urlscan.io logo urlscan.io
SecurityTrails logo

uu11122.com Open in urlscan Pro
188.114.97.3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://uu11122.com/
Effective URL: https://uu11122.com/
Submission: On June 10 via manual from PH — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 4 domains to perform 48 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is uu11122.com.
TLS certificate: Issued by WE1 on June 8th 2024. Valid for: 3 months.
This is the only time uu11122.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 17 188.114.97.3 13335 (CLOUDFLAR...)
11 2600:9000:26e... 16509 (AMAZON-02)
2 14.215.183.79 4134 (CHINANET-...)
13 188.114.96.3 13335 (CLOUDFLAR...)
3 2600:9000:244... 16509 (AMAZON-02)
1 2600:9000:275... 16509 (AMAZON-02)
2 2600:9000:223... 16509 (AMAZON-02)
48 7
17    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
uu11122.com
11    2600:9000:26e8:ac00:1e:4a65:6f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.salesmartly.com
2    14.215.183.79 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
hm.baidu.com
13    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
abc.xx1oobtc.com
3    2600:9000:2449:d200:f:6577:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)
api.salesmartly.com
1    2600:9000:275d:4800:16:41f9:b9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
srz.salesmartly.com
2    2600:9000:223d:2a00:16:9386:7d40:93a1 (United States)

ASN16509 (AMAZON-02, US)
msg.salesmartly.com
Apex Domain
Subdomains		 Transfer
17 salesmartly.com
assets.salesmartly.com — Cisco Umbrella Rank: 116478
api.salesmartly.com — Cisco Umbrella Rank: 112742
srz.salesmartly.com — Cisco Umbrella Rank: 125594
msg.salesmartly.com — Cisco Umbrella Rank: 101640
299 KB
17 uu11122.com
uu11122.com
829 KB
13 xx1oobtc.com
abc.xx1oobtc.com
1 MB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10409
12 KB
48 4
Domain Requested by
17 uu11122.com 1 redirects uu11122.com
13 abc.xx1oobtc.com uu11122.com
11 assets.salesmartly.com uu11122.com
assets.salesmartly.com
3 api.salesmartly.com assets.salesmartly.com
2 msg.salesmartly.com assets.salesmartly.com
2 hm.baidu.com uu11122.com
1 srz.salesmartly.com assets.salesmartly.com
48 7

This site contains no links.

Subject Issuer Validity Valid
uu11122.com
WE1		 2024-06-08 -
2024-09-06		 3 months crt.sh
*.salesmartly.com
Amazon RSA 2048 M02		 2024-05-21 -
2025-06-19		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
xx1oobtc.com
GTS CA 1P5		 2024-05-29 -
2024-08-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://uu11122.com/
Frame ID: 123994D4C8000186979975A846ED5032
Requests: 34 HTTP requests in this frame

Frame: https://assets.salesmartly.com/chat/widget/code/css/chunk-common.fcd1043f.css
Frame ID: 13DEEC8C776786BCB6BEA5F125874F62
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

USDT

Page URL History Show full URLs

  1. http://uu11122.com/ HTTP 307
    https://uu11122.com/ Page URL
  2. https://uu11122.com/cdn-cgi/phish-bypass?atok=yXS9H57M_zCFrByZ_ULGjKF410QXes.1BRwXWpd7Ta0-171801... HTTP 301
    https://uu11122.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:div|button) class="el-(?:table-column|table-filter|popper|pagination|pager|select-group|form|form-item|color-predefine|color-hue-slider|color-svpanel|color-alpha-slider|color-dropdown|color-picker|badge|tree|tree-node|select|message|dialog|checkbox|checkbox-button|checkbox-group|container|steps|carousel|menu|menu-item|submenu|menu-item-group|button|button-group|card|table|select-dropdown|row|tabs|notification|radio|progress|progress-bar|tag|popover|tooltip|cascader|cascader-menus|cascader-menu|time-spinner|spinner|spinner-inner|transfer|transfer-panel|rate|slider|dropdown|dropdown-menu|textarea|input|input-group|popup-parent|radio-group|main|breadcrumb|time-range-picker|date-range-picker|year-table|date-editor|range-editor|time-spinner|date-picker|time-panel|date-table|month-table|picker-panel|collapse|collapse-item|alert|select-dropdown|select-dropdown__empty|select-dropdown__wrap|select-dropdown__list|scrollbar|switch|carousel|upload|upload-dragger|upload-list|upload-cover|aside|input-number|header|message-box|footer|radio-button|step|autocomplete|autocomplete-suggestion|loading-parent|loading-mask|loading-spinner|)
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

48
Requests

100 %
HTTPS

57 %
IPv6

4
Domains

7
Subdomains

7
IPs

3
Countries

2342 kB
Transfer

3878 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://uu11122.com/ HTTP 307
    https://uu11122.com/ Page URL
  2. https://uu11122.com/cdn-cgi/phish-bypass?atok=yXS9H57M_zCFrByZ_ULGjKF410QXes.1BRwXWpd7Ta0-1718012379-0.0.1.1-%2F HTTP 301
    https://uu11122.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://uu11122.com/ HTTP 307
  • https://uu11122.com/

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
uu11122.com/
Redirect Chain
  • http://uu11122.com/
  • https://uu11122.com/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2792a22a47298cab01b7af9d7f9c96bfda0e32985a46d150cff0c84c892fe325
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cf-ray
8918653c3a929b1f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 10 Jun 2024 09:39:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7pOf2TjX4hH061iO%2F7ewWiM7GGEvVkjCFQyxsfIhhIq%2BB8ubeCypFVM9vGQI%2FSCqBINFfv9KbyMSM2DcBWLFAzOmkCaRJ54gmZLbTMiXrC2OxQORk8IzQNwBSn7bZw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://uu11122.com/
Non-Authoritative-Reason
HttpsUpgrades
cf.errors.css
uu11122.com/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uu11122.com/cdn-cgi/styles/cf.errors.css
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 Jun 2024 12:26:34 GMT
server
cloudflare
etag
W/"665f07fa-5df3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
8918653ccb459b1f-FRA
expires
Mon, 10 Jun 2024 11:39:39 GMT
icon-exclamation.png
uu11122.com/cdn-cgi/images/ 		452 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uu11122.com/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: uu11122.com
URL: https://uu11122.com/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/cdn-cgi/styles/cf.errors.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Jun 2024 12:26:34 GMT
server
cloudflare
etag
"665f07fa-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
8918653d3bea9b1f-FRA
content-length
452
expires
Mon, 10 Jun 2024 11:39:39 GMT
favicon.ico
uu11122.com/ 		17 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://uu11122.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d06453893f4f7146b7e923ee7d886e0f234f4b0fcbe4f9a01d5748411cd4a926

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 31 Dec 2022 14:51:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b04c8e-423e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJIeMpoCufkFXTvQ6QQ2ZRAc%2BZMLZBk7lt3yen1D3oogHNkNyci1B6pRJ6fj4yDdyvFwOPDN%2FxBsh2eOaemV7T6S0bWRdWQ7XX0JRa5070rtYVIiBj26BTvhf144%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=120
cf-ray
8918653ddcb29b1f-FRA
alt-svc
h3=":443"; ma=86400
Primary Request /
uu11122.com/
Redirect Chain
  • https://uu11122.com/cdn-cgi/phish-bypass?atok=yXS9H57M_zCFrByZ_ULGjKF410QXes.1BRwXWpd7Ta0-1718012379-0.0.1.1-%2F
  • https://uu11122.com/
914 B
833 B 		Document
General
Check archive.org
Download Go to
Full URL
https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9da32641149e937ee37630c08f17cedd652df80e4fd76b2e297eec217a3de1c3

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://uu11122.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89186556fed09b1f-FRA
content-encoding
br
content-type
text/html
date
Mon, 10 Jun 2024 09:39:43 GMT
last-modified
Mon, 04 Dec 2023 12:52:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KwKJKsvJXHtGbaO0OoKcblOTLmX6dsl6c%2BDnxkPMTtZRGxTfau1jRZK7sKIvLx0DQDtNVRF9hAjxRO73ZhSWfmsL56AYHMvbi29AwVint5NkJKppJdYwX8e%2BtOQbOA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cache-control
private, no-cache
cf-ray
89186556dea89b1f-FRA
content-length
167
content-type
text/html
date
Mon, 10 Jun 2024 09:39:43 GMT
location
https://uu11122.com/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
chunk-vendors.b5e7c18d.js
uu11122.com/js/ 		884 KB
270 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uu11122.com/js/chunk-vendors.b5e7c18d.js
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec0f842c4df343f48a067d0214caba2c6c1dd9ffc3b57949bd713cf14e1594f1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 31 Dec 2022 14:51:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b04c8e-dcf1b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1xHBh5QPwxFOYGqr9ehIbtwdbAf60woVZLXlcft%2FmyuGzEj2jhnCwLrAeT8eJAN7NxmoPUC8dRbXB4%2BgW%2FsMfSANJMh5KwnUDhW1QSPtYWXW2YAzn%2BA7UOavgEZfUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
891865576f389b1f-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 10 Jun 2024 21:39:43 GMT
app.082e9d49.js
uu11122.com/js/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uu11122.com/js/app.082e9d49.js
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
875d293b0b6008dfb631c8392392053f29902b9817c07ec34a682c5ba03274a7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 31 Dec 2022 14:51:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b04c8e-6ff9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yy0hT4j0C55Z34UtowDYd%2B9XVNj4IFy63DgpTwvjwUgr5obF1qVmM4DTPw%2FNQnVqCfeZo1ilPkn7rP90D1BbXlGnFWGgjOrht0%2BQNRY4AU9USJSts0pQOT9rVsA8QA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
891865576f3a9b1f-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 10 Jun 2024 21:39:43 GMT
chunk-vendors.e7270478.css
uu11122.com/css/ 		206 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uu11122.com/css/chunk-vendors.e7270478.css
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
983003266b29799d23ff86bb962dad86362d73ff0ac1a8bcbc2f37cc7f72a10c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 31 Dec 2022 14:51:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b04c8e-33730"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yTSfveGkMGkyh6cw5soSPEpUA%2BMNYkkWOCPxaUenP%2B6JO1MwEWhWLQNwCo3QjD9D4WBXEtqb0xnuoyu8cHCG8jVRI2ySBOy5k92gFD4xbIqTJeZxkFjeNzDtGpXXWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
891865576f3d9b1f-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 10 Jun 2024 21:39:43 GMT
app.72879277.css
uu11122.com/css/ 		24 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uu11122.com/css/app.72879277.css
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f49d40e67f380dac17cf98938f4efe184d5003b7baa31873102e3cfb013854ae

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 31 Dec 2022 14:51:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b04c8e-5f65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YBZV%2BLYz2yG7Yx4cyC8WN8ibb0hZtrzGjxI%2FfPBO49QA8Wc5DAbmyX1aHv%2BMUsGTZU1n7OxEvCLgxhW8Qho5I%2B4eUkGrh8JDcYdZalcjrY5HOpkw76TNSex1I%2FH08A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
891865576f3f9b1f-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 10 Jun 2024 21:39:43 GMT
project_32991_34349_1701694252.js
assets.salesmartly.com/js/ 		670 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/js/project_32991_34349_1701694252.js
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ac00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
8cde188f4358d74fc7c63923b595196d231817fc32511140b8f40905bbcb91f3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 08:26:54 GMT
via
1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
x-oss-request-id
665EC8A970888B393493589B
content-md5
xjbai+uVsjiQHIsK7TzoyA==
x-amz-cf-pop
FRA56-P10
age
4909
x-cache
Hit from cloudfront
content-length
670
x-oss-object-type
Normal
last-modified
Mon, 04 Dec 2023 12:50:52 GMT
server
AliyunOSS
etag
"C636DA8BEB95B238901C8B0AED3CE8C8"
vary
Accept-Encoding, Origin
content-type
application/javascript
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
6859029094493740752
x-amz-cf-id
1JyXaAlk9lDsvnwX9MmdAj38TJNQsVznDNSrpHtBeLiBakn-FZhYgg==
x-oss-server-time
15
tongji.js
uu11122.com/ 		258 B
629 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uu11122.com/tongji.js
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c66861794b3f12621ce22bba9705b0aa914581eabed027a40f1d2011a73c7559

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 28 Dec 2023 13:27:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"658d77ca-102"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AD5NZ%2B7KqVEQQsDMLHIg8r74gGQqkdMWteg0ZGgq%2FRYAx9f%2BsqW%2BKX4qcXHB6VRWYZF%2BT4bYB9pDwMJigrhxA4QBAPxo2nQQJJ3RPBFQXVDHnE1zxN4tRd29vgZssA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
891865576f419b1f-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 10 Jun 2024 21:39:43 GMT
install.js
assets.salesmartly.com/chat/widget/code/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/chat/widget/code/install.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/js/project_32991_34349_1701694252.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ac00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
91966c601a0e0dbd8e85fed3403c003b05bf76e5b153c087ed5f578c958ac3f3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:35:04 GMT
content-encoding
gzip
via
1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
x-oss-request-id
6666B3BA43F9F8303175BF11
content-md5
iGuRsYSly4wfsMQgBDJ50A==
x-amz-cf-pop
FRA56-P10
age
280
x-cache
Hit from cloudfront
x-oss-object-type
Normal
last-modified
Mon, 03 Jun 2024 08:13:55 GMT
server
AliyunOSS
etag
"886B91B184A5CB8C1FB0C420043279D0"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=600
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
15888926401503302603
x-amz-cf-id
Xsq9ZLdrnczfafVyS83zDWFmb0QPDNenn6wkYURZNkm6tTeKs9PXZQ==
x-oss-server-time
4
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?6459230b3159aaf0ff3c3bc308bd3cda
Requested by
Host: uu11122.com
URL: https://uu11122.com/tongji.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
8eb137b6406d5f322db8b96f2d2e0ba0591af478326fc0fb9be17273f48dac30
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 10 Jun 2024 09:39:46 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
aa317fdce211c58a2802f102846026b0
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11258
about.2fd1f7ec.css
uu11122.com/css/ 		37 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uu11122.com/css/about.2fd1f7ec.css
Requested by
Host: uu11122.com
URL: https://uu11122.com/js/app.082e9d49.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff63931efe189b4e7e9b729661f2fa287fdefcd266affb2d348fdfe1c8984f05

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:44 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 31 Dec 2022 14:51:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b04c8e-9245"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qaeUGLzDyEdSUVgIJo3CQvmgOCD%2FzdapleDAtzKEQM6jpe6N2DYktZYrz0AcvJ2xOmiSFc6L1E0JpdeY0ThWSC2Kmnz0A69XOst2ixbICcob5V6SCucalXzohu3SIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
89186558c8aa9b1f-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 10 Jun 2024 21:39:44 GMT
about.95cf6e2f.js
uu11122.com/js/ 		128 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uu11122.com/js/about.95cf6e2f.js
Requested by
Host: uu11122.com
URL: https://uu11122.com/js/app.082e9d49.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2215f5abb44134264f0e3ea4650a423c77cb930d48426052e731979725d0546a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:44 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 11 Jun 2023 04:22:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64854bf3-2011e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p4s0ZLxs5ZYuDehmEeSHi1R7lRs5vm%2Bh9J5zgJY9Kbm7KfD6RXO276R5H0bWY31CXibbim7erIHUb0e%2BtGv1HOjxm2CxrBli%2BHVTlyXB%2BopfiMnk53Xbw6J3S4DYoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
89186558c8ad9b1f-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 10 Jun 2024 21:39:44 GMT
chunk-common.fcd1043f.css
assets.salesmartly.com/chat/widget/code/css/ Frame 13DE 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/chat/widget/code/css/chunk-common.fcd1043f.css
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ac00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
67ae4902681eed1ee7a4a3b6a1ab10dfd3a17dec852733954e2f90f0b333713d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 03:14:49 GMT
content-encoding
gzip
via
1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
x-oss-request-id
665E86A9CB36F931357FFE99
content-md5
8YlATqQpIwDAs7wjbQrI7Q==
x-amz-cf-pop
FRA56-P10
age
541495
x-cache
Hit from cloudfront
x-oss-object-type
Normal
last-modified
Mon, 03 Jun 2024 08:13:55 GMT
server
AliyunOSS
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=15552000
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
16491430429095914100
x-amz-cf-id
hpvEQkxxmP6AKDNmgXiOBLciMsadevcRN0IgeQxrFXffaPEtHOUE4w==
x-oss-server-time
61
plugin.4522191d.css
assets.salesmartly.com/chat/widget/code/css/ Frame 13DE 		59 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/chat/widget/code/css/plugin.4522191d.css
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ac00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
ab8f66bd40007eba11982a1b5bc12b65c42c8465ad4459a5cac82768b54b0512

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 03:14:49 GMT
content-encoding
gzip
via
1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
x-oss-request-id
665E86A981BDAB39378907E3
content-md5
5j3EyDue2VV78D5VOeBixw==
x-amz-cf-pop
FRA56-P10
age
541495
x-cache
Hit from cloudfront
x-oss-object-type
Normal
last-modified
Mon, 03 Jun 2024 08:13:55 GMT
server
AliyunOSS
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=15552000
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
8117214699022506078
x-amz-cf-id
oTHtC5IMQ35QBbRFWwgVdVLbgJgN_qIU367PMbPv5kseg1RJB7k-Vw==
x-oss-server-time
3
chunk-common.fb4a123b.js
assets.salesmartly.com/chat/widget/code/js/ Frame 13DE 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/chat/widget/code/js/chunk-common.fb4a123b.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ac00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
147d352a1d538006bd5c1e3024382e0c3efbe97a4d1fa1a20a759e648b025f67

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 03:14:49 GMT
content-encoding
gzip
via
1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
x-oss-request-id
665E86A999AE823237D34FBB
content-md5
D1dx9dBez+06Or7V1V/qDg==
x-amz-cf-pop
FRA56-P10
age
541495
x-cache
Hit from cloudfront
x-oss-object-type
Normal
last-modified
Mon, 03 Jun 2024 08:13:55 GMT
server
AliyunOSS
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=15552000
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
4577699579337947799
x-amz-cf-id
hp0pWB1r3MRaqV2J7lmls5PMVfNFkm4RUatLC19Mbza7fO95sp4ijw==
x-oss-server-time
1
chunk-vendors.0877c208.js
assets.salesmartly.com/chat/widget/code/js/ Frame 13DE 		179 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/chat/widget/code/js/chunk-vendors.0877c208.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ac00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
de5f4949d34c123186b26e7b16ac7a76408e677e00380b2366b3f6553061594e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 03:14:49 GMT
content-encoding
gzip
via
1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
x-oss-request-id
665E86A94562B73230C8298F
content-md5
ST8+i9YFm7sXjYsqRD8X5g==
x-amz-cf-pop
FRA56-P10
age
541495
x-cache
Hit from cloudfront
x-oss-object-type
Normal
last-modified
Mon, 03 Jun 2024 08:13:55 GMT
server
AliyunOSS
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=15552000
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
687972137012933462
x-amz-cf-id
D2c8iDRWLlIJL0_qK-_9WpUfRq1t0QOsoWBcQJ2RBJdUjzeE95-cjQ==
x-oss-server-time
1
vendor1_fd8e7641.js
assets.salesmartly.com/chat/widget/code/js/ Frame 13DE 		220 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ac00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
d13fa59865cd9ce916e46cae3593eeb17c011b5dd2880ca6a65846c2d4e5a9e2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 03:14:49 GMT
content-encoding
gzip
via
1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
x-oss-request-id
665E86A97C0F42393346579E
content-md5
YOHCRGf6GIUU2shKUsykFw==
x-amz-cf-pop
FRA56-P10
age
541495
x-cache
Hit from cloudfront
x-oss-object-type
Normal
last-modified
Mon, 03 Jun 2024 08:13:55 GMT
server
AliyunOSS
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=15552000
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
9671956606219813729
x-amz-cf-id
5JpvxNoUpa-hqNYvZ_9_QO-cbUprp_ah8zzG1ToCniwSOUMfXfh40A==
x-oss-server-time
2
ling.mp3
assets.salesmartly.com/sounds/ 		46 KB
47 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/sounds/ling.mp3
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ac00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
35fbb2ad61551e3a396591657a66b563222454418238c46005b89418556f9983

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://uu11122.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 03:14:49 GMT
via
1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
x-oss-request-id
665E86A9AA0DCC3037AA4AF2
content-md5
EGX+l2/56Y1pdy/g8Ne4CA==
x-amz-cf-pop
FRA56-P10
age
541495
x-cache
Hit from cloudfront
Content-Range
bytes 0-47222/47223
Content-Length
47223
x-oss-object-type
Normal
last-modified
Thu, 11 Jan 2024 09:22:49 GMT
server
AliyunOSS
etag
"1065FE976FF9E98D69772FE0F0D7B808"
vary
Origin
content-type
audio/mpeg
cache-control
public, max-age=15552000
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
11462808412005883106
x-amz-cf-id
Ikt_gF8OCPxpEb4mAaF9uIBCp-Z5Cz0dPNVWUmaeDJtflH-pl9-gHQ==
x-oss-server-time
1
logo.b33aafea.png
uu11122.com/img/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uu11122.com/img/logo.b33aafea.png
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc14fe73266a2c6ccb5bef16d4382b53dc09b419dc8038e408a2fba3f321d5b4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:44 GMT
cf-cache-status
MISS
last-modified
Sat, 31 Dec 2022 14:51:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63b04c8e-2458d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ucx59Q8tloMEFi96VGliSmSiwHCiEkCY%2B8OWxoYBPzbb8NcGvCZ4VafhF2tvI7Skm63XbWjAoL%2FNwmBKDBtu%2FKHu3%2BgBXtLyAveCbb7H9Wzt2TePcqDypOgllyjoTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8918655969a29b1f-FRA
alt-svc
h3=":443"; ma=86400
content-length
148877
expires
Wed, 10 Jul 2024 09:39:44 GMT
getSlideList
abc.xx1oobtc.com/api/index/ 		878 B
891 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://abc.xx1oobtc.com/api/index/getSlideList?lang=en
Requested by
Host: uu11122.com
URL: https://uu11122.com/js/about.95cf6e2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2439c2e9163c78c5dcff13b0b61f1b3e816dc3e53a1cf2291d9d96372678c805

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eb%2B9hupc9Brz46A2VAhMnqb9qw0WPqBsvbM9hJMxL%2F6v6oOmW6MQ92Yx0q9Atk8s3CnWujey%2F8PdH8C1r%2BWPU01BuID03e342Hkf2TaTvvnHSMEE9co1ytjyzuz%2FhB9UANve"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://uu11122.com
access-control-allow-credentials
true
cf-ray
89186559b9f2368b-FRA
alt-svc
h3=":443"; ma=86400
getHome
abc.xx1oobtc.com/api/index/ 		56 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://abc.xx1oobtc.com/api/index/getHome?lang=en
Requested by
Host: uu11122.com
URL: https://uu11122.com/js/about.95cf6e2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55a82ac41c1d23638f99934874e19dc306e858a9db1782b4c8b6f28132d66f3c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nbfmNjQ7U72ZOZq%2BRhegyluV6AbqgrVuLDM6CNZPDSBqnfCvrhO6xpmHVl2cbNOocQaojlxxZDeFHKRwTGI4A9UxmrqgLXz2D5EKoj1Nmfpe9xWf72V5RsSSA%2FAvyjQJH7Wt"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://uu11122.com
access-control-allow-credentials
true
cf-ray
89186559b9eb368b-FRA
alt-svc
h3=":443"; ma=86400
index
abc.xx1oobtc.com/api/index/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://abc.xx1oobtc.com/api/index/index?lang=en
Requested by
Host: uu11122.com
URL: https://uu11122.com/js/about.95cf6e2f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89b6743f707c657927935439f60e42563a3ffe6552521a7eb1a0214bf784fa42

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UtNtSO97uiwuZ8Qw1uDXfy7J5QXJyZJOWZet2q7EgD%2BjaAtB2gtWHAw9SUMhPd%2Bti%2BPffNDuZo06Q3fBuZVtjmFx52WkfmZLyn7DDYhEwUBYXruNj6PKIDRVoFGE9rEGYZ%2Bd"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://uu11122.com
access-control-allow-credentials
true
cf-ray
89186559b9f5368b-FRA
alt-svc
h3=":443"; ma=86400
homebg.696619f2.jpeg
uu11122.com/img/ 		258 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uu11122.com/img/homebg.696619f2.jpeg
Requested by
Host: uu11122.com
URL: https://uu11122.com/css/about.2fd1f7ec.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1c61f39ca45ef97c737b0e2107b93a803854c8c25c0f5f0a4d73227e62c2705

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/css/about.2fd1f7ec.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:44 GMT
cf-cache-status
MISS
last-modified
Sat, 31 Dec 2022 14:51:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63b04c8e-40976"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRk47m0gQKGvdTxxIBpoRQpoPZKFT9v7wFT21P0wQN9G23rGKoC5gwi5%2F1JNmzNnEHMnmCJy5EXFnCkgHKnDx5CASx5IEh3%2F33gxKJUpiXDqhh9TtbmzBFWYHHksVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8918655979b99b1f-FRA
alt-svc
h3=":443"; ma=86400
content-length
264566
expires
Wed, 10 Jul 2024 09:39:44 GMT
element-icons.ff18efd1.woff
uu11122.com/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uu11122.com/fonts/element-icons.ff18efd1.woff
Requested by
Host: uu11122.com
URL: https://uu11122.com/css/chunk-vendors.e7270478.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/css/chunk-vendors.e7270478.css
Origin
https://uu11122.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:44 GMT
cf-cache-status
MISS
last-modified
Sat, 31 Dec 2022 14:51:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63b04c8e-6e28"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o0K6vcY6Gr9jsHQoWE3qHJdE4W%2BuCZcNKriEK%2FRHLwK9Ccw9SxqcUDpAQj0VqMXkg697wqlHPgCg7F7KKyc0EKV0hEA5hFCPIAqX3%2BSd%2BzpvrslnDrfUGC1kT7cNWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=120
accept-ranges
bytes
cf-ray
8918655979c89b1f-FRA
alt-svc
h3=":443"; ma=86400
content-length
28200
plugin.5f809ae2.js
assets.salesmartly.com/chat/widget/code/js/ Frame 13DE 		239 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/chat/widget/code/js/plugin.5f809ae2.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ac00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
90796cbf7583a767fb490301384cec1913ac9c2ca88abedd21758c55b02527de

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 03:14:48 GMT
content-encoding
gzip
via
1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
x-oss-request-id
665E86A8ABE9A53937187AC0
content-md5
iNnZ25aPaf9CeEbV4ANOWw==
x-amz-cf-pop
FRA56-P10
age
541496
x-cache
Hit from cloudfront
x-oss-object-type
Normal
last-modified
Mon, 03 Jun 2024 08:13:55 GMT
server
AliyunOSS
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=15552000
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
3851854200303973571
x-amz-cf-id
Ha9QS2gKhEyA7slQB4svZ3XfW69b-RSNgk_k4aQm0_cyjExXdLaHiw==
x-oss-server-time
1
import-lang-nl.eeae1895.js
assets.salesmartly.com/chat/widget/code/js/ Frame 13DE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/chat/widget/code/js/import-lang-nl.eeae1895.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/plugin.5f809ae2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ac00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
efee60c9da7d4bd7e8ee00bcd41d7d53976cf06ab298c46a47b92941a8853f0e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 03:18:55 GMT
content-encoding
gzip
via
1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
x-oss-request-id
665E879FF397E235354DF991
content-md5
Jhg1yj11THTSGn0dMwKFhQ==
x-amz-cf-pop
FRA56-P10
age
541249
x-cache
Hit from cloudfront
x-oss-object-type
Normal
last-modified
Mon, 03 Jun 2024 08:13:55 GMT
server
AliyunOSS
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=15552000
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
7683809853891171563
x-amz-cf-id
mQj0ukIlrTInrx0ucwZ9BOKDtOU-bebtBJ5hi3zmYItZcMNd8Yhr6Q==
x-oss-server-time
32
get-plugin-info
api.salesmartly.com/sys/company/plugin/ Frame 13DE 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.salesmartly.com/sys/company/plugin/get-plugin-info?plugin_sign=0f2d9ece8b88517a01f42b7653a2c7b3&plugin_id=fs8lcl&over_time=&env=chat&_=1718012384296&_lt=&_u=
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:d200:f:6577:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHP/7.2.34
Resource Hash
e6f412f0d73a9818e239d615cb155a034bc04266dd58bbb40b4ce4e2742b884b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:44 GMT
via
1.1 28b2547a012b744c90796693b582d83c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
x-powered-by
PHP/7.2.34
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://uu11122.com
x-cache
Miss from cloudfront
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
x-amz-cf-id
daxRy55MRtMTfH41pd2QZD-OwUkBtGIqe99eXimNvZDtm8Lqwsflww==
log
srz.salesmartly.com/client/log/ Frame 13DE 		47 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://srz.salesmartly.com/client/log/log?plugin_sign=bdb6358f8aede5ef1eb8c53f67b7d11d&plugin_id=fs8lcl&over_time=&env=chat&_=1718012384301&_lt=&_u=
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:4800:16:41f9:b9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHP/7.2.34
Resource Hash
052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json, text/plain, */*
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:44 GMT
via
1.1 92818640c38efb006e1c39f31234144c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P11
x-powered-by
PHP/7.2.34
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://uu11122.com
x-cache
Miss from cloudfront
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
x-amz-cf-id
NmMxrC1Nea8XLld__ctzSPdqQ4kewJNjy8V1b-a2_poRhhgnj7zF5g==
iconfont.15dabac4.woff2
assets.salesmartly.com/chat/widget/code/fonts/ Frame 13DE 		7 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/chat/widget/code/fonts/iconfont.15dabac4.woff2
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/css/chunk-common.fcd1043f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ac00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
f2ec6b02a9c3047200a0e72a1ac7ae4c0d96c58d378d07ac1c18a6ad351a7f4a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://assets.salesmartly.com/chat/widget/code/css/chunk-common.fcd1043f.css
Origin
https://uu11122.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 03:14:49 GMT
via
1.1 7b33e91c10f2279399751cc4de05f400.cloudfront.net (CloudFront)
x-oss-request-id
665E86A91E3C923732D13887
content-md5
Fdq6xBz75pV3YXUhS0iecQ==
x-amz-cf-pop
FRA56-P10
age
541495
x-cache
Hit from cloudfront
content-length
7544
x-oss-object-type
Normal
last-modified
Mon, 03 Jun 2024 08:13:55 GMT
server
AliyunOSS
etag
"15DABAC41CFBE695776175214B489E71"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
9807860922094880266
x-amz-cf-id
1aVkY7QRBPITjM_sZuDU-IURSqtVaKfU6LAcoSSWX3Gzleh1GyPn1Q==
x-oss-server-time
2
create-user
api.salesmartly.com/chat/msg-user/ Frame 13DE 		157 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.salesmartly.com/chat/msg-user/create-user?plugin_sign=2eaf06de11d304d362ccc4d5556e1d67&plugin_id=fs8lcl&over_time=&env=chat&_=1718012384661&_lt=&_u=
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:d200:f:6577:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHP/7.2.34
Resource Hash
eedad483fedf38962b847f0d95eddb2801b69b079771b06af84687b5be522e13

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json, text/plain, */*
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:45 GMT
via
1.1 28b2547a012b744c90796693b582d83c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
x-powered-by
PHP/7.2.34
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://uu11122.com
x-cache
Miss from cloudfront
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
x-amz-cf-id
Mj-PW_KnObiXtianczDcg2ehWSQ0tg01o7HMRM5v4rB0QIPHK5RwMw==
4afcfcfb5b9bec7f755d8d802e886018.jpeg
abc.xx1oobtc.com/uploads/20221106/ 		163 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abc.xx1oobtc.com/uploads/20221106/4afcfcfb5b9bec7f755d8d802e886018.jpeg
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db9f795603f0c5184f5963ff09e04cbfce80c2bd8ca72034f3a753e6029b633b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
126364
alt-svc
h3=":443"; ma=86400
content-length
167339
last-modified
Wed, 19 Apr 2023 10:01:22 GMT
server
cloudflare
etag
"643fbbf2-28dab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrIe8rlPrWY7du8ouMmFiUoEs818%2F6pYFP%2F3jZgcr5AoeOHT07NGgkur9JEkmdlKoXwVKprnACZA1SV8aGVPDvW5J969KSrQd2kljPhQV4O9gPfjH45Mtwl%2FsgWc3btETI3f"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8918655d2a6b3689-FRA
expires
Mon, 08 Jul 2024 22:33:40 GMT
e7a6ce3ad380a5dd9f7cc64241e11448.jpg
abc.xx1oobtc.com/uploads/20230420/ 		200 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abc.xx1oobtc.com/uploads/20230420/e7a6ce3ad380a5dd9f7cc64241e11448.jpg
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
690d05f6681f1a920f37060c94c3b7de0ac48f71c6da47d9626fcda9cf8877b3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
126364
alt-svc
h3=":443"; ma=86400
content-length
204350
last-modified
Thu, 20 Apr 2023 07:45:47 GMT
server
cloudflare
etag
"6440edab-31e3e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bS3M7fzJgwkMKlZZ663wtZGh1XS9OglxHqC8kV9a1Fj9aQOld4%2BD9QZhz91h1Y2BCHnzx0DbUO4XJ3csmAadyeVQ7ME7iE16WrZWd300WJa9ObkeCV8aWMm8cNGbeXcxSikI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8918655d2a693689-FRA
expires
Mon, 08 Jul 2024 22:33:40 GMT
bd83779d7816b8107ecab6e16efcebf5.jpg
abc.xx1oobtc.com/uploads/20230613/ 		179 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abc.xx1oobtc.com/uploads/20230613/bd83779d7816b8107ecab6e16efcebf5.jpg
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a7695c647f40e1a58bd00fd72c0e0eb2d5d0f1e55b81e7a5e7873dcc47a2f29

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
126364
alt-svc
h3=":443"; ma=86400
content-length
183006
last-modified
Tue, 13 Jun 2023 09:34:56 GMT
server
cloudflare
etag
"64883840-2cade"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tpK0KqTvYoiOi53RciflL2TKHs39FEJJD%2FlsCXA3s6pYEzQF2S7%2BhfQk9ctgHJtDMtrKl1ttdELzEe8aC92UqS69MD%2FzLCYJjA8wDGG5stxdmIsPkn9mB8B4ZrULQYZWQPG%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8918655d2a633689-FRA
expires
Mon, 08 Jul 2024 22:33:40 GMT
028d4881903a5f5c3a6f189fc9523662.png
abc.xx1oobtc.com/uploads/20230821/ 		269 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abc.xx1oobtc.com/uploads/20230821/028d4881903a5f5c3a6f189fc9523662.png
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86a225b145655b16c287d94445db5d92be4d9922901ea0a03b6989a8e111d6f4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
126364
alt-svc
h3=":443"; ma=86400
content-length
275529
last-modified
Mon, 21 Aug 2023 07:55:30 GMT
server
cloudflare
etag
"64e31872-43449"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vpX0Dk57krI9UdQ5Cv4o8I2aIe7Xz28CGLaVNdzG009kBaCYSl%2FkTv8QX8GAVGQk1HqoT6THba5ra%2F4YJPwRv31x8FqCM7oTMWaHRFO0HohR4OrXFWhtD%2FwxzM6NPpSvuNIu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8918655d2a5e3689-FRA
expires
Mon, 08 Jul 2024 22:33:40 GMT
en.png
abc.xx1oobtc.com/lang/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abc.xx1oobtc.com/lang/en.png
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f8acf63a20b39a22ba0af9aefd83e0e9db962cd6dfd30356e5f782524934fb2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
692193
alt-svc
h3=":443"; ma=86400
content-length
21720
last-modified
Wed, 02 Nov 2022 14:06:24 GMT
server
cloudflare
etag
"63627960-54d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tdOHEq60VmGHrdH7%2FXK7A19KOkn2l%2BrFUvxuP2Z%2FHEv0%2Fts0OrZ2k4lPURo%2FdTdj3XT%2BkTsHrBJCuXxMXrB5qyg%2BNOPexpEf85VHMCy4VIBCVVrPcT2m5oMx9m8F%2BnBlc5F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8918655e2bf73689-FRA
expires
Tue, 02 Jul 2024 09:23:12 GMT
trigger
msg.salesmartly.com/chat/chat-auto/user/ Frame 13DE 		49 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://msg.salesmartly.com/chat/chat-auto/user/trigger?login_token=475e6ac0a8863457a43c66ab6d6b895a&chat_user_id=a8283bd692d9463cfda15413070d7232&plugin_sign=6a09294cfad91aadb48bdfcbed47b1f4&plugin_id=fs8lcl&over_time=&env=chat&_=1718012385179&_lt=475e6ac0a8863457a43c66ab6d6b895a&_u=
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2a00:16:9386:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d817b79090a73b71e09ad6e2daa2c137408a7cfb7916aef50da18a1b1b0229f0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json, text/plain, */*
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:45 GMT
content-encoding
gzip
via
1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://uu11122.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,Origin,Cpl,Client-Type,X-Requested-With,Accept
content-length
67
x-amz-cf-id
dPT3ZzWV3_42nEdFKuWiMZa0BU7y4PrsP0MnhUYCw6LGQuMReExWtw==
unread-msg-list
msg.salesmartly.com/chat/chat-msg/ Frame 13DE 		66 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://msg.salesmartly.com/chat/chat-msg/unread-msg-list?login_token=475e6ac0a8863457a43c66ab6d6b895a&chat_user_id=a8283bd692d9463cfda15413070d7232&plugin_id=fs8lcl&over_time=&env=chat&_=1718012385179&_lt=475e6ac0a8863457a43c66ab6d6b895a&_u=
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2a00:16:9386:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6e59b9f826a2a9b503fb05fd33448a0583d30552aed790dfea6cb19e74bb409c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:45 GMT
content-encoding
gzip
via
1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://uu11122.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,Origin,Cpl,Client-Type,X-Requested-With,Accept
content-length
82
x-amz-cf-id
ayFtxRWUbEDBTS_Hkb04klrEFoPe2MLpcs6YbCPEggJDzGVxW97JfQ==
8e61b705ea52802378b95f58bcf28689.png
abc.xx1oobtc.com/uploads/20221107/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abc.xx1oobtc.com/uploads/20221107/8e61b705ea52802378b95f58bcf28689.png
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595ec6c57372a739a391629914e81e14179f45bacded0c7ff7b070b4e0ec4c17

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
126364
alt-svc
h3=":443"; ma=86400
content-length
47329
last-modified
Mon, 07 Nov 2022 15:57:34 GMT
server
cloudflare
etag
"63692aee-b8e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FyTWe7cVkoMYqTLc65ub%2FD7FdMxOiUysdu7OVAQypgJoaI1K5loBgZZ7og2sVbBu9ZqS5tWKn0jqOdR5NtwmududftaekHxrLR42VMn0yKupNQKtV4Mk8sUidINDWaAGn2tQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
891865601f0b3689-FRA
expires
Mon, 08 Jul 2024 22:33:40 GMT
8e61b705ea52802378b95f58bcf28689.png
abc.xx1oobtc.com/uploads/20221027/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abc.xx1oobtc.com/uploads/20221027/8e61b705ea52802378b95f58bcf28689.png
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595ec6c57372a739a391629914e81e14179f45bacded0c7ff7b070b4e0ec4c17

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
126364
alt-svc
h3=":443"; ma=86400
content-length
47329
last-modified
Thu, 27 Oct 2022 15:00:42 GMT
server
cloudflare
etag
"635a9d1a-b8e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4LGpQyAV66Yl7v%2FyHrumZkl6KVijJa1gd2NFhd%2FEprNviOIumxMlUry2WAm8eJw%2Bm6BNI6P1%2BJxBaBWOfXBQ7U92nT7YkO4r1WRm8Mt0JHXbpWo8KcaeY9YnKiEv9RwqCTRn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
891865601f0d3689-FRA
expires
Mon, 08 Jul 2024 22:33:40 GMT
8e61b705ea52802378b95f58bcf28689.png
abc.xx1oobtc.com/uploads/20221108/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abc.xx1oobtc.com/uploads/20221108/8e61b705ea52802378b95f58bcf28689.png
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595ec6c57372a739a391629914e81e14179f45bacded0c7ff7b070b4e0ec4c17

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
126364
alt-svc
h3=":443"; ma=86400
content-length
47329
last-modified
Tue, 08 Nov 2022 13:11:08 GMT
server
cloudflare
etag
"636a556c-b8e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T3HqWK6TQOKRPuXFgk6gUpI%2BL8YqFaGKQlWkFqrYn00wUYq0XQgP5JWTh22%2FwhXa9NBsQcp499eEoEQkiRDWjKjWGwTuUT6%2FIRmGQsKiepFc8WXIAyfm6LXarjsyC9vSFB36"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
891865601f103689-FRA
expires
Mon, 08 Jul 2024 22:33:40 GMT
1a6598b183c9f7c57b9d5e6b8355293c.jpeg
abc.xx1oobtc.com/uploads/20221027/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abc.xx1oobtc.com/uploads/20221027/1a6598b183c9f7c57b9d5e6b8355293c.jpeg
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3fb3d0d8b7c9bbab3fe6fc7841bf59fa1e0019504e4f8ead633137e1137a5fc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
126364
alt-svc
h3=":443"; ma=86400
content-length
104034
last-modified
Thu, 27 Oct 2022 14:57:24 GMT
server
cloudflare
etag
"635a9c54-19662"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XN9f9AePFB2dDHY8A9jIbypXwlcXX6P7reDk6Pl%2BfFbds3USTu8LkfTdTGUlfd94ultTrQ4Ny1KmtyL4HNjTQYvvCc8q8GQiXFc7GedWrGPJGg8psnozcgpemv18TREY0pa9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
891865601f123689-FRA
expires
Mon, 08 Jul 2024 22:33:40 GMT
ad44b2aea82e30cafe5782cef842285b.png
abc.xx1oobtc.com/uploads/20221030/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abc.xx1oobtc.com/uploads/20221030/ad44b2aea82e30cafe5782cef842285b.png
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e515d59d49d28afcc9546ebcbf4d0b0f0672db6caa109bf359d4006ae3b8e85

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
126364
alt-svc
h3=":443"; ma=86400
content-length
115346
last-modified
Sun, 30 Oct 2022 13:40:10 GMT
server
cloudflare
etag
"635e7eba-1c292"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ABL0QwKUHv1YLDQYRdU1QZcqm1cT4O3pizQPzHnVWgZkVTgodZJUB%2FYmmvHvJBzYgELCXXlzA5sQ2LoVKD6%2F9BYlT28iIbBvAzufUNnnt5hTvIYszODcjmnl3l8lyORf1XI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
891865601f133689-FRA
expires
Mon, 08 Jul 2024 22:33:40 GMT
log
api.salesmartly.com/client/station/ Frame 13DE 		87 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.salesmartly.com/client/station/log?plugin_sign=56aaf4af20f732fac7c8d2dc0662508b&plugin_id=fs8lcl&over_time=&env=chat&_=1718012385680&_lt=475e6ac0a8863457a43c66ab6d6b895a&_u=
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:d200:f:6577:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHP/7.2.34
Resource Hash
d8b2049411594dd113c890c6e8ad801c259eaf7b43cac3a0f74ecdee849e618a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json, text/plain, */*
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:46 GMT
via
1.1 28b2547a012b744c90796693b582d83c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
x-powered-by
PHP/7.2.34
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://uu11122.com
x-cache
Miss from cloudfront
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
x-amz-cf-id
sr2O4kURTVzkmESSyk7xgGcIlqPPudEelPXhf85-Cire-xEMDVpKbQ==
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=nl-nl&lo=0&rnd=1591930400&si=6459230b3159aaf0ff3c3bc308bd3cda&su=https%3A%2F%2Fuu11122.com%2F&v=1.3.0&lv=1&sn=12361&r=0&ww=1600&u=https%3A%2F%2Fuu11122.com%2F%23%2Fhome%2FhomePage&tt=USDT
Requested by
Host: uu11122.com
URL: https://uu11122.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Mon, 10 Jun 2024 09:39:46 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
favicon.ico
uu11122.com/ 		17 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://uu11122.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d06453893f4f7146b7e923ee7d886e0f234f4b0fcbe4f9a01d5748411cd4a926

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://uu11122.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 09:39:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 31 Dec 2022 14:51:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b04c8e-423e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJIeMpoCufkFXTvQ6QQ2ZRAc%2BZMLZBk7lt3yen1D3oogHNkNyci1B6pRJ6fj4yDdyvFwOPDN%2FxBsh2eOaemV7T6S0bWRdWQ7XX0JRa5070rtYVIiBj26BTvhf144%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=120
cf-ray
8918653ddcb29b1f-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| __ssc function| ssq object| _hmt object| webpackChunkUSDT function| clearImmediate function| setImmediate object| install_ss_chat_plugin object| ssmEvent boolean| _bdhm_loaded_6459230b3159aaf0ff3c3bc308bd3cda object| mini_tangram_log_3q77xk

8 Cookies

Domain/Path Name / Value
.uu11122.com/ Name: __cf_mw_byp
Value: yXS9H57M_zCFrByZ_ULGjKF410QXes.1BRwXWpd7Ta0-1718012379-0.0.1.1-/
uu11122.com/ Name: lang
Value: en
uu11122.com/ Name: lang_var
Value: en
.salesmartly.com/ Name: ss_uid
Value: 96566a65c773fc579b7d8aaea130c430
uu11122.com/ Name: _ss_s_uid
Value: 96566a65c773fc579b7d8aaea130c430
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 95E646AABAD05ED2
.uu11122.com/ Name: Hm_lvt_6459230b3159aaf0ff3c3bc308bd3cda
Value: 1718012386
.uu11122.com/ Name: Hm_lpvt_6459230b3159aaf0ff3c3bc308bd3cda
Value: 1718012386

18 Console Messages

Source Level URL
Text
security warning URL: https://uu11122.com/#/home/homePage
Message:
Mixed Content: The page at 'https://uu11122.com/#/home/homePage' was loaded over HTTPS, but requested an insecure element 'http://abc.xx1oobtc.com/uploads/20221106/4afcfcfb5b9bec7f755d8d802e886018.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://uu11122.com/#/home/homePage
Message:
Mixed Content: The page at 'https://uu11122.com/#/home/homePage' was loaded over HTTPS, but requested an insecure element 'http://abc.xx1oobtc.com/uploads/20230420/e7a6ce3ad380a5dd9f7cc64241e11448.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://uu11122.com/#/home/homePage
Message:
Mixed Content: The page at 'https://uu11122.com/#/home/homePage' was loaded over HTTPS, but requested an insecure element 'http://abc.xx1oobtc.com/uploads/20230613/bd83779d7816b8107ecab6e16efcebf5.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://uu11122.com/#/home/homePage
Message:
Mixed Content: The page at 'https://uu11122.com/#/home/homePage' was loaded over HTTPS, but requested an insecure element 'http://abc.xx1oobtc.com/uploads/20230821/028d4881903a5f5c3a6f189fc9523662.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://uu11122.com/#/home/homePage
Message:
Mixed Content: The page at 'https://uu11122.com/#/home/homePage' was loaded over HTTPS, but requested an insecure element 'http://abc.xx1oobtc.com/lang/en.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://uu11122.com/#/home/homePage
Message:
Mixed Content: The page at 'https://uu11122.com/#/home/homePage' was loaded over HTTPS, but requested an insecure element 'http://abc.xx1oobtc.com/lang/en.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://uu11122.com/#/home/homePage
Message:
Mixed Content: The page at 'https://uu11122.com/#/home/homePage' was loaded over HTTPS, but requested an insecure element 'http://abc.xx1oobtc.com/uploads/20221107/8e61b705ea52802378b95f58bcf28689.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://uu11122.com/#/home/homePage
Message:
Mixed Content: The page at 'https://uu11122.com/#/home/homePage' was loaded over HTTPS, but requested an insecure element 'http://abc.xx1oobtc.com/uploads/20221027/8e61b705ea52802378b95f58bcf28689.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://uu11122.com/#/home/homePage
Message:
Mixed Content: The page at 'https://uu11122.com/#/home/homePage' was loaded over HTTPS, but requested an insecure element 'http://abc.xx1oobtc.com/uploads/20221108/8e61b705ea52802378b95f58bcf28689.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://uu11122.com/#/home/homePage
Message:
Mixed Content: The page at 'https://uu11122.com/#/home/homePage' was loaded over HTTPS, but requested an insecure element 'http://abc.xx1oobtc.com/uploads/20221027/1a6598b183c9f7c57b9d5e6b8355293c.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://uu11122.com/#/home/homePage
Message:
Mixed Content: The page at 'https://uu11122.com/#/home/homePage' was loaded over HTTPS, but requested an insecure element 'http://abc.xx1oobtc.com/uploads/20221027/1a6598b183c9f7c57b9d5e6b8355293c.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://uu11122.com/#/home/homePage
Message:
Mixed Content: The page at 'https://uu11122.com/#/home/homePage' was loaded over HTTPS, but requested an insecure element 'http://abc.xx1oobtc.com/uploads/20221030/ad44b2aea82e30cafe5782cef842285b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://uu11122.com/#/home/homePage
Message:
Mixed Content: The page at 'https://uu11122.com/#/home/homePage' was loaded over HTTPS, but requested an insecure element 'http://abc.xx1oobtc.com/uploads/20221030/ad44b2aea82e30cafe5782cef842285b.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://uu11122.com/#/home/homePage
Message:
Mixed Content: The page at 'https://uu11122.com/#/home/homePage' was loaded over HTTPS, but requested an insecure element 'http://abc.xx1oobtc.com/uploads/20221027/8e61b705ea52802378b95f58bcf28689.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://uu11122.com/#/home/homePage
Message:
Mixed Content: The page at 'https://uu11122.com/#/home/homePage' was loaded over HTTPS, but requested an insecure element 'http://abc.xx1oobtc.com/uploads/20221027/8e61b705ea52802378b95f58bcf28689.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other warning URL: https://uu11122.com/#/home/homePage
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://uu11122.com/#/home/homePage
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://uu11122.com/#/home/homePage
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abc.xx1oobtc.com
api.salesmartly.com
assets.salesmartly.com
hm.baidu.com
msg.salesmartly.com
srz.salesmartly.com
uu11122.com
14.215.183.79
188.114.96.3
188.114.97.3
2600:9000:223d:2a00:16:9386:7d40:93a1
2600:9000:2449:d200:f:6577:d340:93a1
2600:9000:26e8:ac00:1e:4a65:6f00:93a1
2600:9000:275d:4800:16:41f9:b9c0:93a1
052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5
147d352a1d538006bd5c1e3024382e0c3efbe97a4d1fa1a20a759e648b025f67
2215f5abb44134264f0e3ea4650a423c77cb930d48426052e731979725d0546a
2439c2e9163c78c5dcff13b0b61f1b3e816dc3e53a1cf2291d9d96372678c805
2792a22a47298cab01b7af9d7f9c96bfda0e32985a46d150cff0c84c892fe325
2a7695c647f40e1a58bd00fd72c0e0eb2d5d0f1e55b81e7a5e7873dcc47a2f29
2f8acf63a20b39a22ba0af9aefd83e0e9db962cd6dfd30356e5f782524934fb2
35fbb2ad61551e3a396591657a66b563222454418238c46005b89418556f9983
55a82ac41c1d23638f99934874e19dc306e858a9db1782b4c8b6f28132d66f3c
595ec6c57372a739a391629914e81e14179f45bacded0c7ff7b070b4e0ec4c17
67ae4902681eed1ee7a4a3b6a1ab10dfd3a17dec852733954e2f90f0b333713d
690d05f6681f1a920f37060c94c3b7de0ac48f71c6da47d9626fcda9cf8877b3
6e515d59d49d28afcc9546ebcbf4d0b0f0672db6caa109bf359d4006ae3b8e85
6e59b9f826a2a9b503fb05fd33448a0583d30552aed790dfea6cb19e74bb409c
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
86a225b145655b16c287d94445db5d92be4d9922901ea0a03b6989a8e111d6f4
875d293b0b6008dfb631c8392392053f29902b9817c07ec34a682c5ba03274a7
89b6743f707c657927935439f60e42563a3ffe6552521a7eb1a0214bf784fa42
8cde188f4358d74fc7c63923b595196d231817fc32511140b8f40905bbcb91f3
8eb137b6406d5f322db8b96f2d2e0ba0591af478326fc0fb9be17273f48dac30
90796cbf7583a767fb490301384cec1913ac9c2ca88abedd21758c55b02527de
91966c601a0e0dbd8e85fed3403c003b05bf76e5b153c087ed5f578c958ac3f3
983003266b29799d23ff86bb962dad86362d73ff0ac1a8bcbc2f37cc7f72a10c
9da32641149e937ee37630c08f17cedd652df80e4fd76b2e297eec217a3de1c3
ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17
ab8f66bd40007eba11982a1b5bc12b65c42c8465ad4459a5cac82768b54b0512
c66861794b3f12621ce22bba9705b0aa914581eabed027a40f1d2011a73c7559
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06453893f4f7146b7e923ee7d886e0f234f4b0fcbe4f9a01d5748411cd4a926
d13fa59865cd9ce916e46cae3593eeb17c011b5dd2880ca6a65846c2d4e5a9e2
d817b79090a73b71e09ad6e2daa2c137408a7cfb7916aef50da18a1b1b0229f0
d8b2049411594dd113c890c6e8ad801c259eaf7b43cac3a0f74ecdee849e618a
db9f795603f0c5184f5963ff09e04cbfce80c2bd8ca72034f3a753e6029b633b
dc14fe73266a2c6ccb5bef16d4382b53dc09b419dc8038e408a2fba3f321d5b4
de5f4949d34c123186b26e7b16ac7a76408e677e00380b2366b3f6553061594e
e6f412f0d73a9818e239d615cb155a034bc04266dd58bbb40b4ce4e2742b884b
ec0f842c4df343f48a067d0214caba2c6c1dd9ffc3b57949bd713cf14e1594f1
eedad483fedf38962b847f0d95eddb2801b69b079771b06af84687b5be522e13
efee60c9da7d4bd7e8ee00bcd41d7d53976cf06ab298c46a47b92941a8853f0e
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f1c61f39ca45ef97c737b0e2107b93a803854c8c25c0f5f0a4d73227e62c2705
f2ec6b02a9c3047200a0e72a1ac7ae4c0d96c58d378d07ac1c18a6ad351a7f4a
f3fb3d0d8b7c9bbab3fe6fc7841bf59fa1e0019504e4f8ead633137e1137a5fc
f49d40e67f380dac17cf98938f4efe184d5003b7baa31873102e3cfb013854ae
ff63931efe189b4e7e9b729661f2fa287fdefcd266affb2d348fdfe1c8984f05