhzSz7SPg4mKOt6GN1jjA-1744718457-1.1.1.1-AX0JKW_H5Ku4ZdCporo6sk3rT0NU4Y2rcAOdQAOSpZp00TAiv40oBC_aMokwkIDA
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 3746
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 15 Apr 2025 12:00:57 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: /sK053CHDcZqw0nT0WziA8fEmdzLahnOKuXOjG5i6VW/e9UsLqg9b3TzrbISM38OoRIavUW0KFZTV8lDp64iKOV42jTwHjqV8VUiJ0XgMWgwfWyos3i7qS5682MSpJTD9V3n0htsC5tpbD6J0ak/3bOP4YGy3dQdr5wj9KTrdRpKm/QkjKPzbT9dpkfOeMfIT72zNIqXT5mx1oaY/9dcUy+2L+P/b2y+aI44SnOPaKMG3ll1H//T36B8lDD33eSdwc2KXu0t0npNK0drIIr3YVIyNFiI/ip4rWqMpoE/AXFvQkJuu+ThPVD5RLvUSbjAQAXRL2cyAAozWj+PpddWR/i07DDav2dyXv3+qOHvqJvVqp7xWG1De4qrSUgtw6ezrvxQN7L/aNjfT2Vqn2cHbPfJhoQ+0jUrbvZMFynSGXYFS0Vn9cndvn33eCpn40Gc9KHTUO7sw0A+0Mames/axTdu+MY0/PeywFssYvRbdD6EXGP7hhMEedwEh3D8Ul1+RReckaFTvd2dtgrOVVNAA1izW95Fdqve2O0yfNDofZNvesMtfxDEYFKHDQjcNEVgkE1piO7+VGvKT8HTTxjWKCMW7W5hq2uLJ6HdwK3B2tFPR/x139UCX4jPoY4IJ4W3mbpSC7w+HHL5mO/02LIFdFOLjyTLoP25nQk1562bJ41dqZeReff+J1JFvWlu1BAt4Ygv7Uh1d0z5SA12ndif3OIpu28M9mhV/eQ0m4qQ05/iAIfyO+JsBCDEsd6uYZTQ9aqvQykfx/+IeBgmz3Jt8g==$W7CWhID0twkH6ciA7gngJA==
priority: u=3,i=?0
server: cloudflare
cf-ray: 930b49193bf056ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET seyoutupian.dqntwl.com/150x150-d.gif
200 OK 90 kB URL GET seyoutupian.dqntwl.com/150x150-d.gif
IP
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
Certificate IssuerTrustAsia Technologies, Inc.
Subjectseyoutupian.dqntwl.com
Fingerprint7A:F2:37:B4:6E:3A:C4:DC:54:0F:0E:73:13:92:E8:DF:8D:9B:97:44
ValidityMon, 24 Feb 2025 00:00:00 GMT - Sat, 24 May 2025 23:59:59 GMT
File type GIF image data, version 89a, 150 x 150
Hash c0199e916abf6b98406503986883300b
2ccce0e0db9f791e5d1803d514e4750051ba2628
11674350c066d52b9cbf6f351a04ee36660e582774d8a1559b7be6af7879aa2d
GET /150x150-d.gif HTTP/1.1
Host: seyoutupian.dqntwl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 89831
strict-transport-security: max-age=5184000
date: Mon, 31 Mar 2025 23:51:43 GMT
last-modified: Wed, 12 Feb 2025 08:41:12 GMT
vary: Accept-Encoding
etag: "67ac5ea8-15ee7"
expires: Wed, 30 Apr 2025 23:51:43 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: cache25.l2cn3147[0,0,200-0,H], cache12.l2cn3147[1,0], kunlun4.cn7140[0,0,200-0,H], kunlun20.cn7140[8,0]
age: 1253365
ali-swift-global-savetime: 1743465104
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Mon, 14 Apr 2025 17:08:32 GMT
x-swift-cachetime: 1406592
timing-allow-origin: *
eagleid: 6f035b2817447184698558149e
X-Firefox-Spdy: h2
GET tul.xn--qrq298gm4o.com/gif/e20240908_2200_1.gif
0 B URL GET tul.xn--qrq298gm4o.com/gif/e20240908_2200_1.gif
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /gif/e20240908_2200_1.gif HTTP/1.1
Host: tul.xn--qrq298gm4o.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3dqd.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 3dqd.com/favicon.ico
200 OK 17 kB IP
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
Hash c0720d1d5aeb7405a36748612ce8ba2b
978ee607f020807e528fe2dffbde3893430d50ab
9f8347cea0006dcc4008412ff15917e7394ea2b317dbaac68caf9b9c3ac25660
GET /favicon.ico HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:12 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 04 Nov 2024 10:03:05 GMT
ETag: W/"67289bd9-423e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Xru6618uYDfjCrq1UrB9NUVPkTvBeo6DYKbck%2BrlvbNL6Q7nDVSYXns%2FR6uAdf9Zyjrw6MtwbHY7aHah3cofY0cwDXUIcbEdEGM5KN5faVSqiOfApJfHSurrg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 930b4970b93756cb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=2661&min_rtt=415&rtt_var=803&sent=1143&recv=874&lost=0&retrans=0&sent_bytes=1597550&recv_bytes=4913&delivery_rate=103428571&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=930b49151df256ca&lang=auto
200 OK 118 kB URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=930b49151df256ca&lang=auto
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/3m3b8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/
Certificate IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28
ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 118 kB (118369 bytes)
Hash d1669cab5cf9f62c46113655ce00e892
cf762ba0a8b028d10df17c73385dc89b6bb990d2
f3bc5115619a7b182fe528f97853d5f5a1e49afb52673c817aa2f90410d59fb7
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=930b49151df256ca&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/3m3b8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 15 Apr 2025 12:00:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
priority: u=3,i=?0
server: cloudflare
cf-ray: 930b49164fd456ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET hhapk777.getehu.com/3391/1372/1372-150x150.gif
200 OK 152 kB URL GET hhapk777.getehu.com/3391/1372/1372-150x150.gif
IP
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
Certificate IssuerLet's Encrypt
Subjecthhapk777.getehu.com
FingerprintD7:25:02:89:AB:0D:42:B4:BA:ED:AE:71:62:1C:14:A7:1E:46:64:D4
ValidityMon, 24 Feb 2025 09:20:42 GMT - Sun, 25 May 2025 09:20:41 GMT
File type GIF image data, version 89a, 150 x 150
Size 152 kB (152416 bytes)
Hash fd5fd8333d1bb74f320f917d5d276d02
86d777015e72e04624e8e8d4c6ff098a302c38ea
58ce4b25c3fb5b4dd2c5da7853ac66692d8b2d49aa96ec3e0d9375c192da5959
GET /3391/1372/1372-150x150.gif HTTP/1.1
Host: hhapk777.getehu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 152416
strict-transport-security: max-age=5184000
date: Thu, 10 Apr 2025 01:03:30 GMT
expires: Sat, 10 May 2025 01:03:30 GMT
cache-control: max-age=2592000
last-modified: Thu, 13 Mar 2025 08:30:46 GMT
vary: Accept-Encoding
etag: "67d297b6-25360"
accept-ranges: bytes
via: cache35.l2cn7492[0,0,200-0,H], cache40.l2cn7492[1,0], kunlun14.cn7140[0,0,200-0,H], kunlun10.cn7140[2,0]
age: 471458
ali-swift-global-savetime: 1744247010
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Mon, 14 Apr 2025 18:43:28 GMT
x-swift-cachetime: 2182802
timing-allow-origin: *
eagleid: 6f035b1e17447184685933373e
X-Firefox-Spdy: h2
GET cbu01.alicdn.com/img/ibank/O1CN016r5T9B1Bs332MacCU_!!0-1-cib.gif
200 OK 273 kB URL GET cbu01.alicdn.com/img/ibank/O1CN016r5T9B1Bs332MacCU_!!0-1-cib.gif
IP
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintDA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5
ValidityThu, 06 Mar 2025 10:12:19 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type GIF image data, version 89a, 980 x 80
Size 273 kB (273082 bytes)
Hash e177d0a4d35da475cd7719317ff6b8f9
bfd3b08a0bba91c7b03e7f67f1c2ce6c3c4f30c3
291cdacbef5e7ea7ad0a0455bcac9c825fd0e27f50a05e0d37ad906c111e7a70
GET /img/ibank/O1CN016r5T9B1Bs332MacCU_!!0-1-cib.gif HTTP/1.1
Host: cbu01.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3dqd.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 273082
date: Sun, 13 Apr 2025 01:58:19 GMT
last-modified: Sat, 12 Apr 2025 11:47:07 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.031
traceid: a3b5fdad17445094993892372e
x-powered-by: Picasso
picasso-image-type: normal
picasso-fmt: gif2
cache-control: max-age=31536000
via: cache34.l2fr1[270,270,200-0,M], cache19.l2fr1[271,0], ens-cache37.fr6[0,0,200-0,H], ens-cache26.fr6[1,0]
access-control-allow-origin: *
age: 208970
ali-swift-global-savetime: 1744509499
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 13 Apr 2025 01:58:19 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *
eagleid: a3b5fdae17447184696111533e
X-Firefox-Spdy: h2
GET 3dqd.com/statics/okav/static/css/stylesheet.css
200 OK 32 kB URL GET 3dqd.com/statics/okav/static/css/stylesheet.css
IP
File type ASCII text, with very long lines (1572)
Hash 36fae3f6a4906f73b5996c2fb00714b4
f5bc35a4b6544a88300ec9f37cd1ae2502a5a270
893ab2c5a94976be8e918e6d1cf97668824339a36855ce2edc93076a00921f08
GET /statics/okav/static/css/stylesheet.css HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:05 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 Jun 2024 23:10:18 GMT
Vary: Accept-Encoding
ETag: W/"6660f05a-7c61"
Expires: Wed, 16 Apr 2025 00:01:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OAK41fFqPgysPHBVRPv6sH%2BRfvbh5WXg6oXG6ErI22tjgzEvOJxwY5uG2O21AYry8U7GgsAeVX6f6uo8j404qS9ngzqGr2mB4s%2Bb6r2Ct%2FPBAkcx5QjEgOwxDw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b49492a3a56c0-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=414&min_rtt=414&rtt_var=207&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=831&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/js/pj2w66lpovygsylp.script
200 OK 4.9 kB URL GET 3dqd.com/js/pj2w66lpovygsylp.script
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 9123ceb36fbcafbb9f6d9f0807650022
1a3add4cc8295e6959db5d1d18383cf4f6e588a2
0f30c0e6ad3510ede54267315f21ea222d1e168e75c523000a8a969e69fa9e63
GET /js/pj2w66lpovygsylp.script HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 15 Apr 2025 12:01:06 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LYPz0puN9t5RrkFt63dcuWv4pM22i4lKgohvmw3ex7r5YA31Tb7scjzp3wJrwgAlYhd6xbiQZVKUCul7I3N3OmEKxU0rec99RNzKKoBinhaseDAwJNeL2Sjfjw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b494f5b24568f-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1352&min_rtt=668&rtt_var=679&sent=58&recv=57&lost=0&retrans=0&sent_bytes=61543&recv_bytes=13904&delivery_rate=20909747&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET txdy.2016os.com/150x150-l-1.gif
200 OK 58 kB URL GET txdy.2016os.com/150x150-l-1.gif
IP
Certificate IssuerLet's Encrypt
Subjecttxdy.2016os.com
FingerprintE7:5F:81:4A:4E:88:2F:A0:68:C2:F7:26:53:28:C3:30:B7:C8:DB:3B
ValidityWed, 05 Feb 2025 22:32:01 GMT - Tue, 06 May 2025 22:32:00 GMT
File type GIF image data, version 89a, 150 x 150
Hash a92335255c35fe8948d6ca51b54269d0
536d5bc9643cb677af83cd2c9871af00d17f0811
ff742838029a27282f853e0a8401baff41b8738f199a00f4408411358b340c51
GET /150x150-l-1.gif HTTP/1.1
Host: txdy.2016os.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 58278
strict-transport-security: max-age=5184000
date: Sun, 23 Mar 2025 07:52:21 GMT
expires: Tue, 22 Apr 2025 07:52:21 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: ens-cache11.l2cn7656[0,0,304-0,H], ens-cache23.l2cn7656[1,0], kunlun4.cn192[0,0,200-0,H], kunlun9.cn192[1,0]
last-modified: Tue, 11 Mar 2025 07:19:59 GMT
vary: Accept-Encoding
etag: "67cfe41f-e3a6"
age: 2002127
ali-swift-global-savetime: 1742716341
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 23 Mar 2025 07:52:30 GMT
x-swift-cachetime: 2591991
timing-allow-origin: *
eagleid: 3adad01d17447184682978234e
X-Firefox-Spdy: h2
GET bofangqi.aaa.vin/mama.html
200 OK 272 B URL GET bofangqi.aaa.vin/mama.html
IP
Certificate IssuerLet's Encrypt
Subjectbofangqi.aaa.vin
Fingerprint32:D8:6C:28:30:50:42:E5:6B:68:4E:83:47:0C:5E:0A:51:32:4E:29
ValiditySat, 05 Apr 2025 16:27:19 GMT - Fri, 04 Jul 2025 16:27:18 GMT
File type JavaScript source, ASCII text
Hash c7aab1c1531a0ebf40790e45c031e518
7bf17d45f28f7623a6826d5e33809c031b9938bd
bb42bd1aaf64a0de66e29d3e5f50b4ce57f89fc6ce637dac17689fde6e06abe0
GET /mama.html HTTP/1.1
Host: bofangqi.aaa.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 15 Apr 2025 12:01:10 GMT
content-type: text/html
content-length: 272
last-modified: Sun, 23 Mar 2025 17:32:18 GMT
etag: "67e045a2-110"
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
accept-ranges: bytes
X-Firefox-Spdy: h2
GET 3dqd.com/statics/okav/static/css/style.css
200 OK 74 kB URL GET 3dqd.com/statics/okav/static/css/style.css
IP
Hash 59d239eca40bbc5f296656c4734fe1d3
463d2da641f70bb934db9634b70058fcaa0e5dcd
87bb3789ca571ac48037945972283767157fa218a85b408a98a95fd25dfae0dd
GET /statics/okav/static/css/style.css HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 04 Nov 2024 10:00:08 GMT
Vary: Accept-Encoding
ETag: W/"67289b28-12192"
Expires: Wed, 16 Apr 2025 00:01:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yy3Go1t0k1tEfU4rowehtjDreZedL69OHJ2Q4eCNj8ljFd3T91cyQjz8Sb6EsBGC6cdSeUu%2Br5xblqd0eMauwdXmcxnIIuinTPl39RyiJvX7WZMbfpQSnLNNZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b49492c1bb517-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=476&min_rtt=476&rtt_var=238&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=826&delivery_rate=0&cwnd=246&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/statics/okav/static/css/icofont.min.css
200 OK 92 kB URL GET 3dqd.com/statics/okav/static/css/icofont.min.css
IP
File type ASCII text, with very long lines (65364)
Hash ff8bd83d3c2deab4428952808513f4d9
3e614645dbfea9dbf6a05c668e28d3181485ac8e
882f43879ac20dff7edf501cc5a48b2ae4ff78d88136399e18bad1ecf9b7dc39
GET /statics/okav/static/css/icofont.min.css HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 Jun 2024 23:14:56 GMT
Vary: Accept-Encoding
ETag: W/"6660f170-16836"
Expires: Wed, 16 Apr 2025 00:01:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2Bg1510PW6gkzws7CKN49V9o9xc%2F5m0pu6DmYRAcCS9IeXdTIvZd%2BPhA0x%2FIHm%2BiUBtiiQBYPlWkKAOBq5%2BjAbARdA0UeuAT28TeSpAkBIrSKW1BOiwy%2Bk4p2w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b49492f0656cb-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=415&min_rtt=415&rtt_var=207&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=832&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET v.xn--xhq326aj6yqpw.com/e20241129_2019_1.gif
200 OK 648 kB URL GET v.xn--xhq326aj6yqpw.com/e20241129_2019_1.gif
IP
Certificate IssuerLet's Encrypt
Subjectxn--xhq326aj6yqpw.com
Fingerprint6B:20:84:49:E3:1D:75:3A:0C:9D:62:F5:43:07:B9:14:13:24:2F:71
ValidityWed, 02 Apr 2025 14:07:52 GMT - Tue, 01 Jul 2025 14:07:51 GMT
File type GIF image data, version 89a, 150 x 150
Size 648 kB (647646 bytes)
Hash 1091446700f1a5807aed458c170944d4
498ecb52ea0d25d2a6cd2a9193ff0b69cc12d899
1a0dfbd5b7d89139be566eff84197fc0acf5eefdb0a453a200781fb08255af8a
GET /e20241129_2019_1.gif HTTP/1.1
Host: v.xn--xhq326aj6yqpw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 15 Apr 2025 12:01:08 GMT
content-type: image/gif
content-length: 647646
server: cloudflare
accept-ranges: bytes
last-modified: Fri, 29 Nov 2024 12:23:10 GMT
etag: "6749b22e-9e1de"
expires: Mon, 12 May 2025 05:57:16 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 281032
cf-ray: 930b495a3cc0b51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET v.xn--xhq326aj6yqpw.com/e20241129_2019_2.gif
200 OK 15 kB URL GET v.xn--xhq326aj6yqpw.com/e20241129_2019_2.gif
IP
Certificate IssuerLet's Encrypt
Subjectxn--xhq326aj6yqpw.com
Fingerprint6B:20:84:49:E3:1D:75:3A:0C:9D:62:F5:43:07:B9:14:13:24:2F:71
ValidityWed, 02 Apr 2025 14:07:52 GMT - Tue, 01 Jul 2025 14:07:51 GMT
File type GIF image data, version 89a, 150 x 150
Hash 086c1650f5b972cb99c1750ba2ac6e77
5e051d1788e20f85254bf2987a9610df666c9217
095719a35da73c9978dd5c960592c56f04bfa3f14d160d22f9b5e116ee3c098e
GET /e20241129_2019_2.gif HTTP/1.1
Host: v.xn--xhq326aj6yqpw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 15 Apr 2025 12:01:08 GMT
content-type: image/gif
content-length: 15187
server: cloudflare
accept-ranges: bytes
last-modified: Fri, 29 Nov 2024 12:23:13 GMT
etag: "6749b231-3b53"
expires: Wed, 30 Apr 2025 02:06:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1331705
cf-ray: 930b495a1c92b51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET 3dqd.com/js/kniew.script
200 OK 3.3 kB IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 35f997f71268d79d1eb7b14fe0fad0eb
0b0adfb955a1c5eadb66d9a74606c9aaee4cea9e
2117f36595f01ca26e86f5b048e99d20d5c2b7b613405155920ea565a3c36ed0
GET /js/kniew.script HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Last-Modified: Tue, 15 Apr 2025 12:01:06 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GVA90CdvUo0EQ75o11TUPJIQTk0V6HT9vFtPa2jlCA0tuIp2tjSJ%2F7%2BuC3PNrxqg4JEH1LHg3mz1p6vhtKtkHFg7YkbABkcZbH7S8MBwuNTR%2F3O1Bt3Yz6Xm5w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b4951eed2568f-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1277&min_rtt=663&rtt_var=661&sent=62&recv=59&lost=0&retrans=0&sent_bytes=63385&recv_bytes=14697&delivery_rate=20909747&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET 3dqd.com/js/kniew.script
200 OK 3.3 kB IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 35f997f71268d79d1eb7b14fe0fad0eb
0b0adfb955a1c5eadb66d9a74606c9aaee4cea9e
2117f36595f01ca26e86f5b048e99d20d5c2b7b613405155920ea565a3c36ed0
GET /js/kniew.script HTTP/1.1
Host: 3dqd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3dqd.com/
Cookie: cf_clearance=VDhYj.bFPsPESQC1WVyG07F9e.lwrCObdbW9UkWoa2E-1744718464-1.2.1.1-V_yD42oCLflKIuTqqlQSPrjwISDo7yBzI4uev084YJpaJS6gBhI5_dH1daz61URaB1sgsO5.1fQHh.Y7UCHDjWp8bCo4.TIhapVYd.aU9khiP.oF01qx5T_7pSGTfZ39lnbksfbOtpquebwAxkSKvXcUZx1fuSoO4LtbiN7djkYvIEVKKlPBcVyo7LHeWpT8pb7LjTtM4zsPAIbD3Sf.Vf0Br1AL.O46XenSMus0bM9j_4fmEEo7P_UTkrpEvmzMQHTPT2ySAbY0SoZPmzm2tHQqM_A8ZhxUwKClvxziGMYM7QC0r8DtIkfOKpOvfVVtifSpUQzkBKqMegxkx9.vQ293fZzlyUwUpZR4XSsDVOptwdDoQeGVryG_tjlB0HDX
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 12:01:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Last-Modified: Tue, 15 Apr 2025 12:01:06 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m7i0JngfGHgCjfVFYAHJKZ6AzUBgrPP%2Fhon7vtQDGQ2NFrnKBEcvZEFHZHc8TycQYpUhgudqozh%2BCZd2yal19K%2FZRgjN1wg82FgYVwLNhFsvRxlBIGmG%2FRRfdA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930b49526f5b56a5-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=795&min_rtt=426&rtt_var=346&sent=29&recv=16&lost=0&retrans=0&sent_bytes=28959&recv_bytes=3242&delivery_rate=23654609&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
172.67.142.146
163.181.253.193
122.226.64.113
104.233.192.163
138.199.46.65
0.0.0.0