urlscan.io logo urlscan.io
SecurityTrails logo

elek-promotion.top Open in urlscan Pro
172.67.196.185  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://elek-promotion.top/
Effective URL: https://elek-promotion.top/
Submission Tags: @phish_report
Submission: On May 26 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 7 domains to perform 41 HTTP transactions. The main IP is 172.67.196.185, located in United States and belongs to CLOUDFLARENET, US. The main domain is elek-promotion.top.
TLS certificate: Issued by WE1 on April 18th 2025. Valid for: 3 months.
This is the only time elek-promotion.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 172.67.196.185 13335 (CLOUDFLAR...)
1 172.67.142.245 13335 (CLOUDFLAR...)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 142.250.185.138 15169 (GOOGLE)
9 18.245.31.84 16509 (AMAZON-02)
2 108.138.7.49 16509 (AMAZON-02)
2 52.222.214.126 16509 (AMAZON-02)
4 13.35.58.87 16509 (AMAZON-02)
2 216.58.206.67 15169 (GOOGLE)
3 52.222.214.61 16509 (AMAZON-02)
1 188.114.97.3 13335 (CLOUDFLAR...)
41 12
14    172.67.196.185 (United States)

ASN13335 (CLOUDFLARENET, US)
elek-promotion.top
1    172.67.142.245 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
fonts.googleapis.com
9    18.245.31.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-84.fra56.r.cloudfront.net
plugin-code.salesmartly.com
2    108.138.7.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-49.fra56.r.cloudfront.net
client.salesmartly.com
2    52.222.214.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-126.fra56.r.cloudfront.net
api.salesmartly.com
4    13.35.58.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-87.fra60.r.cloudfront.net
srz.salesmartly.com
2    216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f3.1e100.net
fonts.gstatic.com
3    52.222.214.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-61.fra56.r.cloudfront.net
msg.salesmartly.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
egatewayportal.top
Apex Domain
Subdomains		 Transfer
20 salesmartly.com
plugin-code.salesmartly.com — Cisco Umbrella Rank: 147961
client.salesmartly.com — Cisco Umbrella Rank: 112521
api.salesmartly.com — Cisco Umbrella Rank: 82904
srz.salesmartly.com — Cisco Umbrella Rank: 79452
msg.salesmartly.com — Cisco Umbrella Rank: 73361
352 KB
14 elek-promotion.top
elek-promotion.top
293 KB
2 gstatic.com
fonts.gstatic.com
16 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 247
2 KB
1 egatewayportal.top
egatewayportal.top
725 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
1 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1224
14 KB
41 7
Domain Requested by
14 elek-promotion.top elek-promotion.top
9 plugin-code.salesmartly.com elek-promotion.top
plugin-code.salesmartly.com
4 srz.salesmartly.com plugin-code.salesmartly.com
3 msg.salesmartly.com plugin-code.salesmartly.com
2 fonts.gstatic.com fonts.googleapis.com
2 api.salesmartly.com plugin-code.salesmartly.com
2 client.salesmartly.com elek-promotion.top
plugin-code.salesmartly.com
2 cdnjs.cloudflare.com elek-promotion.top
1 egatewayportal.top elek-promotion.top
1 fonts.googleapis.com elek-promotion.top
1 use.fontawesome.com elek-promotion.top
41 11

This site contains no links.

Subject Issuer Validity Valid
elek-promotion.top
WE1		 2025-04-18 -
2025-07-17		 3 months crt.sh
use.fontawesome.com
WE1		 2025-05-04 -
2025-08-02		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2025-05-22 -
2025-08-20		 3 months crt.sh
upload.video.google.com
WE2		 2025-04-29 -
2025-07-22		 3 months crt.sh
*.salesmartly.com
Amazon RSA 2048 M03		 2024-12-05 -
2026-01-03		 a year crt.sh
*.gstatic.com
WE2		 2025-04-29 -
2025-07-22		 3 months crt.sh
egatewayportal.top
WE1		 2025-04-18 -
2025-07-17		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://elek-promotion.top/
Frame ID: F7737ECBBA65E12FC3AC4568E6E964DB
Requests: 25 HTTP requests in this frame

Frame: https://plugin-code.salesmartly.com/chat/widget/code/css/chunk-common.aee94c54.css
Frame ID: 9CB73C7AC4587B78DB96CCBC66E61A22
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ELEKS&CO: Expert Enterprise Software Development & Tech Consulting

Page URL History Show full URLs

  1. http://elek-promotion.top/ HTTP 307
    https://elek-promotion.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /marked(?:\.min)?\.js

Page Statistics

41
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

12
IPs

3
Countries

679 kB
Transfer

2349 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://elek-promotion.top/ HTTP 307
    https://elek-promotion.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
elek-promotion.top/
Redirect Chain
  • http://elek-promotion.top/
  • https://elek-promotion.top/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elek-promotion.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.196.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62e7426ecf5e0f01db29bc1f5f5a599fbd276447840b779ad6192ec41e493e82

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
945d3ace9d29ca3b-HAM
content-encoding
zstd
content-type
text/html
date
Mon, 26 May 2025 12:20:59 GMT
last-modified
Sat, 17 May 2025 09:49:29 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1eHahzGH9d%2BqdF%2FdhJCjEweFBXSdDQzL5TYShE2gXXlc8MC%2B3nDH9agNN3kX%2FpaFl9E7DSdP32t5WhzP%2FmH8lg%2FQQQWrKxesPnsH4I2ldTc%3D"}]}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://elek-promotion.top/
Non-Authoritative-Reason
HttpsUpgrades
all.css
use.fontawesome.com/releases/v5.14.0/css/ 		58 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.14.0/css/all.css
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://elek-promotion.top/

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"84d8ad2b4fcdc0f0c58247e778133b3a"
age
1054862
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3FZQgtTE4ESAoJS8Bhig4Ihj%2FUXOPHYEvlHvd43IqWvu8eHrgNNjAHlUFvUXNPUAvYZjN%2Bt%2F16A8aPP2hnzwDBOQyEgc%2BF5l2KxJA5PsUy3w4Ff%2FR0UPxxJwgqIjCXjLmN34%2FCxM"}],"group":"cf-nel","max_age":604800}
cf-ray
945d3ad75dcb7282-HAM
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=77850&min_rtt=52463&rtt_var=31615&sent=6&recv=8&lost=0&retrans=0&sent_bytes=4004&recv_bytes=2264&delivery_rate=43845&cwnd=253&unsent_bytes=0&cid=20b440e3a29c3347&ts=215&x=0"
date
Mon, 26 May 2025 12:21:00 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:45:11 GMT
vary
Accept-Encoding
server
cloudflare
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		1 KB
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://elek-promotion.top/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03fd5-50a"
age
1023785
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjvVSwwfzuaREcA%2BORzlsERB6LaLHfDtgYPaxrjyLGOBibcGCLovC68dUR2v5OTKPnmWxJOzTxL1MS%2FfkCSTuCjmQ0h5%2F3v394EP0aMREXo32IgdmRtyTCToxEYfqm1%2FyyL%2BtuK3"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 16 May 2026 12:21:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 26 May 2025 12:21:00 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:16:21 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
945d3ad708a78dcb-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
382
server
cloudflare
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://elek-promotion.top/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03fd5-92d"
age
309767
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gLO6wY%2FCxALehKnYuL7G26bUdCNwjjqABKXydM50MV9zoxl4unSLJ8wemOYMSPsGkD9CmwSNw8ltoKkkplC4BWqApHinAJBPA8%2Bo9%2F1j7VZvs6FK7s6y%2Bqp747wflFiLlDW%2BJ2P3"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 16 May 2026 12:21:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 26 May 2025 12:21:00 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:16:21 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
945d3ad708a48dcb-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
637
server
cloudflare
css2
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
1ab555f803063374ff56fc4b6bf339a3076a8b82d9c4a6c3dc1b0c52a176affd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://elek-promotion.top/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 26 May 2025 12:21:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 12:21:00 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 26 May 2025 10:48:28 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
index-CHYXfELW.js
elek-promotion.top/assets/ 		604 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elek-promotion.top/assets/index-CHYXfELW.js
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.196.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7561aabb2b816a38affa8bd099d888687d2ce8bc8014bc9c47698fb775171c9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://elek-promotion.top
Referer
https://elek-promotion.top/

Response headers

cache-control
max-age=14400
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"9705a-63551d14279fc-gzip"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DZOi9pWE3vDicq6nZiZD%2BXazld%2Bu08G%2BrFefMvw3yvlMgJMg01z50uPc3YN9uVD0jnxzvc6jdNMhtf9jpXrBuaAlwpKHn2luXr0%2FYor46%2Bo%3D"}]}
cf-ray
945d3ad39cabca3b-HAM
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
date
Mon, 26 May 2025 12:21:00 GMT
content-type
text/javascript
last-modified
Sat, 17 May 2025 09:49:39 GMT
server
cloudflare
vary
Accept-Encoding
index-Bm4xwFW8.css
elek-promotion.top/assets/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://elek-promotion.top/assets/index-Bm4xwFW8.css
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.196.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7f82ff024346e46a323aba95ede3dc0acc7f6bd9abcd490ca28d43579525079

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://elek-promotion.top
Referer
https://elek-promotion.top/

Response headers

cache-control
max-age=14400
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"3641-63551d15a18cc-gzip"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=uiNxqy4UMF%2BY0HjUXEJy1fNH0jsrNSpchRmnFH4N6JENBEjGnMbGOJcwtPNmL6I8foRlpHQT1CBxYzTzkh60Crk%2FvMazRhmpo8cGqjQ03Go%3D"}]}
cf-ray
945d3ad39caaca3b-HAM
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3027
date
Mon, 26 May 2025 12:21:00 GMT
content-type
text/css
last-modified
Sat, 17 May 2025 09:49:41 GMT
server
cloudflare
vary
Accept-Encoding
project_328447_337347_1746910101.js
plugin-code.salesmartly.com/js/ 		1 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin-code.salesmartly.com/js/project_328447_337347_1746910101.js
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-84.fra56.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
b8dba0651b65f1ffd8f3b806523dcb368e3b7a28f6003ab1ecc22ff00f76f896

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://elek-promotion.top/

Response headers

content-md5
N5vtzA5Fk7xsT1XUnBNPMA==
x-oss-storage-class
Standard
content-encoding
gzip
age
138606
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
Sb-QShPV2jIsUBuvulwPABFf-a_Bflthplp8nawN08UdJfkUAQMaSg==
date
Sat, 24 May 2025 21:50:54 GMT
x-oss-server-time
108
content-type
application/javascript
last-modified
Sat, 10 May 2025 20:48:21 GMT
vary
Accept-Encoding,Origin
x-oss-hash-crc64ecma
13310338349865387972
via
1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
x-oss-request-id
68323F3E058B0F3436F4CE05
x-amz-cf-pop
FRA56-P8
server
AliyunOSS
install.js
plugin-code.salesmartly.com/chat/widget/code/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin-code.salesmartly.com/chat/widget/code/install.js
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/js/project_328447_337347_1746910101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-84.fra56.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
077709723b25dd809690d0b62485227079a2eea1b4388b632c68dd1a21a1622d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://elek-promotion.top/

Response headers

content-md5
SVBSO0/98AnxkPjv9ha5Pw==
x-oss-storage-class
Standard
content-encoding
gzip
age
271313
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
v2BQFdW_ZLvqhRqMWsUy9u37cK64nExWGyav0AKiNbRwaU4F9VSEdQ==
date
Fri, 23 May 2025 08:59:07 GMT
x-oss-server-time
2
content-type
application/javascript
last-modified
Fri, 23 May 2025 08:58:38 GMT
vary
Accept-Encoding,Origin
cache-control
public, max-age=600
x-oss-hash-crc64ecma
4601281829002746750
via
1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
x-oss-request-id
683038DB3D643B333028BC71
x-amz-cf-pop
FRA56-P8
server
AliyunOSS
chunk-common.aee94c54.css
plugin-code.salesmartly.com/chat/widget/code/css/ Frame 9CB7 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plugin-code.salesmartly.com/chat/widget/code/css/chunk-common.aee94c54.css
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-84.fra56.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
a623dc17ec891cc4f6cecab0ec40b2c927f73704e751b9b0bdc9014db2577b11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-md5
7VHDdQm3yGDNqIIZ5IoxIg==
x-oss-storage-class
Standard
content-encoding
gzip
age
271313
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
1wu3ETZd57pq_mCOnD8mZQoLkt87sg93dL71JH_yDPS5c4Yx5t2FVQ==
date
Fri, 23 May 2025 08:59:08 GMT
x-oss-server-time
5
content-type
text/css
last-modified
Fri, 23 May 2025 08:58:38 GMT
vary
Accept-Encoding,Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
6685358742753036998
via
1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
x-oss-request-id
683038DC3D643B3330AEC771
x-amz-cf-pop
FRA56-P8
server
AliyunOSS
plugin.4aebfdea.css
plugin-code.salesmartly.com/chat/widget/code/css/ Frame 9CB7 		72 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plugin-code.salesmartly.com/chat/widget/code/css/plugin.4aebfdea.css
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-84.fra56.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
acd3547abed6c333b51c036d70310b688076717515db47b3186b6f0fdfcac260

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-md5
s+MtQ4dyCOH/5cAakGdfrw==
x-oss-storage-class
Standard
content-encoding
gzip
age
271313
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
mOVyIL9LV9kwOHxyI3f9-DYGJ6Oo0JrtMBFdYjCEauDo97UN7CwPxw==
date
Fri, 23 May 2025 08:59:08 GMT
x-oss-server-time
2
content-type
text/css
last-modified
Fri, 23 May 2025 08:58:38 GMT
vary
Accept-Encoding,Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
1359935324114526354
via
1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
x-oss-request-id
683038DC58A49D3834F817D8
x-amz-cf-pop
FRA56-P8
server
AliyunOSS
chunk-common.a2093c86.js
plugin-code.salesmartly.com/chat/widget/code/js/ Frame 9CB7 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin-code.salesmartly.com/chat/widget/code/js/chunk-common.a2093c86.js
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-84.fra56.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
b78dccbebecb9baeaf340bb957cbabf9a003d460d6c830362152a371b507ff64

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-md5
sFwyr5ULaPxscnn5fT9Qmw==
x-oss-storage-class
Standard
content-encoding
gzip
age
271314
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
yw6HpkZT5Yj1JqQdjg50-5XkvhaRQrly0VdXLX4zZsaHeqji_PlzFw==
date
Fri, 23 May 2025 08:59:07 GMT
x-oss-server-time
1
content-type
application/javascript
last-modified
Fri, 23 May 2025 08:58:38 GMT
vary
Accept-Encoding,Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
7492476436288876763
via
1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
x-oss-request-id
683038DB712292383980DE52
x-amz-cf-pop
FRA56-P8
server
AliyunOSS
chunk-vendors.bf63bec0.js
plugin-code.salesmartly.com/chat/widget/code/js/ Frame 9CB7 		226 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin-code.salesmartly.com/chat/widget/code/js/chunk-vendors.bf63bec0.js
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-84.fra56.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
81bd368e03fb87548bdbd9580cf5c9309e447fedf52295e4717fbb41a384ec48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-md5
Vc4S5Qim5vsaCgQlGMbq8g==
x-oss-storage-class
Standard
content-encoding
gzip
age
271313
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
Rk0aZIHUaFLe_Zjqc2WphQdo-PCOSVzOO8fApt7BVneNFI4U6JL7QA==
date
Fri, 23 May 2025 08:59:08 GMT
x-oss-server-time
6
content-type
application/javascript
last-modified
Fri, 23 May 2025 08:58:38 GMT
vary
Accept-Encoding,Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
11628951447286022601
via
1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
x-oss-request-id
683038DCA87B9A3333E63C56
x-amz-cf-pop
FRA56-P8
server
AliyunOSS
vendor1_b8775aab.js
plugin-code.salesmartly.com/chat/widget/code/js/ Frame 9CB7 		220 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin-code.salesmartly.com/chat/widget/code/js/vendor1_b8775aab.js
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-84.fra56.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
9b5cc937de300ae7ed821b3c25405086cd9fc0c25be5f6afc2213b06d1981408

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-md5
TdEL+eOlXQT7AtB2+NiI/Q==
x-oss-storage-class
Standard
content-encoding
gzip
age
271313
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
jFAqlmlTBb9tFyAxBdtNV29TqIX6QD2Vo0orDV6GXiWUo5UUBExrww==
date
Fri, 23 May 2025 08:59:08 GMT
x-oss-server-time
19
content-type
application/javascript
last-modified
Fri, 23 May 2025 08:58:38 GMT
vary
Accept-Encoding,Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
15305004930386263030
via
1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
x-oss-request-id
683038DC8E4DB9373507B7EC
x-amz-cf-pop
FRA56-P8
server
AliyunOSS
ling.mp3
client.salesmartly.com/setting/sounds/ 		46 KB
47 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://client.salesmartly.com/setting/sounds/ling.mp3
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-49.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35fbb2ad61551e3a396591657a66b563222454418238c46005b89418556f9983

Request headers

Referer
https://elek-promotion.top/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
J6b7RzocQsVXwTzS3QxevgOr1gKTyblY
etag
"1065fe976ff9e98d69772fe0f0d7b808"
age
1053754
x-cache
Hit from cloudfront
x-amz-cf-id
nPCCIjJ5WDqwiWVA0jRC9QgN-RVsKBYdSZ9ZGkYMvJgO6XBv1Hn30w==
date
Wed, 14 May 2025 07:38:29 GMT
content-type
audio/mp3
last-modified
Tue, 02 Jul 2024 06:29:42 GMT
x-amz-replication-status
REPLICA
cache-control
public, max-age=15552000
Content-Range
bytes 0-47222/47223
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
accept-ranges
bytes
Content-Length
47223
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
plugin.63fb3161.js
plugin-code.salesmartly.com/chat/widget/code/js/ Frame 9CB7 		306 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin-code.salesmartly.com/chat/widget/code/js/plugin.63fb3161.js
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-84.fra56.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
d901f7a915184349d07d7e1c86061edddd7818af8d8d3fb116f8ffcbc22ac25c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-md5
YuDVq5oRzbukqaCbz4zUMg==
x-oss-storage-class
Standard
content-encoding
gzip
age
271313
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
e8ENg-rx9unwY9u41COv5t2MQmUj6ylW0L5AYSWwJDyVXxNpREbh_g==
date
Fri, 23 May 2025 08:59:08 GMT
x-oss-server-time
1
content-type
application/javascript
last-modified
Fri, 23 May 2025 08:58:38 GMT
vary
Accept-Encoding,Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
11090211282061570493
via
1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
x-oss-request-id
683038DC8F02F93431954E7D
x-amz-cf-pop
FRA56-P8
server
AliyunOSS
marked.min.js
client.salesmartly.com/js/marked/v14.1.2/ Frame 9CB7 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.salesmartly.com/js/marked/v14.1.2/marked.min.js
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/chat/widget/code/js/plugin.63fb3161.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-49.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eeaba2c06a990d4602b4142cce579f4cce16fba404e6cc82c5c2f7ccb1e7bd1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

vary
accept-encoding
x-amz-replication-status
REPLICA
content-encoding
gzip
x-amz-version-id
JFBntxsrfZ64VoXBE8CHtNjr4.xFrBV4
etag
W/"4726c8d370952011c5137ee8e13eb6bb"
age
52406
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Qmd06TWai2_SR8yo8drp__TV7fBmWMhAp-0KjbY9k04XYL7Fz6TBqg==
date
Sun, 25 May 2025 21:47:43 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 06:38:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
get-plugin-info
api.salesmartly.com/sys/company/plugin/ Frame 9CB7 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.salesmartly.com/sys/company/plugin/get-plugin-info?plugin_sign=f391364b5e39c4cca3ba28f04ee48655&plugin_id=grmrdq&over_time=&env=chat&_=1748262061797&_lt=&_u=
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/chat/widget/code/js/vendor1_b8775aab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-126.fra56.r.cloudfront.net
Software
Salesmartly /
Resource Hash
8790e543a73ad1b9ce803d93ac04c4cb8a4f5ad0f79b18b7a80e3548fb48bb88

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer

Response headers

x-request-id
603bd654-bf25-4026-be2c-149d8b238063
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
access-control-allow-origin
https://elek-promotion.top
x-cache
Miss from cloudfront
x-amz-cf-id
1PgUnw9pyQQ8Oe14V90IS83tCe3qJ-dJrsX3I679K7RF9QVkIXXIzA==
date
Mon, 26 May 2025 12:21:02 GMT
content-type
application/json; charset=UTF-8
x-amz-cf-pop
FRA56-P3
server
Salesmartly
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type, Share-Access-Token, External-Token
log
srz.salesmartly.com/client/log/ Frame 9CB7 		47 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://srz.salesmartly.com/client/log/log?plugin_sign=45ee54557ecf365f26f37a02a353c889&plugin_id=grmrdq&over_time=&env=chat&_=1748262061801&_lt=&_u=
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/chat/widget/code/js/vendor1_b8775aab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-87.fra60.r.cloudfront.net
Software
/ PHP/7.2.34
Resource Hash
052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 c8ad942d9a5a20a8da22d39de4142f78.cloudfront.net (CloudFront)
access-control-allow-origin
https://elek-promotion.top
x-cache
Miss from cloudfront
x-amz-cf-id
IohqrTwaE44KJOSAG2KD1P-JIOFNj1_SUuel_1ezOks8yS_NsczJbg==
date
Mon, 26 May 2025 12:21:02 GMT
content-type
application/json; charset=UTF-8
x-powered-by
PHP/7.2.34
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
log
srz.salesmartly.com/client/log/ Frame 9CB7 		47 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://srz.salesmartly.com/client/log/log?plugin_sign=baeee2719743cb400d0d84f46c17e0d6&plugin_id=grmrdq&over_time=&env=chat&_=1748262061802&_lt=&_u=
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/chat/widget/code/js/vendor1_b8775aab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-87.fra60.r.cloudfront.net
Software
/ PHP/7.2.34
Resource Hash
052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 c8ad942d9a5a20a8da22d39de4142f78.cloudfront.net (CloudFront)
access-control-allow-origin
https://elek-promotion.top
x-cache
Miss from cloudfront
x-amz-cf-id
Fvqar2ADWBiG5QSywlcApMXhTkfrYbKswD_7Z3dptu_E3uOzFwJbAg==
date
Mon, 26 May 2025 12:21:02 GMT
content-type
application/json; charset=UTF-8
x-powered-by
PHP/7.2.34
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
Login-CFgJ3gm0.js
elek-promotion.top/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elek-promotion.top/assets/Login-CFgJ3gm0.js
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/assets/index-CHYXfELW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.196.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
588276fd0b65dbf8a71b64ec4692430e14eb0472d97911bcd6ab663302ad6316

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://elek-promotion.top
Referer

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
MISS
etag
"1541-63551d0fc39cd-gzip"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=xVtnZcEiu1QYKl6CeKEcegSSSEpoMadJ%2F0Ebmt6unZ28jo38i%2Buj0NBTJ%2BspoUT1fE4rKOVejemaggGZX5p5twWKWfAmONZ67rFcptAaquY%3D"}]}
cf-ray
945d3adf0c78ca3b-HAM
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1878
date
Mon, 26 May 2025 12:21:03 GMT
content-type
text/javascript
last-modified
Sat, 17 May 2025 09:49:35 GMT
server
cloudflare
vary
Accept-Encoding
useLocales-DpWUXKhB.js
elek-promotion.top/assets/ 		318 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elek-promotion.top/assets/useLocales-DpWUXKhB.js
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/assets/index-CHYXfELW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.196.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44a0dbc3fe3e6ffe53d104433e60b38c255e65e95b191093b91b3207df11bb07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://elek-promotion.top
Referer

Response headers

cache-control
max-age=14400
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"4f7d2-63551d1833bef-gzip"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=SWnrAHn%2B1zNvAfvKXEqBqm2R7zMju4ykib4OD6K1VLD1dGd7rAUXkyIFkLmwlUAizbMxBnevZhpVBjNODqRZJWBsFnUTuischwp96qIF4jE%3D"}]}
cf-ray
945d3adf0c79ca3b-HAM
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
date
Mon, 26 May 2025 12:21:02 GMT
content-type
text/javascript
last-modified
Sat, 17 May 2025 09:49:43 GMT
server
cloudflare
vary
Accept-Encoding
useLocales-cW20MRr4.css
elek-promotion.top/assets/ 		28 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://elek-promotion.top/assets/useLocales-cW20MRr4.css
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/assets/index-CHYXfELW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.196.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b16a6001ebd3994e238fdea6ac97c2e86c0025d2e7b8f1b607b6c93645f8e20e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://elek-promotion.top/

Response headers

cache-control
max-age=14400
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"705e-63551d198e6c0-gzip"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=NvCW0UInaQZEt5pU0twlXfF%2Bc%2BM4PSwkxYeub36DgdA55B87dyGG5n3gPHc2OklcZKHqGUn4MmQZ5cIgvMR3tSnmYtXiiSoa%2Bx8ZmybGuiE%3D"}]}
cf-ray
945d3adeac0cca3b-HAM
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2450
date
Mon, 26 May 2025 12:21:02 GMT
content-type
text/css
last-modified
Sat, 17 May 2025 09:49:45 GMT
server
cloudflare
vary
Accept-Encoding
Button-BrP17_3f.js
elek-promotion.top/assets/ 		493 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://elek-promotion.top/assets/Button-BrP17_3f.js
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/assets/index-CHYXfELW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.196.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c88b7f66aafdb2cb8d5b448cbdba41d9537dd1620cf9f51d6d34f23e0757081

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://elek-promotion.top
Referer

Response headers

cache-control
max-age=14400
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"1ed-63551d11d8cf6-gzip"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=tDP%2F1A5PLPrxIHuKUarD3Fjnqd%2BSiGdJCmfER6cDlUTVD%2FqJOG61vc3stKNN9ALiSDK6jyg7QqajI09TM0MWccc16fm%2BcPDUthvv85LROwI%3D"}]}
cf-ray
945d3adf0c7cca3b-HAM
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
302
date
Mon, 26 May 2025 12:21:02 GMT
content-type
text/javascript
last-modified
Sat, 17 May 2025 09:49:37 GMT
server
cloudflare
vary
Accept-Encoding
styles-b13DeGmT.js
elek-promotion.top/assets/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elek-promotion.top/assets/styles-b13DeGmT.js
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/assets/index-CHYXfELW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.196.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed16a2fbbeccdc22eec9db4ddbeac9d41dc62337311aeef76dd295c232b7598

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://elek-promotion.top
Referer

Response headers

cache-control
max-age=14400
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"19be-63551d1928dc4-gzip"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VeZJWo97L171zuejt78q3ce8J%2F%2B5%2FPesnxS30hUtFLQYsV7oECdx4CKBTLW2E5CnnSmn7iGXZldLDI94m5TBDK0XhebSrYPED%2B3p%2BhfvZHI%3D"}]}
cf-ray
945d3adf0c81ca3b-HAM
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1264
date
Mon, 26 May 2025 12:21:02 GMT
content-type
text/javascript
last-modified
Sat, 17 May 2025 09:49:44 GMT
server
cloudflare
vary
Accept-Encoding
styles-D9NMbfS9.css
elek-promotion.top/assets/ 		443 B
538 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://elek-promotion.top/assets/styles-D9NMbfS9.css
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/assets/index-CHYXfELW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.196.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15299801a29d956c6c30cc8afbebeddb3ff9e1f1b95c034140029999d29bf88d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://elek-promotion.top/

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
MISS
etag
"1bb-63551d103fa28-gzip"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=KhZ1bAD4%2BQu2IH0A9jvosNZL754M0Wzm9BW7DBM00sSVGJlxGM670jDj%2F6n2P4ERjvzYhVziCkm028pmqMYmcST4o8AInocQv3trGS1t16U%3D"}]}
cf-ray
945d3adf0c7fca3b-HAM
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
219
date
Mon, 26 May 2025 12:21:02 GMT
content-type
text/css
last-modified
Sat, 17 May 2025 09:49:35 GMT
server
cloudflare
vary
Accept-Encoding
hidepasswordicon-rqToulgd.js
elek-promotion.top/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elek-promotion.top/assets/hidepasswordicon-rqToulgd.js
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/assets/index-CHYXfELW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.196.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0882b8e5248605c35314f5ade2d86dbfeb897995098ccceac7490e5971409195

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://elek-promotion.top
Referer

Response headers

cache-control
max-age=14400
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"ee4-63551d1a0d5fb-gzip"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=t9pA6r3PBUlLMQ5hxnBQV2n%2B34OWB6idJqEbysMrnvX0iLUopbkBqlb4cKB%2B6udQITE6tXNbxWhUJEqzWxNYE8QYKpC8ReBrCcNr8yuY7sw%3D"}]}
cf-ray
945d3adf0c82ca3b-HAM
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1448
date
Mon, 26 May 2025 12:21:02 GMT
content-type
text/javascript
last-modified
Sat, 17 May 2025 09:49:45 GMT
server
cloudflare
vary
Accept-Encoding
LogoIcon-DCFXBfBW.js
elek-promotion.top/assets/ 		105 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://elek-promotion.top/assets/LogoIcon-DCFXBfBW.js
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/assets/index-CHYXfELW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.196.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12b4058442dad2c9053cf87174763230f8666d0135e481deb00fc1be9607cba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://elek-promotion.top
Referer

Response headers

cache-control
max-age=14400
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"69-63551d16989e1-gzip"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fF%2Fap%2BI28A2ugDkpm6puNfxcUsaxFV4m9PFfNtLJboOC0Dkka159XrHzuayqTe3svpjwML282O%2FCWleWMrWiIFL75g10SBC7OhzGqfuOZnI%3D"}]}
cf-ray
945d3adf0c85ca3b-HAM
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
114
date
Mon, 26 May 2025 12:21:03 GMT
content-type
text/javascript
last-modified
Sat, 17 May 2025 09:49:42 GMT
server
cloudflare
vary
Accept-Encoding
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v23/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://elek-promotion.top
Referer
https://fonts.googleapis.com/

Response headers

age
534630
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 20 May 2026 07:50:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 20 May 2025 07:50:32 GMT
last-modified
Wed, 23 Apr 2025 16:05:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
log
srz.salesmartly.com/client/station/ Frame 9CB7 		87 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://srz.salesmartly.com/client/station/log?plugin_sign=ef5c55b0fdc16920fa89348ebbb5f605&plugin_id=grmrdq&over_time=&env=chat&_=1748262062320&_lt=&_u=
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/chat/widget/code/js/vendor1_b8775aab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-87.fra60.r.cloudfront.net
Software
/ PHP/7.2.34
Resource Hash
d691b7b1cc9d109c8a4eddbff78db455d212cd388031ec278ab7f52860f1cef0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 c8ad942d9a5a20a8da22d39de4142f78.cloudfront.net (CloudFront)
access-control-allow-origin
https://elek-promotion.top
x-cache
Miss from cloudfront
x-amz-cf-id
Yb6UY0GcvPRj7vNmgS_SlxKjGduzxApi0t7297QDEb5tetFjNhULyQ==
date
Mon, 26 May 2025 12:21:02 GMT
content-type
application/json; charset=UTF-8
x-powered-by
PHP/7.2.34
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
create-user
api.salesmartly.com/chat/msg-user/ Frame 9CB7 		157 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.salesmartly.com/chat/msg-user/create-user?plugin_sign=7c1171377a4c178ec60816bc123b5066&plugin_id=grmrdq&over_time=&env=chat&_=1748262062956&_lt=&_u=f177e8a00f6a9f27a46d764a27699cba
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/chat/widget/code/js/vendor1_b8775aab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-126.fra56.r.cloudfront.net
Software
Salesmartly / PHP/7.2.34
Resource Hash
e08faf5c1a38e64ec5deb516d2a74ae6e4195ef350b069237c7b6ff8c4c8a543

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

x-request-id
f3928107-b365-47e6-b725-eade30f0b646
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
access-control-allow-origin
https://elek-promotion.top
x-cache
Miss from cloudfront
x-amz-cf-id
r6WR1QAomXk9xNABaNKT2KPbqCuXARFEEeYi9e5SPplkEJkyqiuYEA==
date
Mon, 26 May 2025 12:21:03 GMT
content-type
application/json; charset=UTF-8
x-powered-by
PHP/7.2.34
server
Salesmartly
x-amz-cf-pop
FRA56-P3
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type, Share-Access-Token, External-Token
iconfont.22b4ce3d.woff2
plugin-code.salesmartly.com/chat/widget/code/fonts/ Frame 9CB7 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://plugin-code.salesmartly.com/chat/widget/code/fonts/iconfont.22b4ce3d.woff2
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/chat/widget/code/css/chunk-common.aee94c54.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-84.fra56.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
e554352eb8145a8418f9200a315f7c06a867899e504a8b8911d42d3cf0f007cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://elek-promotion.top
Referer
https://plugin-code.salesmartly.com/chat/widget/code/css/chunk-common.aee94c54.css

Response headers

content-md5
IrTOPfLKTKcR+2fg4SR1JQ==
access-control-max-age
600
x-oss-storage-class
Standard
etag
"22B4CE3DF2CA4CA711FB67E0E1247525"
age
12901
x-oss-object-type
Normal
access-control-allow-methods
GET, PUT, POST
x-cache
Hit from cloudfront
x-amz-cf-id
ZZE_t0ur6k0WyhaQ2Kodn2DfG5vPHfk5n5mE09jtxRKk8Bv5w4neIg==
date
Mon, 26 May 2025 08:46:04 GMT
x-oss-server-time
2
content-type
font/woff2
last-modified
Fri, 23 May 2025 08:58:38 GMT
vary
Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
8434013652891713444
via
1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
8128
x-oss-request-id
68342A4C7732EB3632C30C96
x-amz-cf-pop
FRA56-P8
server
AliyunOSS
vite.svg
elek-promotion.top/ 		1 KB
835 B 		Other
General
Check archive.org
Download Go to
Full URL
https://elek-promotion.top/vite.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.196.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68f290ef577c916ea943e54121cec4f0b1819cc792daa44dc920f21dac8c7fa4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://elek-promotion.top/

Response headers

cache-control
max-age=14400
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"407-63551d0b09aa2"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=nsR0tdBLc07xPsiO1S51YF%2BHkab18FutOnp5lzSTgAMWaoJSffMCzslfiCmU6Tj7YP2ei4CD4m9XZvw6VpC6x89yqtZFSCfeaUZQl4%2FG%2FVI%3D"}]}
cf-ray
945d3ae66e44ca3b-HAM
alt-svc
h3=":443"; ma=86400
date
Mon, 26 May 2025 12:21:03 GMT
content-type
image/svg+xml
last-modified
Sat, 17 May 2025 09:49:30 GMT
server
cloudflare
vary
accept-encoding
trigger
msg.salesmartly.com/chat/chat-auto/user/ Frame 9CB7 		49 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://msg.salesmartly.com/chat/chat-auto/user/trigger?login_token=03bde3a45786c2da282c3021dde93b27&chat_user_id=3ea62f1118baf731ac12873b9acd21ff&plugin_sign=6a09294cfad91aadb48bdfcbed47b1f4&plugin_id=grmrdq&over_time=&env=chat&_=1748262063312&_lt=03bde3a45786c2da282c3021dde93b27&_u=f177e8a00f6a9f27a46d764a27699cba
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/chat/widget/code/js/vendor1_b8775aab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-61.fra56.r.cloudfront.net
Software
/
Resource Hash
d817b79090a73b71e09ad6e2daa2c137408a7cfb7916aef50da18a1b1b0229f0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
access-control-allow-origin
https://elek-promotion.top
x-cache
Miss from cloudfront
content-length
67
x-amz-cf-id
FiachIU3MAccO9a5U8OmaQuPIyUAK5l7OKrFOf3-Z7-PdiReolnhHA==
date
Mon, 26 May 2025 12:21:04 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P3
access-control-allow-headers
DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,Origin,Cpl,Client-Type,X-Requested-With,Accept,External-Sign
unread-msg-list-v2
msg.salesmartly.com/chat/chat-msg/ Frame 9CB7 		66 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://msg.salesmartly.com/chat/chat-msg/unread-msg-list-v2?login_token=03bde3a45786c2da282c3021dde93b27&chat_user_id=3ea62f1118baf731ac12873b9acd21ff&direction_type=1&plugin_id=grmrdq&over_time=&env=chat&_=1748262063312&_lt=03bde3a45786c2da282c3021dde93b27&_u=f177e8a00f6a9f27a46d764a27699cba
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/chat/widget/code/js/vendor1_b8775aab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-61.fra56.r.cloudfront.net
Software
/
Resource Hash
6e59b9f826a2a9b503fb05fd33448a0583d30552aed790dfea6cb19e74bb409c

Request headers

external-sign
b4bbd6ae1f5f8ef04f2e760860455959
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
access-control-allow-origin
https://elek-promotion.top
x-cache
Miss from cloudfront
content-length
82
x-amz-cf-id
vaV8mRyPUu1zjVxNeDKVFY4BHOTEv3irOtZYWxJjDovYQXkl8FL6Vw==
date
Mon, 26 May 2025 12:21:04 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P3
access-control-allow-headers
DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,Origin,Cpl,Client-Type,X-Requested-With,Accept,External-Sign
unread-msg-list-v2
msg.salesmartly.com/chat/chat-msg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://msg.salesmartly.com/chat/chat-msg/unread-msg-list-v2?login_token=03bde3a45786c2da282c3021dde93b27&chat_user_id=3ea62f1118baf731ac12873b9acd21ff&direction_type=1&plugin_id=grmrdq&over_time=&env=chat&_=1748262063312&_lt=03bde3a45786c2da282c3021dde93b27&_u=f177e8a00f6a9f27a46d764a27699cba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-61.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
external-sign
Access-Control-Request-Method
GET
Origin
https://elek-promotion.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,Origin,Cpl,Client-Type,X-Requested-With,Accept,External-Sign
access-control-allow-origin
https://elek-promotion.top
content-length
0
content-type
text/html
date
Mon, 26 May 2025 12:21:04 GMT
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
x-amz-cf-id
pFWNRZRezTFKnXeZ8BZ1KhCUE3dsqEBm2l95IxChhNe7DzXcnHAboA==
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
log
srz.salesmartly.com/client/station/ Frame 9CB7 		87 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://srz.salesmartly.com/client/station/log?plugin_sign=2341a3a988f1b5d88e5064a80963f47c&plugin_id=grmrdq&over_time=&env=chat&_=1748262063813&_lt=03bde3a45786c2da282c3021dde93b27&_u=f177e8a00f6a9f27a46d764a27699cba
Requested by
Host: plugin-code.salesmartly.com
URL: https://plugin-code.salesmartly.com/chat/widget/code/js/vendor1_b8775aab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-87.fra60.r.cloudfront.net
Software
/ PHP/7.2.34
Resource Hash
d691b7b1cc9d109c8a4eddbff78db455d212cd388031ec278ab7f52860f1cef0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 c8ad942d9a5a20a8da22d39de4142f78.cloudfront.net (CloudFront)
access-control-allow-origin
https://elek-promotion.top
x-cache
Miss from cloudfront
x-amz-cf-id
C69vMXbUB3wCR-0YszoyX0CIrOC55O5qoOsYolZX9ErMg_ypAC69gQ==
date
Mon, 26 May 2025 12:21:04 GMT
content-type
application/json; charset=UTF-8
x-powered-by
PHP/7.2.34
x-amz-cf-pop
FRA60-P10
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
LogoIcon-BHx5DR9l.svg
elek-promotion.top/assets/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elek-promotion.top/assets/LogoIcon-BHx5DR9l.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.196.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b53f7c4dce872f6fa324a7e6d8772bda3165c7b8bfef3ceaeda67deb577d25de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://elek-promotion.top/

Response headers

cache-control
max-age=14400
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"2597-63551d12c716b"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=hL9MyvIgEZGn8SHTkqRayHQ8EsNr9XQ5RJTavjjqg33fXQYAvwiFKTS%2FJj78i3CWOR16ocIarju%2FAe2P72sGYOob6kmtVQmrGh60eu0oARQ%3D"}]}
cf-ray
945d3aee598eca3b-HAM
alt-svc
h3=":443"; ma=86400
date
Mon, 26 May 2025 12:21:04 GMT
content-type
image/svg+xml
last-modified
Sat, 17 May 2025 09:49:38 GMT
server
cloudflare
vary
accept-encoding
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dea184027086ca5bbaf6a3e6dbf6e41b28fb39f0f1e0bc9487d1bbf88373da0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
postUserInfo
egatewayportal.top/Fetch/ 		54 B
725 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://egatewayportal.top/Fetch/postUserInfo
Requested by
Host: elek-promotion.top
URL: https://elek-promotion.top/assets/useLocales-DpWUXKhB.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f0121a42590e475156ec2c12e68b7814d0f2111463735a0436e25b542b354fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://elek-promotion.top/

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
no-store, no-cache, must-revalidate
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2AlkJcLvS6ncoPnx2mOQbeoQHNXTUxrBLVXY8tpHSW%2BjdeXHw454%2Bt%2BSeDUyZKJNNM2ZXe%2BOHjCwN4VIGcFuNd%2FOUMsOeGqeS2Wn8vacPC8%3D"}]}
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
cf-ray
945d3af18d1aca4c-HAM
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 26 May 2025 12:21:05 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
access-control-allow-headers
origin, x-requested-with, content-type
AccessBackground-BWlBkp70.jpg
elek-promotion.top/assets/ 		290 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elek-promotion.top/assets/AccessBackground-BWlBkp70.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.196.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://elek-promotion.top/

Response headers

cache-control
max-age=14400
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status
MISS
etag
"65ae5-63551d0f44a93"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=6F%2FWNe8Hav%2ByrWrYDHegHTPxj2uC%2Ba0u2NN%2FBb5bpvBQKiorisW0%2FOZB8MCDS8MLriU6yYlsRpW62seq2HD76F569jqqq%2Bwnpk6aocNKYnE%3D"}]}
cf-ray
945d3af6ccfaca3b-HAM
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
416485
date
Mon, 26 May 2025 12:21:06 GMT
content-type
image/jpeg
last-modified
Sat, 17 May 2025 09:49:34 GMT
server
cloudflare
vary
accept-encoding
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v23/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://elek-promotion.top
Referer
https://fonts.googleapis.com/

Response headers

age
258731
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 23 May 2026 12:28:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 12:28:54 GMT
last-modified
Wed, 23 Apr 2025 16:07:17 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

8 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| __ssc function| ssq object| install_ss_chat_plugin object| ssmEvent string| __reactRouterVersion number| 2f1acc6c3a606b082e5eef5e54414ffb

2 Cookies

Domain/Path Name / Value
.salesmartly.com/ Name: ss_uid
Value: f177e8a00f6a9f27a46d764a27699cba
elek-promotion.top/ Name: _ss_s_uid
Value: f177e8a00f6a9f27a46d764a27699cba

2 Console Messages

Source Level URL
Text
intervention info URL: about:blank
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://plugin-code.salesmartly.com/chat/widget/code/fonts/iconfont.22b4ce3d.woff2
recommendation verbose URL: https://elek-promotion.top/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.salesmartly.com
cdnjs.cloudflare.com
client.salesmartly.com
egatewayportal.top
elek-promotion.top
fonts.googleapis.com
fonts.gstatic.com
msg.salesmartly.com
plugin-code.salesmartly.com
srz.salesmartly.com
use.fontawesome.com
104.17.24.14
108.138.7.49
13.35.58.87
142.250.185.138
172.67.142.245
172.67.196.185
18.245.31.84
188.114.97.3
216.58.206.67
52.222.214.126
52.222.214.61
052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5
077709723b25dd809690d0b62485227079a2eea1b4388b632c68dd1a21a1622d
0882b8e5248605c35314f5ade2d86dbfeb897995098ccceac7490e5971409195
0f0121a42590e475156ec2c12e68b7814d0f2111463735a0436e25b542b354fd
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
15299801a29d956c6c30cc8afbebeddb3ff9e1f1b95c034140029999d29bf88d
1ab555f803063374ff56fc4b6bf339a3076a8b82d9c4a6c3dc1b0c52a176affd
35fbb2ad61551e3a396591657a66b563222454418238c46005b89418556f9983
3dea184027086ca5bbaf6a3e6dbf6e41b28fb39f0f1e0bc9487d1bbf88373da0
44a0dbc3fe3e6ffe53d104433e60b38c255e65e95b191093b91b3207df11bb07
588276fd0b65dbf8a71b64ec4692430e14eb0472d97911bcd6ab663302ad6316
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
62e7426ecf5e0f01db29bc1f5f5a599fbd276447840b779ad6192ec41e493e82
68f290ef577c916ea943e54121cec4f0b1819cc792daa44dc920f21dac8c7fa4
6c88b7f66aafdb2cb8d5b448cbdba41d9537dd1620cf9f51d6d34f23e0757081
6e59b9f826a2a9b503fb05fd33448a0583d30552aed790dfea6cb19e74bb409c
7561aabb2b816a38affa8bd099d888687d2ce8bc8014bc9c47698fb775171c9a
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81bd368e03fb87548bdbd9580cf5c9309e447fedf52295e4717fbb41a384ec48
8790e543a73ad1b9ce803d93ac04c4cb8a4f5ad0f79b18b7a80e3548fb48bb88
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
9b5cc937de300ae7ed821b3c25405086cd9fc0c25be5f6afc2213b06d1981408
a12b4058442dad2c9053cf87174763230f8666d0135e481deb00fc1be9607cba
a623dc17ec891cc4f6cecab0ec40b2c927f73704e751b9b0bdc9014db2577b11
acd3547abed6c333b51c036d70310b688076717515db47b3186b6f0fdfcac260
b16a6001ebd3994e238fdea6ac97c2e86c0025d2e7b8f1b607b6c93645f8e20e
b53f7c4dce872f6fa324a7e6d8772bda3165c7b8bfef3ceaeda67deb577d25de
b78dccbebecb9baeaf340bb957cbabf9a003d460d6c830362152a371b507ff64
b8dba0651b65f1ffd8f3b806523dcb368e3b7a28f6003ab1ecc22ff00f76f896
d691b7b1cc9d109c8a4eddbff78db455d212cd388031ec278ab7f52860f1cef0
d817b79090a73b71e09ad6e2daa2c137408a7cfb7916aef50da18a1b1b0229f0
d901f7a915184349d07d7e1c86061edddd7818af8d8d3fb116f8ffcbc22ac25c
e08faf5c1a38e64ec5deb516d2a74ae6e4195ef350b069237c7b6ff8c4c8a543
e554352eb8145a8418f9200a315f7c06a867899e504a8b8911d42d3cf0f007cd
e7f82ff024346e46a323aba95ede3dc0acc7f6bd9abcd490ca28d43579525079
eeaba2c06a990d4602b4142cce579f4cce16fba404e6cc82c5c2f7ccb1e7bd1f
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fed16a2fbbeccdc22eec9db4ddbeac9d41dc62337311aeef76dd295c232b7598