cms.pqscrmdev.com Open in urlscan Pro
52.59.38.143  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response cms.pqscrmdev.com/	36 KB 37 KB	549ms 237ms	Document text/html	52.59.38.143 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.pqscrmdev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.59.38.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-38-143.eu-central-1.compute.amazonaws.com Software / Resource Hash 368774aa8f7b2f6d4575820890d714c3dcafbacc0935f56ca8efdd282be82a0b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers csrftoken,Content-Type,Content-Length, Authorization, Accept,X-Requested-With,exchange-token,exchange-language,exchange-client access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS access-control-allow-origin * access-control-max-age 86400 content-language zh-CN content-type text/html;charset=UTF-8 date Sun, 10 Dec 2023 12:57:27 GMT
GET H2	200	backstage.css cms.pqscrmdev.com/res/css/	4 KB 4 KB	290ms 289ms	Stylesheet text/css	52.59.38.143 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.pqscrmdev.com/res/css/backstage.css Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.59.38.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-38-143.eu-central-1.compute.amazonaws.com Software / Resource Hash 264100d515b39ff0a94af9e7141464cc690a7857a15e468297ebc5b48e153fc2 Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 12:57:27 GMT last-modified Fri, 08 Dec 2023 10:58:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS content-type text/css access-control-allow-origin * access-control-max-age 86400 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers csrftoken,Content-Type,Content-Length, Authorization, Accept,X-Requested-With,exchange-token,exchange-language,exchange-client content-length 4071
GET H2	200	nc.css g.alicdn.com/sd/ncpc/	13 KB 4 KB	688ms 98ms	Stylesheet text/css	2404:2280:1b2:0:3::b TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://g.alicdn.com/sd/ncpc/nc.css?t=1507600041946 Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2404:2280:1b2:0:3::b , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 048608e8a0f96b8c02d49dc8b96579cb42ccc0027747cccf774fb3c8fc5de3ab Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 12:47:01 GMT content-encoding gzip via cache16.l2us1[82,40,200-0,C], cache15.l2us1[40,0], cache15.l2us1[41,0], ens-cache16.us19[0,0,200-0,H], ens-cache3.us19[2,0] x-oss-request-id 6575B345BC153D459A4BC662 content-md5 W6ueR/1LD7hdBy9TKg9Iaw== age 627 x-swift-cachetime 3600 x-cache HIT TCP_MEM_HIT dirn:12:101270483 x-swift-savetime Sun, 10 Dec 2023 12:47:01 GMT content-length 3099 x-bucket-code 4 x-oss-object-type Normal server Tengine vary Accept-Encoding ali-swift-global-savetime 1702212421 content-type text/css access-control-allow-origin * cache-control max-age=3600,s-maxage=3600 x-oss-storage-class Standard timing-allow-origin * x-oss-hash-crc64ecma 5636844986190581733 eagleid 082d349717022130480468185e x-oss-server-time 1
GET H2	200	nc.js Show response g.alicdn.com/sd/ncpc/	216 KB 56 KB	784ms 194ms	Script application/javascript	2404:2280:1b2:0:3::b TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://g.alicdn.com/sd/ncpc/nc.js?t=1507600041946 Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2404:2280:1b2:0:3::b , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 994aae2408fa3aaca7faec5f32d6b0245012786ee65eec40df3ab54b48992b0a Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 12:35:11 GMT content-encoding gzip via cache24.l2us1[85,85,200-0,M], cache25.l2us1[86,0], cache25.l2us1[86,0], ens-cache15.us19[0,0,200-0,H], ens-cache3.us19[2,0] x-oss-request-id 6575B07FC604057D8640B8D1 content-md5 EZmEYdPXfd6efvcqZeCEKQ== age 1337 x-swift-cachetime 3600 x-cache HIT TCP_MEM_HIT dirn:12:519586662 x-swift-savetime Sun, 10 Dec 2023 12:35:11 GMT content-length 57378 x-bucket-code 4 x-oss-object-type Normal server Tengine vary Accept-Encoding ali-swift-global-savetime 1702211711 content-type application/javascript access-control-allow-origin * cache-control max-age=3600,s-maxage=3600 x-oss-storage-class Standard timing-allow-origin * x-oss-hash-crc64ecma 1561788439659902122 eagleid 082d349717022130480468187e x-oss-server-time 1
GET H2	200	jquery-1.10.2.min.js Show response cms.pqscrmdev.com/res/js/	91 KB 91 KB	154ms 152ms	Script application/javascript	52.59.38.143 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.pqscrmdev.com/res/js/jquery-1.10.2.min.js Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.59.38.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-38-143.eu-central-1.compute.amazonaws.com Software / Resource Hash c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 12:57:27 GMT last-modified Fri, 08 Dec 2023 10:58:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS content-type application/javascript access-control-allow-origin * access-control-max-age 86400 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers csrftoken,Content-Type,Content-Length, Authorization, Accept,X-Requested-With,exchange-token,exchange-language,exchange-client content-length 93064
GET H2	200	gt.js Show response cms.pqscrmdev.com/res/js/	9 KB 9 KB	268ms 267ms	Script application/javascript	52.59.38.143 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.pqscrmdev.com/res/js/gt.js Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.59.38.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-38-143.eu-central-1.compute.amazonaws.com Software / Resource Hash b841851d4ee0505c21b145d7b2f44285d96945189d098399255c5b8c24bf2314 Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 12:57:27 GMT last-modified Fri, 08 Dec 2023 10:58:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS content-type application/javascript access-control-allow-origin * access-control-max-age 86400 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers csrftoken,Content-Type,Content-Length, Authorization, Accept,X-Requested-With,exchange-token,exchange-language,exchange-client content-length 8922
GET H2	200	login.js Show response cms.pqscrmdev.com/res/js/	918 B 1 KB	268ms 267ms	Script application/javascript	52.59.38.143 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.pqscrmdev.com/res/js/login.js Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.59.38.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-38-143.eu-central-1.compute.amazonaws.com Software / Resource Hash 9a7c25c6616bd0914a795cbf272c19e5368096099beafacfca210ee881f89773 Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 12:57:27 GMT last-modified Fri, 08 Dec 2023 10:58:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS content-type application/javascript access-control-allow-origin * access-control-max-age 86400 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers csrftoken,Content-Type,Content-Length, Authorization, Accept,X-Requested-With,exchange-token,exchange-language,exchange-client content-length 918
GET H2	200	cookie.js Show response cms.pqscrmdev.com/res/js/	1 KB 2 KB	154ms 153ms	Script application/javascript	52.59.38.143 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.pqscrmdev.com/res/js/cookie.js Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.59.38.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-38-143.eu-central-1.compute.amazonaws.com Software / Resource Hash f7fb14839c0c69a278dc9386ed12797c93f4371980c17e2f58f09c516d7a424b Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 12:57:27 GMT last-modified Fri, 08 Dec 2023 10:58:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS content-type application/javascript access-control-allow-origin * access-control-max-age 86400 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers csrftoken,Content-Type,Content-Length, Authorization, Accept,X-Requested-With,exchange-token,exchange-language,exchange-client content-length 1524
GET H2	200	public.js Show response cms.pqscrmdev.com/res/js/	214 B 643 B	155ms 154ms	Script application/javascript	52.59.38.143 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.pqscrmdev.com/res/js/public.js?version=201801291648 Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.59.38.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-38-143.eu-central-1.compute.amazonaws.com Software / Resource Hash d668c4526d98b0eccfb087f36e66ade84f25012297d420092c7a880ddeb92101 Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 12:57:27 GMT last-modified Fri, 08 Dec 2023 10:58:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS content-type application/javascript access-control-allow-origin * access-control-max-age 86400 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers csrftoken,Content-Type,Content-Length, Authorization, Accept,X-Requested-With,exchange-token,exchange-language,exchange-client content-length 214
GET H2	200	jwfp.js Show response cms.pqscrmdev.com/res/js/	62 KB 62 KB	268ms 267ms	Script application/javascript	52.59.38.143 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.pqscrmdev.com/res/js/jwfp.js Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.59.38.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-38-143.eu-central-1.compute.amazonaws.com Software / Resource Hash cce2fbbae9b262fbb0a357c4710e0113d32a209330ba80fb354b06aea0d11b95 Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 12:57:27 GMT last-modified Fri, 08 Dec 2023 10:58:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS content-type application/javascript access-control-allow-origin * access-control-max-age 86400 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers csrftoken,Content-Type,Content-Length, Authorization, Accept,X-Requested-With,exchange-token,exchange-language,exchange-client content-length 63333
GET H2	200	layer.js Show response cms.pqscrmdev.com/res/h_ui_admin/lib/layer/2.4/	19 KB 20 KB	267ms 266ms	Script application/javascript	52.59.38.143 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.pqscrmdev.com/res/h_ui_admin/lib/layer/2.4/layer.js Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.59.38.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-38-143.eu-central-1.compute.amazonaws.com Software / Resource Hash 01c1dac4350f12ee1499491a4f59008e04f17e414c2e15a16690f3b3fe0b1f55 Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 12:57:27 GMT last-modified Fri, 08 Dec 2023 10:58:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS content-type application/javascript access-control-allow-origin * access-control-max-age 86400 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers csrftoken,Content-Type,Content-Length, Authorization, Accept,X-Requested-With,exchange-token,exchange-language,exchange-client content-length 19843
GET DATA	200 OK	truncated /	34 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	backstage-bg.jpg cms.pqscrmdev.com/res/images/	51 KB 51 KB	140ms 138ms	Image image/jpeg	52.59.38.143 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.pqscrmdev.com/res/images/backstage-bg.jpg Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/res/css/backstage.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.59.38.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-38-143.eu-central-1.compute.amazonaws.com Software / Resource Hash 2f6a95f5926d2f50352ac56afeec409dce647807415613d1ec84bef9e70de1a0 Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/res/css/backstage.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 12:57:28 GMT last-modified Fri, 08 Dec 2023 10:58:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS content-type image/jpeg access-control-allow-origin * access-control-max-age 86400 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers csrftoken,Content-Type,Content-Length, Authorization, Accept,X-Requested-With,exchange-token,exchange-language,exchange-client content-length 51993
GET H2	200	backstage-login-bg.jpg cms.pqscrmdev.com/res/images/	23 KB 24 KB	137ms 136ms	Image image/jpeg	52.59.38.143 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.pqscrmdev.com/res/images/backstage-login-bg.jpg Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/res/css/backstage.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.59.38.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-38-143.eu-central-1.compute.amazonaws.com Software / Resource Hash 198956fc4dfbc15c40bbf16b2a87582ae272edf2cb776c79726359a8d83a9c87 Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/res/css/backstage.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 12:57:28 GMT last-modified Fri, 08 Dec 2023 10:58:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS content-type image/jpeg access-control-allow-origin * access-control-max-age 86400 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers csrftoken,Content-Type,Content-Length, Authorization, Accept,X-Requested-With,exchange-token,exchange-language,exchange-client content-length 24035
GET H2	200	t1.jpg cms.pqscrmdev.com/res/images/	1 KB 2 KB	138ms 137ms	Image image/jpeg	52.59.38.143 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.pqscrmdev.com/res/images/t1.jpg Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/res/css/backstage.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.59.38.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-38-143.eu-central-1.compute.amazonaws.com Software / Resource Hash c48789c24e0ae288b574acb83abdd1ccee8aa3694b49b83b466b8e1605cb2fa1 Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/res/css/backstage.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 12:57:28 GMT last-modified Fri, 08 Dec 2023 10:58:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS content-type image/jpeg access-control-allow-origin * access-control-max-age 86400 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers csrftoken,Content-Type,Content-Length, Authorization, Accept,X-Requested-With,exchange-token,exchange-language,exchange-client content-length 1446
GET H2	200	t2.jpg cms.pqscrmdev.com/res/images/	1 KB 2 KB	136ms 135ms	Image image/jpeg	52.59.38.143 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.pqscrmdev.com/res/images/t2.jpg Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/res/css/backstage.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.59.38.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-38-143.eu-central-1.compute.amazonaws.com Software / Resource Hash 05b652bdeb0ab76dceec30c1d40dd96fe6f94301e622eec57aa5478402e40b3f Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/res/css/backstage.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 12:57:28 GMT last-modified Fri, 08 Dec 2023 10:58:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS content-type image/jpeg access-control-allow-origin * access-control-max-age 86400 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers csrftoken,Content-Type,Content-Length, Authorization, Accept,X-Requested-With,exchange-token,exchange-language,exchange-client content-length 1464
GET H2	200	layer.css cms.pqscrmdev.com/res/h_ui_admin/lib/layer/2.4/skin/	14 KB 14 KB	140ms 139ms	Stylesheet text/css	52.59.38.143 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.pqscrmdev.com/res/h_ui_admin/lib/layer/2.4/skin/layer.css Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/res/h_ui_admin/lib/layer/2.4/layer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.59.38.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-38-143.eu-central-1.compute.amazonaws.com Software / Resource Hash 3206c692389a394b7fdbfad7a5dd87d1f23e216fec16cbaa9495a25ffe2a3a52 Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 12:57:28 GMT last-modified Fri, 08 Dec 2023 10:58:59 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS content-type text/css access-control-allow-origin * access-control-max-age 86400 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers csrftoken,Content-Type,Content-Length, Authorization, Accept,X-Requested-With,exchange-token,exchange-language,exchange-client content-length 14042
POST H2	200	tartCaptcha.html Show response cms.pqscrmdev.com/	112 B 465 B	452ms 452ms	XHR text/html	52.59.38.143 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cms.pqscrmdev.com/tartCaptcha.html?t=1702213048293 Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/res/js/jquery-1.10.2.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.59.38.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-38-143.eu-central-1.compute.amazonaws.com Software / Resource Hash 15578e4a12f2570c326bb24aad66d3d87e094555c65c825e2131770a2e8478c6 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://cms.pqscrmdev.com/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 CSRFToken null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma No-cache date Sun, 10 Dec 2023 12:57:28 GMT access-control-max-age 86400 access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS content-type text/html;charset=UTF-8 access-control-allow-origin * cache-control no-cache access-control-allow-credentials true access-control-allow-headers csrftoken,Content-Type,Content-Length, Authorization, Accept,X-Requested-With,exchange-token,exchange-language,exchange-client content-length 112 expires 0
GET H/1.1	200 OK	initialize.jsonp Show response cf.aliyun.com/nocaptcha/	94 B 276 B	1653ms 251ms	Script text/javascript	59.82.133.163 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://cf.aliyun.com/nocaptcha/initialize.jsonp?a=undefined&t=%3A1702213048296%3A0.5338315281267623&scene=nc_login&lang=cn&v=v1.2.21&href=https%3A%2F%2Fcms.pqscrmdev.com%2F&comm={}&callback=initializeJsonp_09803532876629386 Requested by Host: g.alicdn.com URL: https://g.alicdn.com/sd/ncpc/nc.js?t=1507600041946 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 59.82.133.163 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Tengine / Resource Hash c1a67c42fe71ce6dc19e5b44af4a4a47ac891d0ac7eef92b200705a30910b947 Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type text/javascript;charset=UTF-8 Date Sun, 10 Dec 2023 12:57:29 GMT Server Tengine Connection close Content-Length 94 Content-Language zh-CN
GET H2	200	fsp.1.1 gm.mmstat.com/	43 B 293 B	2282ms 232ms	Image image/gif	2401:b180:7003::2e ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Show image Full URL https://gm.mmstat.com/fsp.1.1?code=13&msg=init%20monitor%3B&pid=sufeiPunish&page=https%3A%2F%2Fcms.pqscrmdev.com%2F&query=&hash=&referrer=&title=%E4%BA%A4%E6%98%93%E6%89%80%E5%90%8E%E5%8F%B0%E7%AE%A1%E7%90%86%E7%B3%BB%E7%BB%9F%E7%99%BB%E5%BD%95&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&c1=%3A1702213048296%3A0.5338315281267623&c2=undefined Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2401:b180:7003::2e , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sun, 10 Dec 2023 12:57:30 GMT server nginx p3p CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	gettype.php Show response api.geetest.com/	465 B 766 B	552ms 311ms	Script text/javascript	43.159.107.100 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://api.geetest.com/gettype.php?gt=22b57af8f67c78af7661525fdb617d47&callback=geetest_1702213054463 Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/res/js/gt.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.159.107.100 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software openresty / Resource Hash 7600e17257af9ccd8e33a26286cc8a3e35f298d261d3d1c343b91e1ecb3e6518 Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sun, 10 Dec 2023 12:57:29 GMT server openresty eo-cache-status MISS etag "ec35e7fd0a52334cfb9d5f43281eb1a6accb57b0" content-type text/javascript;charset=UTF-8 cache-control must-revalidate, no-cache, no-store eo-log-uuid 10975399849060433269 content-length 465 expires 0
GET H2	200	fullpage.9.1.9-r8k4eq.js Show response static.geetest.com/static/js/	300 KB 83 KB	229ms 39ms	Script application/javascript	2600:9000:20ed:3200:1:fa24:cf00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.geetest.com/static/js/fullpage.9.1.9-r8k4eq.js Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/res/js/gt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ed:3200:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AliyunOSS / Resource Hash 6fed8c675558304245621695feb3d23ae0e7ad4693777e738c11c90ac4bc231b Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 06 Dec 2023 15:05:57 GMT content-encoding gzip via 1.1 677c6e9af68514f698151642c19f6c8e.cloudfront.net (CloudFront) x-oss-request-id 65708DD576F8EB373725D4CF content-md5 PWbbqFinQnOBGZtLqvoFUw== x-amz-cf-pop PHL50-C1 age 337892 x-cache Hit from cloudfront x-oss-object-type Normal last-modified Wed, 06 Dec 2023 15:05:53 GMT server AliyunOSS vary Accept-Encoding, Origin content-type application/javascript x-oss-storage-class Standard x-oss-hash-crc64ecma 13731706247548626129 x-amz-cf-id yQCwTu8KDrxrDt_PVZTTFm1PzQV-pslmTvHjbZM2DxMKffEDLKI0Vg== x-oss-server-time 1
GET H2	200	get.php Show response api.geetest.com/	1 KB 1 KB	302ms 301ms	Script text/javascript	43.159.107.100 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://api.geetest.com/get.php?gt=22b57af8f67c78af7661525fdb617d47&challenge=7158490f612e2464eef97da006eb00f0&lang=zh-cn&pt=0&client_type=web&w=85TjRhvFiyYoe77oThAzaTg7xwaylTnb3yCKOdWHlJRJXrdA)s29(iUG)znlDaorU)02SJzbASBc(rn958Os7cnaDsPj)FzDxtYqUPvYJM)OatkN00oevTbWZ6U1tc(qTzN4CNOe0JgQzyeGy(yah8VAyO)6xT0qw8Of6zQlHpgPLv37oZ5sWXditclecegY875VezNCaLY3rVyb)rAuaK8oi2COkQET78AXoYxFAyyW1kk2xjcp2(WuHEyT0w9TPMb)AxqHFjU13DLb2zKX1m4zMRbyL8sqI4XHq(PdsLwr6YapHqY0CsXpmUiFVkQ7aZ5Zk0CdA5usVjQmZeDrykrV(yzHUnPW8hOEeQ2)CLav8tiNtn81Iw0QLnoBP3ioc5LMh(SZuaorvMCv3SvKbPmeLhUtKzmxpT(qZarhAmJlOrZ8rnsC1asRzJPtp46jTzwL2QRJgVPUb6Q5xcYxisJjhOIdm9jaaSf5USXepuhP0Sq0mELLakOqwVe0X7atgkFcZdkwkp5ufXoCiGPIxpEfqtXHTzNCfLlDSxZY7aUTd23ZrmWDAwP0R4OOgB8Q(3jqGRySQlJCVdEkUrax50wdlRSw2(iDGNEFMbsFlMbosychoShTbYXzMwfRQ(CBHgaNgq9N3(Q5KpDeZd4btTvGPB)5WkIcc2YRtkTJQtnD8IJYIdS2SkPIg8sMMCaFPoNEtbef9ft(mCOTS15u36wK5Y5TOV6igaMFRuwtcfMU)DnzDw8H8htvSWv1uVcx536fxj1rAWNSW5S1IocLCoFUcm6cwP3Xp5kgOIPdPIU0B9oEPHWhlcODZHOLdjBaTP(XFu2n05CVB(SBWMfl22AUtO7dDek0N4(PC)iYr8EoEkNnqB2uifhe6nF5D)cm5Pdj28W3gBlNFTqDfXjICEGL4fm6D7HlSwZ90S3E7f6RA5WQu3yOn(8Zl8n(QhncFzvPQXgOsvkYlX4gsN5gXUibxJU5zU6o)yvi0UbdIyjP71u10AkDybGpaWnnFyz)bGofI2YHZLzt7n0PJirvtPAPpujuKGpZ9x1m(bNdNzsicf4Ic9WhAgDPP74PCBzXYLQDQn541gF0qlBu17H5A1tRxJJthOEA(Zvs9epC5MbooBdHep8zBTTcgMBZsY4l6vqlVBLrM4byCELNawqb3w..b81375baa879790876063971b9e8764173118164c07046f8c9b9b20267c3ee003a70de04abcbcf67c1cf060be097f17a76c6e0b6a0c95e774f89c02b527f5a2b2d5530f9da094c3a9d638506ae060ac40334c58ba214d5423b37f871e43b4edbe9eb884fc340ad69dcb64a822c70dfd0de681e2611b0a118057cef8847088860&callback=geetest_1702213058622 Requested by Host: static.geetest.com URL: https://static.geetest.com/static/js/fullpage.9.1.9-r8k4eq.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.159.107.100 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software openresty / Resource Hash 08874edca58d05099c14ad51372f0306e7654b5055ae6f81c80a1037e54f73cd Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sun, 10 Dec 2023 12:57:29 GMT server openresty eo-cache-status MISS etag "ada896275ae38b51bc25fde58fe3600da9331566" content-type text/javascript;charset=UTF-8 cache-control must-revalidate, no-cache, no-store eo-log-uuid 11208047460261307077 content-length 1271 expires 0
GET H2	200	style_https.1.5.8.css static.geetest.com/static/wind/	40 KB 5 KB	36ms 35ms	Stylesheet text/css	2600:9000:20ed:3200:1:fa24:cf00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.geetest.com/static/wind/style_https.1.5.8.css Requested by Host: static.geetest.com URL: https://static.geetest.com/static/js/fullpage.9.1.9-r8k4eq.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ed:3200:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 07:33:16 GMT content-encoding gzip via 1.1 677c6e9af68514f698151642c19f6c8e.cloudfront.net (CloudFront) last-modified Mon, 07 Mar 2022 03:04:56 GMT server AmazonS3 x-amz-cf-pop PHL50-C1 age 19454 etag W/"3fb6aacfd5ae2d3894f2f00b0d5f3236" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/css x-amz-cf-id HModOvcuuN0hlZTresx3-P0FIdia3numAZOyXXL6v0oom7L4QKKTQQ== x-amz-meta-mtime 1585034197
GET H2	200	sprite.1.5.8.png static.geetest.com/static/wind/	3 KB 4 KB	37ms 36ms	Image image/png	2600:9000:20ed:3200:1:fa24:cf00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.geetest.com/static/wind/sprite.1.5.8.png Requested by Host: static.geetest.com URL: https://static.geetest.com/static/wind/style_https.1.5.8.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ed:3200:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0e743066373cce49251230c376f985e34018fabb8f30d8c643a3933c0143dd93 Request headers accept-language en-US,en;q=0.9 Referer https://static.geetest.com/static/wind/style_https.1.5.8.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 08:26:34 GMT via 1.1 677c6e9af68514f698151642c19f6c8e.cloudfront.net (CloudFront) last-modified Mon, 07 Mar 2022 03:04:49 GMT server AmazonS3 x-amz-cf-pop PHL50-C1 age 16257 etag "b83c4eaebfa43a5d1c71d8fa4ccc6539" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 3429 x-amz-cf-id 2Pn7A00XMw6q67troQAT_2AMwNM1nJTOVyzCSei8mPNRHMVJ3rhM7A== x-amz-meta-mtime 1585034201
GET H2	200	fsp.1.1 gm.mmstat.com/	43 B 123 B	283ms 232ms	Image image/gif	2401:b180:7003::2e ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Show image Full URL https://gm.mmstat.com/fsp.1.1?code=13&msg=Timeout_null%3B&pid=sufeiPunish&page=https%3A%2F%2Fcms.pqscrmdev.com%2F&query=&hash=&referrer=&title=%E4%BA%A4%E6%98%93%E6%89%80%E5%90%8E%E5%8F%B0%E7%AE%A1%E7%90%86%E7%B3%BB%E7%BB%9F%E7%99%BB%E5%BD%95&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&c1=%3A1702213048296%3A0.5338315281267623&c2=undefined Requested by Host: cms.pqscrmdev.com URL: https://cms.pqscrmdev.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2401:b180:7003::2e , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-US,en;q=0.9 Referer https://cms.pqscrmdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sun, 10 Dec 2023 12:57:30 GMT server nginx p3p CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| _nc_initialized object| UA_Opt object| _sec_module object| outer_nc_list function| noCaptcha function| $ function| jQuery function| initGeetest function| changeLanguage function| verification function| setCookie function| getCookie function| delCookie function| clearCookie function| setCookieAndTime function| getsec object| token function| ajax_method function| jwfp object| layer string| loginStatusAddr string| sysConfValidate function| getSmsCode object| InterValObj boolean| submitFlag function| loginSub function| handler2 string| gtLang function| initGt function| clearUserNameTip function| clearPasswrdTip undefined| lang object| nc undefined| nc_appkey string| nc_scene string| nc_token object| nc_option function| googleAuth function| oninputx object| __nc function| initializeJsonp_09803532876629386 function| yCtOu string| FAIL undefined| pure function| Geetest boolean| waitShow

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cms.pqscrmdev.com/	1970-01-21 02:26:13	Name: servicelanguage Value: zh-CN
			.pqscrmdev.com/	1969-12-31 23:59:59	Name: LOGIN_SESSION_ADMIN Value: YzRiYTg1ZTAtZTRiMy00NDJkLTkyMGEtZDBhYjUyZDVkNjgw
			cms.pqscrmdev.com/	1970-01-21 02:26:13	Name: _uab_collina Value: 170221304825137742490016
			.mmstat.com/	1969-12-31 23:59:59	Name: sca Value: 2aee86a6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.geetest.com
cf.aliyun.com
cms.pqscrmdev.com
g.alicdn.com
gm.mmstat.com
static.geetest.com
2401:b180:7003::2e
2404:2280:1b2:0:3::b
2600:9000:20ed:3200:1:fa24:cf00:93a1
43.159.107.100
52.59.38.143
59.82.133.163
01c1dac4350f12ee1499491a4f59008e04f17e414c2e15a16690f3b3fe0b1f55
048608e8a0f96b8c02d49dc8b96579cb42ccc0027747cccf774fb3c8fc5de3ab
05b652bdeb0ab76dceec30c1d40dd96fe6f94301e622eec57aa5478402e40b3f
08874edca58d05099c14ad51372f0306e7654b5055ae6f81c80a1037e54f73cd
0e743066373cce49251230c376f985e34018fabb8f30d8c643a3933c0143dd93
15578e4a12f2570c326bb24aad66d3d87e094555c65c825e2131770a2e8478c6
198956fc4dfbc15c40bbf16b2a87582ae272edf2cb776c79726359a8d83a9c87
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
264100d515b39ff0a94af9e7141464cc690a7857a15e468297ebc5b48e153fc2
2f6a95f5926d2f50352ac56afeec409dce647807415613d1ec84bef9e70de1a0
3206c692389a394b7fdbfad7a5dd87d1f23e216fec16cbaa9495a25ffe2a3a52
368774aa8f7b2f6d4575820890d714c3dcafbacc0935f56ca8efdd282be82a0b
6fed8c675558304245621695feb3d23ae0e7ad4693777e738c11c90ac4bc231b
7600e17257af9ccd8e33a26286cc8a3e35f298d261d3d1c343b91e1ecb3e6518
8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e
994aae2408fa3aaca7faec5f32d6b0245012786ee65eec40df3ab54b48992b0a
9a7c25c6616bd0914a795cbf272c19e5368096099beafacfca210ee881f89773
b841851d4ee0505c21b145d7b2f44285d96945189d098399255c5b8c24bf2314
c1a67c42fe71ce6dc19e5b44af4a4a47ac891d0ac7eef92b200705a30910b947
c48789c24e0ae288b574acb83abdd1ccee8aa3694b49b83b466b8e1605cb2fa1
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
cce2fbbae9b262fbb0a357c4710e0113d32a209330ba80fb354b06aea0d11b95
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d668c4526d98b0eccfb087f36e66ade84f25012297d420092c7a880ddeb92101
f7fb14839c0c69a278dc9386ed12797c93f4371980c17e2f58f09c516d7a424b