URL: https://qtwpxglobo.cc/
Submission: On December 03 via api from JP — Scanned from JP

Summary

This website contacted 10 IPs in 1 countries across 5 domains to perform 43 HTTP transactions. The main IP is 172.67.199.217, located in United States and belongs to CLOUDFLARENET, US. The main domain is qtwpxglobo.cc.
TLS certificate: Issued by WE1 on October 8th 2024. Valid for: 3 months.
This is the only time qtwpxglobo.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
18 salesmartly.com
assets.salesmartly.com — Cisco Umbrella Rank: 93311
client.salesmartly.com — Cisco Umbrella Rank: 146476
api.salesmartly.com — Cisco Umbrella Rank: 97472
srz.salesmartly.com — Cisco Umbrella Rank: 104167
msg.salesmartly.com — Cisco Umbrella Rank: 88381
329 KB
12 amazonaws.com
s3.us-east-1.amazonaws.com
s3.amazonaws.com
515 KB
8 qtwpxglobo.cc
qtwpxglobo.cc
1 MB
4 qtw-aiera.cc
qtw-aiera.cc
9 KB
0 Failed
function sub() { [native code] }. Failed
43 5
Domain Requested by
11 s3.us-east-1.amazonaws.com
10 assets.salesmartly.com qtwpxglobo.cc
assets.salesmartly.com
8 qtwpxglobo.cc qtwpxglobo.cc
4 qtw-aiera.cc qtwpxglobo.cc
3 msg.salesmartly.com assets.salesmartly.com
3 api.salesmartly.com assets.salesmartly.com
1 s3.amazonaws.com
1 srz.salesmartly.com assets.salesmartly.com
1 client.salesmartly.com
0 open_url Failed qtwpxglobo.cc
43 10

This site contains no links.

Subject Issuer Validity Valid
qtwpxglobo.cc
WE1
2024-10-08 -
2025-01-06
3 months crt.sh
*.salesmartly.com
Amazon RSA 2048 M02
2024-05-21 -
2025-06-19
a year crt.sh
qtw-aiera.cc
WE1
2024-12-02 -
2025-03-02
3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01
2024-09-18 -
2025-09-16
a year crt.sh

This page contains 2 frames:

Frame: trust://open_url?coin_id=60&url=https://qtwpxglobo.cc
Frame ID: 232546343070080BBBDDB404E05AFB07
Requests: 44 HTTP requests in this frame

Frame: https://assets.salesmartly.com/chat/widget/code/css/chunk-common.fcd1043f.css
Frame ID: B31B9967B3680A48A9251761EBCA9515
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

QTW-AI

Page Statistics

43
Requests

98 %
HTTPS

56 %
IPv6

5
Domains

10
Subdomains

10
IPs

1
Countries

2260 kB
Transfer

6017 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
qtwpxglobo.cc/
1 KB
2 KB
Document
General
Full URL
https://qtwpxglobo.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab4adf9efde97e7daf9d4779893fc23bb7f81680b78e3d616166ccd57db1ceb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
533
alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
8ec0c50118823c0f-NRT
content-encoding
zstd
content-type
text/html
date
Tue, 03 Dec 2024 04:21:22 GMT
last-modified
Tue, 22 Oct 2024 13:37:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dqTbHlXsjJVJeOnEXORiR82OImUjcbOzjTfA2%2Bod6UigWG9lMLzdTAAIoV4DOyf6kjtftr0ezv5lyH5W8NrNJclB6HuQoMFIZ016LoB8kD7SidPwBZfqoa1RdJImHnEf"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=1458&min_rtt=1293&rtt_var=344&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4220&recv_bytes=5733&delivery_rate=1049&cwnd=12000&unsent_bytes=0&cid=27b6a6efdcfac05b&ts=42&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding
via
1.1 9095214c63a79378c44a32c3efc102da.cloudfront.net (CloudFront)
x-amz-cf-id
sA1OycSOjEDbFk9xy3ClkkSsQxJJ5dCzvn1Pa9VkiJkVudD3TEyXuQ==
x-amz-cf-pop
NRT57-C3
x-cache
Hit from cloudfront
index.91c43db3.js
qtwpxglobo.cc/assets/
4 MB
1 MB
Script
General
Full URL
https://qtwpxglobo.cc/assets/index.91c43db3.js
Requested by
Host: qtwpxglobo.cc
URL: https://qtwpxglobo.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef809fdf50ae5f0880643bf9491c69caca9dd0b588656a9bbf18c24ab0cdca6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://qtwpxglobo.cc
Referer
https://qtwpxglobo.cc/

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"f5cea54a5bfb37ab91eb83abced34dea"
age
529
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U7p4qPxVx88SKwnD96TxdsR5bugb0CW4zT3RBi6HhlDYjTTCZs88lcNL1WMa0NHQwYv1amw7RFCZ0I%2BcDJRzwtusPq9PgYEXzxrIKD34Iv3kmTwVM3YQtJHH%2F8dJLAQw"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
FOOPRBlMv89HT0bGWgkJ62iYu8A6Yi6KGmYq2pzLhnQZPVXohRIwPQ==
date
Tue, 03 Dec 2024 04:21:22 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 13:37:31 GMT
vary
Accept-Encoding
server-timing
cfL4;desc="?proto=QUIC&rtt=1456&min_rtt=1293&rtt_var=262&sent=16&recv=14&lost=0&retrans=0&sent_bytes=5871&recv_bytes=6399&delivery_rate=1128088&cwnd=12000&unsent_bytes=0&cid=27b6a6efdcfac05b&ts=62&x=1", cfHdrFlush;dur=0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 b9518f1c66e5db9d9b8ed8a12f0cce3c.cloudfront.net (CloudFront)
cf-ray
8ec0c50168b43c0f-NRT
access-control-allow-origin
*
x-amz-cf-pop
NRT57-C3
server
cloudflare
index.5f1b2117.css
qtwpxglobo.cc/assets/
429 KB
55 KB
Stylesheet
General
Full URL
https://qtwpxglobo.cc/assets/index.5f1b2117.css
Requested by
Host: qtwpxglobo.cc
URL: https://qtwpxglobo.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
154b41746c140df85de844eb0d63f11b6bda8846895f65e9fa61672023f2fde3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"73bb99353fc9b77f71916ddcaf662167"
age
529
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jh7zyntKl2vHKtSR6SRYRbShsXeYuwR8xf7UCuVL6aeImv%2BjlXVaFbv3nDr3JrtfxbXf79L5gVIEuyAHa%2BU0yZGTd3cEbkk9wwn5%2Ff1GL82c2syb0qtWXLfvRPnpLnMb"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
VxDaySF_JjqERRHQBrAZr10dMrhk8ByPk1eT1r-nVIJF6cBoIPGapA==
date
Tue, 03 Dec 2024 04:21:22 GMT
content-type
text/css
last-modified
Tue, 22 Oct 2024 13:37:31 GMT
vary
Accept-Encoding
server-timing
cfL4;desc="?proto=QUIC&rtt=1456&min_rtt=1293&rtt_var=262&sent=26&recv=14&lost=0&retrans=0&sent_bytes=17871&recv_bytes=6399&delivery_rate=1128088&cwnd=12000&unsent_bytes=0&cid=27b6a6efdcfac05b&ts=63&x=1", cfHdrFlush;dur=1
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 5423423d57b2c3f0d27d9f0b9703082c.cloudfront.net (CloudFront)
cf-ray
8ec0c50168b53c0f-NRT
x-amz-cf-pop
NRT57-C3
server
cloudflare
project_101115_105298_1722936509.js
assets.salesmartly.com/js/
670 B
1 KB
Script
General
Full URL
https://assets.salesmartly.com/js/project_101115_105298_1722936509.js
Requested by
Host: qtwpxglobo.cc
URL: https://qtwpxglobo.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26ef:bc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
349ee7464fa4a8bf16ee8654ee93a3b284e0b2d2d1c76096701721d821bc0639

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

content-md5
aTyw9SRLxu9GdHYZAI7f6g==
x-oss-storage-class
Standard
etag
"693CB0F5244BC6EF46747619008EDFEA"
age
339907
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
_D5lGk-Xqj1JlcJIM0YkIWVbKcmno3edypgjyyD0DMNamnrlH6QmnA==
date
Fri, 29 Nov 2024 05:56:16 GMT
x-oss-server-time
4
content-type
application/javascript
last-modified
Tue, 06 Aug 2024 09:28:29 GMT
vary
Origin, Origin
x-oss-hash-crc64ecma
12785256226831495582
via
1.1 02d5931b58a5eb59ec4d7098a819a770.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
670
x-oss-request-id
6749578058A49D3732D7A903
x-amz-cf-pop
NRT12-P4
server
AliyunOSS
install.js
assets.salesmartly.com/chat/widget/code/
19 KB
7 KB
Script
General
Full URL
https://assets.salesmartly.com/chat/widget/code/install.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/js/project_101115_105298_1722936509.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26ef:bc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
756da07a72fe967adcd43146ccd5cccaf492009bd661a851fae2a9a2ec9e28b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

content-md5
45ymKDbFTeRJ6IbosPQ8vA==
x-oss-storage-class
Standard
content-encoding
gzip
age
340179
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
O8JjzxVhpBBpqlYAQ9bsehNum1SV_wRdG9Xm2SVc8zvxRocnY2R3IQ==
date
Fri, 29 Nov 2024 05:51:44 GMT
x-oss-server-time
7
content-type
application/javascript
last-modified
Fri, 29 Nov 2024 05:50:40 GMT
vary
Accept-Encoding,Origin, Origin
cache-control
public, max-age=600
x-oss-hash-crc64ecma
13943059135549695045
via
1.1 02d5931b58a5eb59ec4d7098a819a770.cloudfront.net (CloudFront)
x-oss-request-id
67495670058B0F3834E639D9
x-amz-cf-pop
NRT12-P4
server
AliyunOSS
charting_library.min.js
qtwpxglobo.cc/chart_library/
10 KB
4 KB
Script
General
Full URL
https://qtwpxglobo.cc/chart_library/charting_library.min.js
Requested by
Host: qtwpxglobo.cc
URL: https://qtwpxglobo.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3741d0f4d49a852267cdf80bc0bed8b9818a6c14d5fa5e47551228b48bc82cab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"fc3de83c4b5ab8346faac3aac9a1d278"
age
528
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4GyGKhR4v7dMevCa4%2Fe8Kacw3THepoy1izKRfSTJvobEecJ1a7DZCVpFRY2YannInjh9PFwEN1IMVjfK8NE6l%2F3%2FbZHI6qwz%2Fxb91d%2Bqi1uy3hWbciNB1TDrjsT0HQOA"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
i0m9l7vrWNsM74bjuerQgjjdnQBD-ADVZkdEa3jXtE1JfBS3IxZSRg==
date
Tue, 03 Dec 2024 04:21:23 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 13:37:32 GMT
vary
Accept-Encoding
server-timing
cfL4;desc="?proto=QUIC&rtt=2048&min_rtt=1255&rtt_var=263&sent=1309&recv=180&lost=102&retrans=102&sent_bytes=1552530&recv_bytes=14289&delivery_rate=27800275&cwnd=295176&unsent_bytes=0&cid=27b6a6efdcfac05b&ts=356&x=1", cfHdrFlush;dur=0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 6dd1fb730ba34e9c2dcda211a88fd854.cloudfront.net (CloudFront)
cf-ray
8ec0c5033a453c0f-NRT
x-amz-cf-pop
NRT57-C3
server
cloudflare
trust://open_url?coin_id=60&url=https://qtwpxglobo.cc
trust://open_url?coin_id=60&url=https://qtwpxglobo.cc
0
0

totalAssets.708ec90b.png
qtwpxglobo.cc/assets/
20 KB
20 KB
Image
General
Full URL
https://qtwpxglobo.cc/assets/totalAssets.708ec90b.png
Requested by
Host: qtwpxglobo.cc
URL: https://qtwpxglobo.cc/assets/index.5f1b2117.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708ec90baa7ddc9bd59d169a6e657767232bcbe3e6d98c86e7be2121c6502fbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/assets/index.5f1b2117.css

Response headers

cf-cache-status
HIT
etag
"b24b1c8eedda9cc6d0b80c6ecf215229"
age
527
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mmRK1opnO26nl9Bh7fiCpXzbR1DY3cyta7QRsB3x2ekUyn0Pr9D29VO3UuewgqIB9WFZgJGBBGr1NuFs5sTrbeuK375jSXEhoLa%2Frb3P1fov%2FCFB2ypMAcCq5%2BeiKOyA"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
GKFKAEhJeHKD4WerWu4Xf5OiCDernRTKpVYOUOtnwlv3Hx9YEqUaAQ==
date
Tue, 03 Dec 2024 04:21:23 GMT
content-type
image/png
last-modified
Tue, 22 Oct 2024 13:37:32 GMT
vary
Accept-Encoding
server-timing
cfL4;desc="?proto=QUIC&rtt=1983&min_rtt=1255&rtt_var=328&sent=1314&recv=182&lost=102&retrans=102&sent_bytes=1556450&recv_bytes=14698&delivery_rate=245537&cwnd=295176&unsent_bytes=0&cid=27b6a6efdcfac05b&ts=981&x=1", cfHdrFlush;dur=0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 9095214c63a79378c44a32c3efc102da.cloudfront.net (CloudFront)
cf-ray
8ec0c5071d783c0f-NRT
accept-ranges
bytes
content-length
20027
x-amz-cf-pop
NRT57-C3
server
cloudflare
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
784db8efadb9b8d033d5e858be4a70a75df89183f05594ee48380aafd3cadbc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c59adeb93a40b5b8958221c7bb4bffe448f1d4be9a99682953deea6b2862d948

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
076d58e64bbb45b78a2177084c56a2016c9b0ad0b7121a341b37439248c1bcaf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
724 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
959eeb5feb9aa5e5207f68c2796548f7eab7c77eb4fcddcdd2765da6fbb69252

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a2dbf3dc07c827e320eaf918be0ff840129183ffe08d7958070aaa451db7e9d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab99b5670281f6ccb160142ee4bed36af2a03766a641a222278eeb2a9e91b884

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a3853210e9fa47c44f0c12becaa6f52cf52d05ddedad608be921017146d2bd9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
hb.3d2acc04.png
qtwpxglobo.cc/assets/
4 KB
5 KB
Image
General
Full URL
https://qtwpxglobo.cc/assets/hb.3d2acc04.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2acc04a1c4035482a48f50a83a9609bd616c8cb88d59fb947a2800e76ef627

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

cf-cache-status
HIT
etag
"81a9134878c6653069f7e2b2d54ec237"
age
527
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M3YgqlrYf9JQx8OJDAFA0ec1d7Z7F%2FYf%2FUUHxwAWhyge%2FuKxcxkJJ0pvnO9uWqX%2BLox64lw41czmsvc0%2Fu%2BjCnRlXz4EDT5gNuceL0RkNdxLF3EXMeNNaRCAxmNUvjcM"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
BpY3XebMjM_lPyTQ-MnwRAcprjgbye3hqC06cQzyxVJ3ZdzGVOPcVw==
date
Tue, 03 Dec 2024 04:21:23 GMT
content-type
image/png
last-modified
Tue, 22 Oct 2024 13:37:31 GMT
vary
Accept-Encoding
server-timing
cfL4;desc="?proto=QUIC&rtt=1880&min_rtt=1255&rtt_var=380&sent=1333&recv=187&lost=102&retrans=102&sent_bytes=1577748&recv_bytes=15814&delivery_rate=1757201&cwnd=295176&unsent_bytes=0&cid=27b6a6efdcfac05b&ts=991&x=1", cfHdrFlush;dur=0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 20bf43ba8d13fe047ac101502f40ea74.cloudfront.net (CloudFront)
cf-ray
8ec0c5072d883c0f-NRT
accept-ranges
bytes
content-length
4378
x-amz-cf-pop
NRT57-C3
server
cloudflare
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a2e3d14616d132c0dbbca2727f5703fd202e2e13cec268b307f11ded3d9b3eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
c2c.5d3733c5.png
qtwpxglobo.cc/assets/
4 KB
5 KB
Image
General
Full URL
https://qtwpxglobo.cc/assets/c2c.5d3733c5.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d3733c598586a955c6352fb8561d4c93821acc3a7ef9a20620dca043bd9a9d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

cf-cache-status
HIT
etag
"7f6358067f3dc9a0ecda46ef105852bd"
age
526
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VK4XRLaVFOuEjjiIbfnOfRoryMT%2FEyQihIUgxvBMzLN0wfTIZMmXvLG9AvaGNQGoXE8sI3A9KcjtWCPTPMmeV9QbCQAq08V6yXuCn5cwzz%2FmDJMkjJvYW9bV%2FRkSRhsq"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
ldGPocj1hBI3G58pRRHE-N65d_o6kV-JnOnX76THXhKca2P02hAN3w==
date
Tue, 03 Dec 2024 04:21:23 GMT
content-type
image/png
last-modified
Tue, 22 Oct 2024 13:37:30 GMT
vary
Accept-Encoding
server-timing
cfL4;desc="?proto=QUIC&rtt=1880&min_rtt=1255&rtt_var=380&sent=1347&recv=187&lost=102&retrans=102&sent_bytes=1593470&recv_bytes=15814&delivery_rate=1757201&cwnd=295176&unsent_bytes=0&cid=27b6a6efdcfac05b&ts=992&x=1", cfHdrFlush;dur=0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
cf-ray
8ec0c5072d893c0f-NRT
accept-ranges
bytes
content-length
4115
x-amz-cf-pop
NRT57-C3
server
cloudflare
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
557cff9eaecf8003c4e1b2091d359308c6f9c916a73eb6468c26017af12a9cb9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
getArticleList
qtw-aiera.cc/api/common/ Frame
0
0
Preflight
General
Full URL
https://qtw-aiera.cc/api/common/getArticleList
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://qtwpxglobo.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
token
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ec0c50749c1af25-NRT
content-length
0
date
Tue, 03 Dec 2024 04:21:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QiFdbgK077NXePoqndNr%2Fz8ZGu64d%2BPRNw8IboOJpCocjuAjFVjSqsqscM%2FQybIyNpt1cRj13L2GwpxNe6tMlzQuKYjLw4lZn4w6I5J%2F2vJaDdf0pPCQve0QowJzYwE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=4711&min_rtt=1354&rtt_var=6707&sent=14&recv=14&lost=0&retrans=0&sent_bytes=4275&recv_bytes=6408&delivery_rate=1063&cwnd=12000&unsent_bytes=0&cid=bc674c680848dbbd&ts=646&x=1" cfHdrFlush;dur=0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 95136e59e01a1261afab3ca3802ec1aa.cloudfront.net (CloudFront)
x-amz-cf-id
w2yvADUpZw5tLiJ0UEbZs55x8N2D3PfxmR0RA53JALxAlU-FJCKg0Q==
x-amz-cf-pop
NRT12-P3
x-cache
Miss from cloudfront
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a156c65a77f1f04afde28ecffd4bc40248c5bac3aaef7c60236b794fe0a0b3fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
noMore.c57a3de7.png
qtwpxglobo.cc/assets/
9 KB
10 KB
Image
General
Full URL
https://qtwpxglobo.cc/assets/noMore.c57a3de7.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c57a3de77be0ea8d8a10fcf89756e129f4aa931a995b6160369cde91f3021bdb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

cf-cache-status
HIT
etag
"7b9f3610a23e28e118a603990b22c931"
age
527
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0fu9dGTJ2wFMR1SpgBJigtol9LlYvALgM7wt3Bs2pcLN5o8iT3Cbhxnqa8ZlcF8728uSsJn5jZUJiH9urRqBz0nttGVSI1GCXc1z%2B2yMuydgIKLpBBZjrZstbgPLt%2FsU"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
h7yiHhYWzJhClV-VAGC-B5uZO6DoBPmmT0hL2IwbzPTDiZL2jhAP9w==
date
Tue, 03 Dec 2024 04:21:23 GMT
content-type
image/png
last-modified
Tue, 22 Oct 2024 13:37:31 GMT
vary
Accept-Encoding
server-timing
cfL4;desc="?proto=QUIC&rtt=1880&min_rtt=1255&rtt_var=380&sent=1338&recv=187&lost=102&retrans=102&sent_bytes=1583057&recv_bytes=15814&delivery_rate=1757201&cwnd=295176&unsent_bytes=0&cid=27b6a6efdcfac05b&ts=992&x=1", cfHdrFlush;dur=0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 6dd1fb730ba34e9c2dcda211a88fd854.cloudfront.net (CloudFront)
cf-ray
8ec0c5072d8b3c0f-NRT
accept-ranges
bytes
content-length
9394
x-amz-cf-pop
NRT57-C3
server
cloudflare
truncated
/
783 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93cd3268b3dc958e7547e0f7b6912e57b4f41e9f7ca488e9a2b19590f9f9ac62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44564e072736a4e930627b3ccf52ff4053096f883606b35e0f5bafb55c5b9524

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
895 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a5ba7063d809f92db9fa547000967f4243a5e82e63eb26fae414e39b7998bcd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
888 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24b93f736adf181d4719bbac46beceadc4ca3fe802d070286f653bed64686958

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
129fea8961e61e9349beb8c50147568db7ae5e4c2657ea3ea4610223f7bf1263

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
getNoticeList
qtw-aiera.cc/api/common/
16 KB
5 KB
XHR
General
Full URL
https://qtw-aiera.cc/api/common/getNoticeList
Requested by
Host: qtwpxglobo.cc
URL: https://qtwpxglobo.cc/assets/index.91c43db3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8972bb3f2b712d05a9976ab8498761cde4b115c0ccbb9da20fac08db650cdf6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://qtwpxglobo.cc/

Response headers

access-control-expose-headers
token
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l8XztaMza9prlHClhcvTcqNwHJ57JKkntSERzA%2BTTkMzbsPN3aoW7N8IJitRyvEwmxad8CJBEthwehH45f%2F5Zhu6uKjkTJH7V0pgD5QL%2BrZwr%2BHbfsHrfOl8gjfnPFA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
y7Y_M3XptKC1DJ_vMpgoUuaSCxTo1Tm8yP0phfzu43rfW2lhPDOycA==
date
Tue, 03 Dec 2024 04:21:24 GMT
content-type
application/json
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server-timing
cfL4;desc="?proto=QUIC&rtt=4297&min_rtt=1354&rtt_var=5857&sent=17&recv=16&lost=0&retrans=0&sent_bytes=5161&recv_bytes=6832&delivery_rate=363786&cwnd=12000&unsent_bytes=0&cid=bc674c680848dbbd&ts=652&x=1", cfHdrFlush;dur=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 95136e59e01a1261afab3ca3802ec1aa.cloudfront.net (CloudFront)
cf-ray
8ec0c50749c0af25-NRT
access-control-allow-origin
*
x-amz-cf-pop
NRT12-P3
server
cloudflare
getArticleList
qtw-aiera.cc/api/common/
8 KB
4 KB
XHR
General
Full URL
https://qtw-aiera.cc/api/common/getArticleList
Requested by
Host: qtwpxglobo.cc
URL: https://qtwpxglobo.cc/assets/index.91c43db3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f45e2fde2c7c8e57cace869e04b0b9df27f3975f537f6d26a7e7629f404c5b7a

Request headers

Referer
https://qtwpxglobo.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-expose-headers
token
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NNHpjGVWs3iOv8msi6Ta1xo4FH4ot43yUFWFULp3lYPqoBlRDeShKXA0xuEyoHJOqiud1hW3x2zbMkC3%2FA3vElkseHy1HJck6JWShMxJ%2BOwyfdYHNWLBO1HQlis%2FhSo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
EdOdGLQK-h2Ug7kLNRunr5_EYJtC7lSVQue6fMG6rzyuBX3ns_5HKA==
date
Tue, 03 Dec 2024 04:21:24 GMT
content-type
application/json
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server-timing
cfL4;desc="?proto=QUIC&rtt=3826&min_rtt=1354&rtt_var=3329&sent=23&recv=19&lost=0&retrans=0&sent_bytes=11362&recv_bytes=6961&delivery_rate=84823&cwnd=12000&unsent_bytes=0&cid=bc674c680848dbbd&ts=948&x=1", cfHdrFlush;dur=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 95136e59e01a1261afab3ca3802ec1aa.cloudfront.net (CloudFront)
cf-ray
8ec0c50b4d09af25-NRT
access-control-allow-origin
*
x-amz-cf-pop
NRT12-P3
server
cloudflare
getBannerList
qtw-aiera.cc/api/common/
684 B
1 KB
XHR
General
Full URL
https://qtw-aiera.cc/api/common/getBannerList
Requested by
Host: qtwpxglobo.cc
URL: https://qtwpxglobo.cc/assets/index.91c43db3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a233903123c44eb6d7a51de2d4ee603822d36d75825aea693920b9e1e05d7a48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://qtwpxglobo.cc/

Response headers

access-control-expose-headers
token
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k8SZ6HBajpLtEwOSCa0jM5pCup1m%2Fo9DS75oV6ZaMlEuC%2FIM%2B7YWUSsO7hKrvQ7GlK4mao8j6LD4L7eZ2FnyRdDtT3gQJbTbwCLNGGz19hnLclZr02n%2BJfF74nEIaZQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
Tp-r9mPbgx8expEROqv2rzxKKatCsRlr66FWgLMSSv8F3DgFOXBodg==
date
Tue, 03 Dec 2024 04:21:24 GMT
content-type
application/json
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server-timing
cfL4;desc="?proto=QUIC&rtt=4179&min_rtt=1354&rtt_var=3498&sent=22&recv=18&lost=0&retrans=0&sent_bytes=10280&recv_bytes=6918&delivery_rate=660298&cwnd=12000&unsent_bytes=0&cid=bc674c680848dbbd&ts=663&x=1", cfHdrFlush;dur=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 95136e59e01a1261afab3ca3802ec1aa.cloudfront.net (CloudFront)
cf-ray
8ec0c50749beaf25-NRT
access-control-allow-origin
*
x-amz-cf-pop
NRT12-P3
server
cloudflare
chunk-common.fcd1043f.css
assets.salesmartly.com/chat/widget/code/css/ Frame B31B
3 KB
2 KB
Stylesheet
General
Full URL
https://assets.salesmartly.com/chat/widget/code/css/chunk-common.fcd1043f.css
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26ef:bc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
67ae4902681eed1ee7a4a3b6a1ab10dfd3a17dec852733954e2f90f0b333713d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
8YlATqQpIwDAs7wjbQrI7Q==
x-oss-storage-class
Standard
content-encoding
gzip
age
340179
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
RrFrJpdrCe8yz8BNORbspyCBngggOhleOCo7oD1efcikQF54ADOIRw==
date
Fri, 29 Nov 2024 05:51:44 GMT
x-oss-server-time
5
content-type
text/css
last-modified
Fri, 29 Nov 2024 05:50:40 GMT
vary
Accept-Encoding,Origin, Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
16491430429095914100
via
1.1 02d5931b58a5eb59ec4d7098a819a770.cloudfront.net (CloudFront)
x-oss-request-id
6749567006F3A43834D036D6
x-amz-cf-pop
NRT12-P4
server
AliyunOSS
plugin.d74d5d4c.css
assets.salesmartly.com/chat/widget/code/css/ Frame B31B
62 KB
12 KB
Stylesheet
General
Full URL
https://assets.salesmartly.com/chat/widget/code/css/plugin.d74d5d4c.css
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26ef:bc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
9f52502a4a4cdf5401725efa7d6e8f1f93291b64f6ad98193e271561537ee853

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
faaPum+exbkDnbd06GR9gQ==
x-oss-storage-class
Standard
content-encoding
gzip
age
340179
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
8dIqKke7GiqgR5NHgIQMglWkyeAJTZR53FWAOZXfzhdQsUZANDkkMw==
date
Fri, 29 Nov 2024 05:51:44 GMT
x-oss-server-time
6
content-type
text/css
last-modified
Fri, 29 Nov 2024 05:50:40 GMT
vary
Accept-Encoding,Origin, Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
7136623037205770037
via
1.1 02d5931b58a5eb59ec4d7098a819a770.cloudfront.net (CloudFront)
x-oss-request-id
674956701AC7F93533F66646
x-amz-cf-pop
NRT12-P4
server
AliyunOSS
chunk-common.c023d4a9.js
assets.salesmartly.com/chat/widget/code/js/ Frame B31B
19 KB
7 KB
Script
General
Full URL
https://assets.salesmartly.com/chat/widget/code/js/chunk-common.c023d4a9.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26ef:bc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
7918db0dfc9141ec80788c7cbe75964a273e7a67b93eb7c21391605fb9066cef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
dJUYuP31CVYjy+pRjaaGyQ==
x-oss-storage-class
Standard
content-encoding
gzip
age
340179
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
pupBgdFyFAblv5U-4Rx19JtLaqCA9IHOhXUiTdYvb90lRWShWu3EQg==
date
Fri, 29 Nov 2024 05:51:44 GMT
x-oss-server-time
5
content-type
application/javascript
last-modified
Fri, 29 Nov 2024 05:50:40 GMT
vary
Accept-Encoding,Origin, Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
14215461940468328006
via
1.1 02d5931b58a5eb59ec4d7098a819a770.cloudfront.net (CloudFront)
x-oss-request-id
6749567072154E3239C50CBA
x-amz-cf-pop
NRT12-P4
server
AliyunOSS
chunk-vendors.90261597.js
assets.salesmartly.com/chat/widget/code/js/ Frame B31B
194 KB
67 KB
Script
General
Full URL
https://assets.salesmartly.com/chat/widget/code/js/chunk-vendors.90261597.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26ef:bc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
dd0585cd2b40b3c40643a015c30f476980e5b539c8911797dff9db71cd0ba980

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
KuvXyfVPG6loSq85TZn2BA==
x-oss-storage-class
Standard
content-encoding
gzip
age
340179
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
c_9rCI7EF86SjBqi4QpKGpkaObFDB5sKxSRISo0VgHYXRWIP8dKpNA==
date
Fri, 29 Nov 2024 05:51:44 GMT
x-oss-server-time
7
content-type
application/javascript
last-modified
Fri, 29 Nov 2024 05:50:40 GMT
vary
Accept-Encoding,Origin, Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
7203584081737220925
via
1.1 02d5931b58a5eb59ec4d7098a819a770.cloudfront.net (CloudFront)
x-oss-request-id
674956705354653638A201DB
x-amz-cf-pop
NRT12-P4
server
AliyunOSS
vendor1_fd8e7641.js
assets.salesmartly.com/chat/widget/code/js/ Frame B31B
220 KB
77 KB
Script
General
Full URL
https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26ef:bc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
d13fa59865cd9ce916e46cae3593eeb17c011b5dd2880ca6a65846c2d4e5a9e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
YOHCRGf6GIUU2shKUsykFw==
x-oss-storage-class
Standard
content-encoding
gzip
age
340179
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
PhC1xUO3Wvcxhwu61FaRIjxT34vNCFROvFHYW7YUPhnNAgW8WrrSiw==
date
Fri, 29 Nov 2024 05:51:44 GMT
x-oss-server-time
13
content-type
application/javascript
last-modified
Fri, 29 Nov 2024 05:50:40 GMT
vary
Accept-Encoding,Origin, Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
9671956606219813729
via
1.1 02d5931b58a5eb59ec4d7098a819a770.cloudfront.net (CloudFront)
x-oss-request-id
67495670F1D29D38334A3763
x-amz-cf-pop
NRT12-P4
server
AliyunOSS
ling.mp3
client.salesmartly.com/setting/sounds/
46 KB
47 KB
Media
General
Full URL
https://client.salesmartly.com/setting/sounds/ling.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27b9:3e00:1e:b46c:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35fbb2ad61551e3a396591657a66b563222454418238c46005b89418556f9983

Request headers

Referer
https://qtwpxglobo.cc/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
public, max-age=15552000
etag
"1065fe976ff9e98d69772fe0f0d7b808"
age
1114833
Content-Range
bytes 0-47222/47223
via
1.1 4ff47392e4e28f4c3052a944630921d0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
Content-Length
47223
x-amz-cf-id
wj9YnsMQpi4bibK3I6FXsSOSk7S0_aVj186g0ki5rZ8gCjcxRck0Gw==
date
Wed, 20 Nov 2024 06:40:51 GMT
content-type
audio/mp3
last-modified
Tue, 02 Jul 2024 06:29:42 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P6
x-amz-server-side-encryption
AES256
plugin.72e39702.js
assets.salesmartly.com/chat/widget/code/js/ Frame B31B
312 KB
93 KB
Script
General
Full URL
https://assets.salesmartly.com/chat/widget/code/js/plugin.72e39702.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26ef:bc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
4ea36ce040105f3c1b942c1adbc8f80646721d163ec44d2d13a950d509231f2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
aX23q/RHOaSKIbuogpyJRQ==
x-oss-storage-class
Standard
content-encoding
gzip
age
340179
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
vmIu2zNl11q8dGHt-BzyoSwT3LKqkyh8u-JyUrN0elVc2KRdrdVNHg==
date
Fri, 29 Nov 2024 05:51:44 GMT
x-oss-server-time
8
content-type
application/javascript
last-modified
Fri, 29 Nov 2024 05:50:40 GMT
vary
Accept-Encoding,Origin, Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
12237994535829521473
via
1.1 02d5931b58a5eb59ec4d7098a819a770.cloudfront.net (CloudFront)
x-oss-request-id
67495670CA1C6338387C2E29
x-amz-cf-pop
NRT12-P4
server
AliyunOSS
import-lang-jp.11230dd5.js
assets.salesmartly.com/chat/widget/code/js/ Frame B31B
4 KB
2 KB
Script
General
Full URL
https://assets.salesmartly.com/chat/widget/code/js/import-lang-jp.11230dd5.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/plugin.72e39702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26ef:bc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
34c9d6e1648edebe85f2f85da2fce55f17e2ef3daccf5e50998398365e05ad0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
WCVoGrRQY7lwvYV4nT40Qg==
x-oss-storage-class
Standard
content-encoding
gzip
age
340178
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
yhJNANeTj2zNFfF0PFjUE-Sa12IljUShmfM-vswMQKZyC1A7EBsTKw==
date
Fri, 29 Nov 2024 05:51:44 GMT
x-oss-server-time
9
content-type
application/javascript
last-modified
Fri, 29 Nov 2024 05:50:40 GMT
vary
Accept-Encoding,Origin, Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
16215759426084407955
via
1.1 02d5931b58a5eb59ec4d7098a819a770.cloudfront.net (CloudFront)
x-oss-request-id
67495670E7A3CA3630C23F16
x-amz-cf-pop
NRT12-P4
server
AliyunOSS
get-plugin-info
api.salesmartly.com/sys/company/plugin/ Frame B31B
3 KB
3 KB
XHR
General
Full URL
https://api.salesmartly.com/sys/company/plugin/get-plugin-info?plugin_sign=f83615a965abaff91d0e0e7f9889d8ea&plugin_id=g8m2r9&over_time=&env=chat&_=1733199683818&_lt=&_u=
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221b:600:1:8ade:fa00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHP/7.2.34
Resource Hash
3d7c625579a664e703e40118257c4f84caf1d1e05cd6bf2f8ed8be120f6647d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 26f81727519c342aad4ccd47b72fd7cc.cloudfront.net (CloudFront)
access-control-allow-origin
https://qtwpxglobo.cc
x-cache
Miss from cloudfront
x-amz-cf-id
k0b7v4866qI6t0injTZp6covgXhqnOsrR-vKcowMOrTaVPDsHtKYgA==
date
Tue, 03 Dec 2024 04:21:23 GMT
content-type
application/json; charset=UTF-8
x-powered-by
PHP/7.2.34
x-amz-cf-pop
NRT57-P3
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type, Share-Access-Token, External-Token
log
srz.salesmartly.com/client/log/ Frame B31B
47 B
517 B
XHR
General
Full URL
https://srz.salesmartly.com/client/log/log?plugin_sign=60d10075216455596b8b5a7a85cf5e63&plugin_id=g8m2r9&over_time=&env=chat&_=1733199683824&_lt=&_u=
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221b:cc00:16:41f9:b9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHP/7.2.34
Resource Hash
052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 181d3dc873bbebf835e197df6141b7be.cloudfront.net (CloudFront)
access-control-allow-origin
https://qtwpxglobo.cc
x-cache
Miss from cloudfront
x-amz-cf-id
bPuH14rP_lOoYQUXwv5AODTkidfqQl9WBMD1n3vGXPfC_PHMxO3EOA==
date
Tue, 03 Dec 2024 04:21:23 GMT
content-type
application/json; charset=UTF-8
x-powered-by
PHP/7.2.34
x-amz-cf-pop
NRT57-P3
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
create-user
api.salesmartly.com/chat/msg-user/ Frame B31B
157 B
652 B
XHR
General
Full URL
https://api.salesmartly.com/chat/msg-user/create-user?plugin_sign=422f65b2c9454257d688e881990d0225&plugin_id=g8m2r9&over_time=&env=chat&_=1733199683995&_lt=&_u=
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221b:600:1:8ade:fa00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHP/7.2.34
Resource Hash
c35176135ebbc7d2011cc5db9ee9b3ff68acfed018d4ff9e36497c37f194edd2

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 26f81727519c342aad4ccd47b72fd7cc.cloudfront.net (CloudFront)
access-control-allow-origin
https://qtwpxglobo.cc
x-cache
Miss from cloudfront
x-amz-cf-id
NB_wcqMpZ7Zl40mQcRJ7MvKsT_BRQsLUqfQXSZ_2OP8R1tZiKvbViA==
date
Tue, 03 Dec 2024 04:21:24 GMT
content-type
application/json; charset=UTF-8
x-powered-by
PHP/7.2.34
x-amz-cf-pop
NRT57-P3
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type, Share-Access-Token, External-Token
iconfont.15dabac4.woff2
assets.salesmartly.com/chat/widget/code/fonts/ Frame B31B
7 KB
8 KB
Font
General
Full URL
https://assets.salesmartly.com/chat/widget/code/fonts/iconfont.15dabac4.woff2
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/css/chunk-common.fcd1043f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26ef:bc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
f2ec6b02a9c3047200a0e72a1ac7ae4c0d96c58d378d07ac1c18a6ad351a7f4a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://qtwpxglobo.cc
Referer
https://assets.salesmartly.com/chat/widget/code/css/chunk-common.fcd1043f.css

Response headers

content-md5
Fdq6xBz75pV3YXUhS0iecQ==
x-oss-storage-class
Standard
etag
"15DABAC41CFBE695776175214B489E71"
age
530
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
XJ9iWghLraKv0PmmUKLpmjT9y_Edxb0HoJxXN5cb2Lvx8jzLNU9xcA==
date
Tue, 03 Dec 2024 04:12:34 GMT
x-oss-server-time
3
content-type
font/woff2
last-modified
Fri, 29 Nov 2024 05:50:40 GMT
vary
Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
9807860922094880266
via
1.1 5b77c2293b0db35efbb6d27449d255ac.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
7544
x-oss-request-id
674E85327859E4303900595D
x-amz-cf-pop
NRT12-P4
server
AliyunOSS
trigger
msg.salesmartly.com/chat/chat-auto/user/ Frame B31B
49 B
495 B
XHR
General
Full URL
https://msg.salesmartly.com/chat/chat-auto/user/trigger?login_token=19a495997255ba5056d178937794572d&chat_user_id=5c235ca219d847d1d22c6678606594ec&plugin_sign=6a09294cfad91aadb48bdfcbed47b1f4&plugin_id=g8m2r9&over_time=&env=chat&_=1733199684119&_lt=19a495997255ba5056d178937794572d&_u=
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:f400:16:9386:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d817b79090a73b71e09ad6e2daa2c137408a7cfb7916aef50da18a1b1b0229f0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 d55c8c4c436c0f8ae6ad19ea6aabeb56.cloudfront.net (CloudFront)
access-control-allow-origin
https://qtwpxglobo.cc
x-cache
Miss from cloudfront
content-length
67
x-amz-cf-id
248Kz9q5F67eXSf265mEROBfTRUgUXl88u9UyCqjaFTMB1zXe_G5dA==
date
Tue, 03 Dec 2024 04:21:24 GMT
content-type
application/json
x-amz-cf-pop
NRT57-P2
access-control-allow-headers
DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,Origin,Cpl,Client-Type,X-Requested-With,Accept,External-Sign
unread-msg-list-v2
msg.salesmartly.com/chat/chat-msg/ Frame B31B
66 B
508 B
XHR
General
Full URL
https://msg.salesmartly.com/chat/chat-msg/unread-msg-list-v2?login_token=19a495997255ba5056d178937794572d&chat_user_id=5c235ca219d847d1d22c6678606594ec&direction_type=1&plugin_id=g8m2r9&over_time=&env=chat&_=1733199684119&_lt=19a495997255ba5056d178937794572d&_u=
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:f400:16:9386:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6e59b9f826a2a9b503fb05fd33448a0583d30552aed790dfea6cb19e74bb409c

Request headers

external-sign
97fda60df9939cab45a89fa1e38f8c3c
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 d55c8c4c436c0f8ae6ad19ea6aabeb56.cloudfront.net (CloudFront)
access-control-allow-origin
https://qtwpxglobo.cc
x-cache
Miss from cloudfront
content-length
82
x-amz-cf-id
ptVn26JXPVC3YZNWOs9Sieepnl_4lKFeqFxvPlaaq0eUa3omiJfLrA==
date
Tue, 03 Dec 2024 04:21:24 GMT
content-type
application/json
x-amz-cf-pop
NRT57-P2
access-control-allow-headers
DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,Origin,Cpl,Client-Type,X-Requested-With,Accept,External-Sign
unread-msg-list-v2
msg.salesmartly.com/chat/chat-msg/ Frame
0
0
Preflight
General
Full URL
https://msg.salesmartly.com/chat/chat-msg/unread-msg-list-v2?login_token=19a495997255ba5056d178937794572d&chat_user_id=5c235ca219d847d1d22c6678606594ec&direction_type=1&plugin_id=g8m2r9&over_time=&env=chat&_=1733199684119&_lt=19a495997255ba5056d178937794572d&_u=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:f400:16:9386:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
external-sign
Access-Control-Request-Method
GET
Origin
https://qtwpxglobo.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,Origin,Cpl,Client-Type,X-Requested-With,Accept,External-Sign
access-control-allow-origin
https://qtwpxglobo.cc
content-length
0
content-type
text/html
date
Tue, 03 Dec 2024 04:21:24 GMT
via
1.1 c9203ba15af2ae82294719bd8bb5fcce.cloudfront.net (CloudFront)
x-amz-cf-id
pOEefH3Ko2EgkJdYyCLHMIVzuUtKQzJNGuKhLW1p2RAC2uXRV-aFSg==
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
47b1eda7866c420184d409b098943265.jpeg
s3.us-east-1.amazonaws.com/trade.res/trade.res/202407/
30 KB
31 KB
Image
General
Full URL
https://s3.us-east-1.amazonaws.com/trade.res/trade.res/202407/47b1eda7866c420184d409b098943265.jpeg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.133.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
62adc7d38aec2990909ffae3c5722bfa109289a8bd840293642a7603f21837c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

x-amz-id-2
dmhkL8if8/t3CEnPP+NNY8xhfQZL+76VYQamepinjt01El98DHgxWRnvuNkNPXFI7vWTtx2XGgU=
x-amz-meta-x-amz-meta-title
someTitle
ETag
"3c04e772890d19833d6784184bbda299"
x-amz-request-id
XT5P82ZHWWVBASWJ
Accept-Ranges
bytes
Content-Length
31028
Date
Tue, 03 Dec 2024 04:21:25 GMT
Last-Modified
Thu, 11 Jul 2024 16:50:53 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
d9aa07caa95f43a2849b391509fa101d.jpeg
s3.us-east-1.amazonaws.com/trade.res/trade.res/202407/
25 KB
25 KB
Image
General
Full URL
https://s3.us-east-1.amazonaws.com/trade.res/trade.res/202407/d9aa07caa95f43a2849b391509fa101d.jpeg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.133.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
13ac0b6a03c1a1a8251e60c012f33a49758216ad87992f146b295b72b17ff8f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

x-amz-id-2
CsPobLy04j+L+m1UQ0Qvqgs54iEW1lzXxwQ28jhd5xdY35gMfS8m65kMQzz4nLFvXz5HM3+HwK0=
x-amz-meta-x-amz-meta-title
someTitle
ETag
"280ffbd9bd23a937538b235fb0508a9e"
x-amz-request-id
XT5JB57C9DB70AJ5
Accept-Ranges
bytes
Content-Length
25431
Date
Tue, 03 Dec 2024 04:21:25 GMT
Last-Modified
Thu, 11 Jul 2024 16:47:40 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
ba4da8d6213e48ed8e95dd0e7c2611d3.jpeg
s3.us-east-1.amazonaws.com/trade.res/trade.res/202405/
87 KB
87 KB
Image
General
Full URL
https://s3.us-east-1.amazonaws.com/trade.res/trade.res/202405/ba4da8d6213e48ed8e95dd0e7c2611d3.jpeg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.133.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
438361e9c5f66680c5a92e2bdd3ab55976d7a25d77e5c2c65e8bea6ed9f715a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

x-amz-id-2
33qpIa4D18mPSwE8CRiQ6sh8SkgyKDZVB7c8QDlRWq6iVZl2fz3Nps9jmf2m/ch/9hbNb1GEg8E=
x-amz-meta-x-amz-meta-title
someTitle
ETag
"becbabeddc34f6d8ba5179b3f4cb1269"
x-amz-request-id
XT5VDK894T4R946P
Accept-Ranges
bytes
Content-Length
88908
Date
Tue, 03 Dec 2024 04:21:25 GMT
Last-Modified
Sat, 11 May 2024 11:32:14 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
5161fc2cda6e470882a82b7fe0c80988.jpeg
s3.us-east-1.amazonaws.com/trade.res/trade.res/202407/
16 KB
17 KB
Image
General
Full URL
https://s3.us-east-1.amazonaws.com/trade.res/trade.res/202407/5161fc2cda6e470882a82b7fe0c80988.jpeg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.133.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b3b8b901ffeb03deea133103fcac9366e6a9bc76ac27656b738bacd83db91301

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

x-amz-id-2
jzwKwCbggI27Dsy951Urqabw/dDICs2M7aiFb9EbQ5DH42YxMrGjZjiv7Q0miMQWM+8LrXz5i4U=
x-amz-meta-x-amz-meta-title
someTitle
ETag
"1fd0d1fef7e1b0ad15014fbf32d6fa90"
x-amz-request-id
XT5YCAT2FJ59T1DY
Accept-Ranges
bytes
Content-Length
16503
Date
Tue, 03 Dec 2024 04:21:25 GMT
Last-Modified
Thu, 11 Jul 2024 16:49:22 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
adae2cacea5542738312dabbfcb8382e.jpg
s3.us-east-1.amazonaws.com/trade.res/trade.res/202305/
324 KB
325 KB
Image
General
Full URL
https://s3.us-east-1.amazonaws.com/trade.res/trade.res/202305/adae2cacea5542738312dabbfcb8382e.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.133.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
016b6395a835638e23e7b64c936a329b88c2743a6a578cb2e8bfc242726db63b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

x-amz-id-2
c/BEwALNUHXbCn62nA1fnELn5+ceyH2cAFOox8cExeuPkZWvLNyx0uvIRK36rMvUHL73ohLpr5k=
x-amz-meta-x-amz-meta-title
someTitle
ETag
"c54f3945fdb1a77a3edf82c4908d0910"
x-amz-request-id
XT5K8RKCAVZTEEQ9
Accept-Ranges
bytes
Content-Length
332023
Date
Tue, 03 Dec 2024 04:21:25 GMT
Last-Modified
Fri, 05 May 2023 22:00:33 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
log
api.salesmartly.com/client/station/ Frame B31B
87 B
710 B
XHR
General
Full URL
https://api.salesmartly.com/client/station/log?plugin_sign=45a54ebc792103923b36be8fbc06ae36&plugin_id=g8m2r9&over_time=&env=chat&_=1733199684620&_lt=19a495997255ba5056d178937794572d&_u=
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221b:600:1:8ade:fa00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHP/7.2.34
Resource Hash
367ff285af2b92b0caeaed9d33bf25b37bc65faa504fd66003acce7e2c41b98a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 26f81727519c342aad4ccd47b72fd7cc.cloudfront.net (CloudFront)
access-control-allow-origin
https://qtwpxglobo.cc
x-cache
Miss from cloudfront
x-amz-cf-id
SmCJo-Y1JcYvTLy4tsgVI-H6kh007kjh0CvDl2ZKMDBQLzCKFuOZCQ==
date
Tue, 03 Dec 2024 04:21:24 GMT
content-type
application/json; charset=UTF-8
x-powered-by
PHP/7.2.34
x-amz-cf-pop
NRT57-P3
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type, Share-Access-Token, External-Token
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
472b855f4539e4fcfd9fad05b541fb4ac654c94caefb74d185215dff4cded54b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edc58b2ca5d87014139e8528c6652f0aef23e2b9c98487d6933622100989d175

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
XAU.jpeg
s3.amazonaws.com/trade.res/coin/
17 KB
17 KB
Image
General
Full URL
https://s3.amazonaws.com/trade.res/coin/XAU.jpeg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.24.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3.us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
bdfe88aefb3184e36d04de930bff6d3dabb2577c9101e6030d0051ccc52686f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

x-amz-id-2
gAuUCkUsetINb7CTkUXWxh+x7XpJv+RBCEJWeAeZxktwd7cbcq0IGxsa3l3oFpywYxFMqoljc5qWMCHLj5FpV6p07OmwbrMTLxg4WqJalWk=
ETag
"46b46eb0922db6f8baf58d63ea043ff2"
x-amz-request-id
2AVRQ4JKH30WS8FJ
Accept-Ranges
bytes
Content-Length
17367
Date
Tue, 03 Dec 2024 04:21:26 GMT
Last-Modified
Fri, 21 Jul 2023 19:03:49 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
XAU.png
s3.us-east-1.amazonaws.com/trade.res/kline_chart/test/
2 KB
2 KB
Image
General
Full URL
https://s3.us-east-1.amazonaws.com/trade.res/kline_chart/test/XAU.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.133.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8b3e0a424d761ed456793fd96f466127e1d1523a7a6b75594b3f2b2a669c9da6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

x-amz-id-2
vSEV0I9fsj5uD3Oe4sLGwPvWZODjIpJHbhHTCKhk5ouIuLUrFkHzTn1ofshF2BvxgWGSyMgx36E=
x-amz-meta-x-amz-meta-title
someTitle
ETag
"32f7f8ddfde67f7c1b7114da8182c6e6"
x-amz-request-id
2AVYKSYMJJD3EJ22
Accept-Ranges
bytes
Content-Length
1644
Date
Tue, 03 Dec 2024 04:21:26 GMT
Last-Modified
Tue, 03 Dec 2024 04:00:03 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
AHD.png
s3.us-east-1.amazonaws.com/trade.res/kline_chart/test/
2 KB
2 KB
Image
General
Full URL
https://s3.us-east-1.amazonaws.com/trade.res/kline_chart/test/AHD.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.133.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0b311688932c281f514757f244b286082e3d5a85c3020f4fd2c27f01ac27cb67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

x-amz-id-2
8AI4Qtgmy76gC5BAZYEnKb3zdctRHxiP4acyIG9AAsKKVa7AWikM2b66F925tuPOchApng8fij0=
x-amz-meta-x-amz-meta-title
someTitle
ETag
"8ed565472b4e7bb2533246724841a68c"
x-amz-request-id
2AVSH5165S3C35S5
Accept-Ranges
bytes
Content-Length
2012
Date
Tue, 03 Dec 2024 04:21:26 GMT
Last-Modified
Tue, 03 Dec 2024 04:01:09 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
BO.png
s3.us-east-1.amazonaws.com/trade.res/kline_chart/test/
2 KB
3 KB
Image
General
Full URL
https://s3.us-east-1.amazonaws.com/trade.res/kline_chart/test/BO.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.133.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5bdfadfc6f1cd6a2909370bf5c1d7471fb5680d0ab4f9ff58efc30bd5bbd2d03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

x-amz-id-2
eFNz8zTRBuZOrT0TGZI01zAb3eWf7IH+6y3xzuOvkt49Ljzk9+ukP4gASlqehvWDAyYSmoaQbY8=
x-amz-meta-x-amz-meta-title
someTitle
ETag
"d9dde11857d31d9946c2c2c137dc6bb6"
x-amz-request-id
2AVGTRZGTC2ABCMF
Accept-Ranges
bytes
Content-Length
2149
Date
Tue, 03 Dec 2024 04:21:26 GMT
Last-Modified
Tue, 03 Dec 2024 04:01:10 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
C.png
s3.us-east-1.amazonaws.com/trade.res/kline_chart/test/
2 KB
2 KB
Image
General
Full URL
https://s3.us-east-1.amazonaws.com/trade.res/kline_chart/test/C.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.133.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3ecdfbbf6a2546d385e6bbdbd998452a85e9fe34e3379319bdb0898c981e1485

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

x-amz-id-2
9Kusz6bOEqqjuFnFdL9d3Wrntwf8Z5Khl9cVFLk5WOqoBxCvu8/KxUownDIEP/c5yPdAhbjhb7E=
x-amz-meta-x-amz-meta-title
someTitle
ETag
"fdbd4a2c299945c587212a9bafd13e2e"
x-amz-request-id
2AVJRR0NEWWJ5GK7
Accept-Ranges
bytes
Content-Length
1681
Date
Tue, 03 Dec 2024 04:21:26 GMT
Last-Modified
Tue, 03 Dec 2024 04:01:11 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
CC.png
s3.us-east-1.amazonaws.com/trade.res/kline_chart/test/
2 KB
2 KB
Image
General
Full URL
https://s3.us-east-1.amazonaws.com/trade.res/kline_chart/test/CC.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.133.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9a326621314548f2c5134660bb8d20fc5464d99b7fbd93c32bb7026918470f40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

x-amz-id-2
tCS/Rb7AzxK39rzpfkLjEBipP3RVYIBHp0UY8KxcOrP8rNElI6uyn14fyDOeDXoWnG0mLRVREYg=
x-amz-meta-x-amz-meta-title
someTitle
ETag
"0ba80d4cb4c8782e16ddc8c553bd1f45"
x-amz-request-id
2AVRYV90AGHZZAEQ
Accept-Ranges
bytes
Content-Length
1929
Date
Tue, 03 Dec 2024 04:21:26 GMT
Last-Modified
Tue, 03 Dec 2024 04:01:14 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
CL.png
s3.us-east-1.amazonaws.com/trade.res/kline_chart/test/
2 KB
2 KB
Image
General
Full URL
https://s3.us-east-1.amazonaws.com/trade.res/kline_chart/test/CL.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.133.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
df8ea621e8fe29a02eb4dc0e19687b7e2de769c549b32e7a87dd5fb7882662b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qtwpxglobo.cc/

Response headers

x-amz-id-2
R6yiaO/4jubUu1b+cp/xuWzcKb57hgnIxiniJ1X1GaBLplHiNeIIqTsWYmF6pxABeGiG8QNwb9Q=
x-amz-meta-x-amz-meta-title
someTitle
ETag
"deb65684468db7b84c71f7999689c405"
x-amz-request-id
2AVYF2J6CGWXJ0G7
Accept-Ranges
bytes
Content-Length
1677
Date
Tue, 03 Dec 2024 04:21:26 GMT
Last-Modified
Tue, 03 Dec 2024 04:01:15 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
open_url
URL
trust://open_url?coin_id=60&url=https://qtwpxglobo.cc

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| __ssc function| ssq function| handleSetChartLibrary object| global function| Buffer object| process object| util object| regeneratorRuntime function| __extends function| __assign function| __rest function| __decorate function| __param function| __esDecorate function| __runInitializers function| __propKey function| __setFunctionName function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __spreadArray function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet function| __classPrivateFieldIn function| __addDisposableResource function| __disposeResources function| CoinbaseWalletSDK function| CoinbaseWalletProvider function| WalletLink function| WalletLinkProvider function| setImmediate function| clearImmediate object| install_ss_chat_plugin object| ssmEvent object| TradingView

2 Cookies

Domain/Path Name / Value
.salesmartly.com/ Name: ss_uid
Value: 974bd6132c03f8073d02057dfaa4a7b2
qtwpxglobo.cc/ Name: _ss_s_uid
Value: 974bd6132c03f8073d02057dfaa4a7b2

1 Console Messages

Source Level URL
Text
other error URL: https://qtwpxglobo.cc/
Message:
Not allowed to launch 'trust://open_url?coin_id=60&url=https://qtwpxglobo.cc' because a user gesture is required.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.salesmartly.com
assets.salesmartly.com
client.salesmartly.com
msg.salesmartly.com
open_url
qtw-aiera.cc
qtwpxglobo.cc
s3.amazonaws.com
s3.us-east-1.amazonaws.com
srz.salesmartly.com
open_url
172.67.199.141
172.67.199.217
2600:9000:221a:f400:16:9386:7d40:93a1
2600:9000:221b:600:1:8ade:fa00:93a1
2600:9000:221b:cc00:16:41f9:b9c0:93a1
2600:9000:26ef:bc00:1e:4a65:6f00:93a1
2600:9000:27b9:3e00:1e:b46c:cec0:93a1
3.5.24.141
54.231.133.88
016b6395a835638e23e7b64c936a329b88c2743a6a578cb2e8bfc242726db63b
052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5
076d58e64bbb45b78a2177084c56a2016c9b0ad0b7121a341b37439248c1bcaf
0b311688932c281f514757f244b286082e3d5a85c3020f4fd2c27f01ac27cb67
129fea8961e61e9349beb8c50147568db7ae5e4c2657ea3ea4610223f7bf1263
13ac0b6a03c1a1a8251e60c012f33a49758216ad87992f146b295b72b17ff8f3
154b41746c140df85de844eb0d63f11b6bda8846895f65e9fa61672023f2fde3
24b93f736adf181d4719bbac46beceadc4ca3fe802d070286f653bed64686958
349ee7464fa4a8bf16ee8654ee93a3b284e0b2d2d1c76096701721d821bc0639
34c9d6e1648edebe85f2f85da2fce55f17e2ef3daccf5e50998398365e05ad0e
35fbb2ad61551e3a396591657a66b563222454418238c46005b89418556f9983
367ff285af2b92b0caeaed9d33bf25b37bc65faa504fd66003acce7e2c41b98a
3741d0f4d49a852267cdf80bc0bed8b9818a6c14d5fa5e47551228b48bc82cab
3d2acc04a1c4035482a48f50a83a9609bd616c8cb88d59fb947a2800e76ef627
3d7c625579a664e703e40118257c4f84caf1d1e05cd6bf2f8ed8be120f6647d7
3ecdfbbf6a2546d385e6bbdbd998452a85e9fe34e3379319bdb0898c981e1485
438361e9c5f66680c5a92e2bdd3ab55976d7a25d77e5c2c65e8bea6ed9f715a3
44564e072736a4e930627b3ccf52ff4053096f883606b35e0f5bafb55c5b9524
472b855f4539e4fcfd9fad05b541fb4ac654c94caefb74d185215dff4cded54b
4ab4adf9efde97e7daf9d4779893fc23bb7f81680b78e3d616166ccd57db1ceb
4ea36ce040105f3c1b942c1adbc8f80646721d163ec44d2d13a950d509231f2d
557cff9eaecf8003c4e1b2091d359308c6f9c916a73eb6468c26017af12a9cb9
5bdfadfc6f1cd6a2909370bf5c1d7471fb5680d0ab4f9ff58efc30bd5bbd2d03
5d3733c598586a955c6352fb8561d4c93821acc3a7ef9a20620dca043bd9a9d6
62adc7d38aec2990909ffae3c5722bfa109289a8bd840293642a7603f21837c8
67ae4902681eed1ee7a4a3b6a1ab10dfd3a17dec852733954e2f90f0b333713d
6e59b9f826a2a9b503fb05fd33448a0583d30552aed790dfea6cb19e74bb409c
708ec90baa7ddc9bd59d169a6e657767232bcbe3e6d98c86e7be2121c6502fbf
756da07a72fe967adcd43146ccd5cccaf492009bd661a851fae2a9a2ec9e28b9
784db8efadb9b8d033d5e858be4a70a75df89183f05594ee48380aafd3cadbc9
7918db0dfc9141ec80788c7cbe75964a273e7a67b93eb7c21391605fb9066cef
7a2e3d14616d132c0dbbca2727f5703fd202e2e13cec268b307f11ded3d9b3eb
7a3853210e9fa47c44f0c12becaa6f52cf52d05ddedad608be921017146d2bd9
8b3e0a424d761ed456793fd96f466127e1d1523a7a6b75594b3f2b2a669c9da6
93cd3268b3dc958e7547e0f7b6912e57b4f41e9f7ca488e9a2b19590f9f9ac62
959eeb5feb9aa5e5207f68c2796548f7eab7c77eb4fcddcdd2765da6fbb69252
9a2dbf3dc07c827e320eaf918be0ff840129183ffe08d7958070aaa451db7e9d
9a326621314548f2c5134660bb8d20fc5464d99b7fbd93c32bb7026918470f40
9a5ba7063d809f92db9fa547000967f4243a5e82e63eb26fae414e39b7998bcd
9f52502a4a4cdf5401725efa7d6e8f1f93291b64f6ad98193e271561537ee853
a156c65a77f1f04afde28ecffd4bc40248c5bac3aaef7c60236b794fe0a0b3fa
a233903123c44eb6d7a51de2d4ee603822d36d75825aea693920b9e1e05d7a48
ab99b5670281f6ccb160142ee4bed36af2a03766a641a222278eeb2a9e91b884
b3b8b901ffeb03deea133103fcac9366e6a9bc76ac27656b738bacd83db91301
b8972bb3f2b712d05a9976ab8498761cde4b115c0ccbb9da20fac08db650cdf6
bdfe88aefb3184e36d04de930bff6d3dabb2577c9101e6030d0051ccc52686f9
c35176135ebbc7d2011cc5db9ee9b3ff68acfed018d4ff9e36497c37f194edd2
c57a3de77be0ea8d8a10fcf89756e129f4aa931a995b6160369cde91f3021bdb
c59adeb93a40b5b8958221c7bb4bffe448f1d4be9a99682953deea6b2862d948
d13fa59865cd9ce916e46cae3593eeb17c011b5dd2880ca6a65846c2d4e5a9e2
d817b79090a73b71e09ad6e2daa2c137408a7cfb7916aef50da18a1b1b0229f0
dd0585cd2b40b3c40643a015c30f476980e5b539c8911797dff9db71cd0ba980
df8ea621e8fe29a02eb4dc0e19687b7e2de769c549b32e7a87dd5fb7882662b6
edc58b2ca5d87014139e8528c6652f0aef23e2b9c98487d6933622100989d175
ef809fdf50ae5f0880643bf9491c69caca9dd0b588656a9bbf18c24ab0cdca6e
f2ec6b02a9c3047200a0e72a1ac7ae4c0d96c58d378d07ac1c18a6ad351a7f4a
f45e2fde2c7c8e57cace869e04b0b9df27f3975f537f6d26a7e7629f404c5b7a