urlscan.io logo urlscan.io
SecurityTrails logo

uqpays.xyz Open in urlscan Pro
2606:4700:3030::6815:360f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://udpays.xyz/338098585606283/
Effective URL: https://uqpays.xyz/
Submission: On February 09 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 8 domains to perform 40 HTTP transactions. The main IP is 2606:4700:3030::6815:360f, located in United States and belongs to CLOUDFLARENET, US. The main domain is uqpays.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 31st 2021. Valid for: a year.
This is the only time uqpays.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
26 2606:4700:303... 13335 (CLOUDFLAR...)
1 6 95.163.118.168 12695 (DINET-AS)
7 148.251.41.166 24940 (HETZNER-AS)
1 80.87.202.200 29182 (THEFIRST-AS)
1 1 23.45.96.43 20940 (AKAMAI-ASN1)
1 47.254.143.107 45102 (CNNIC-ALI...)
1 1 88.212.201.204 39134 (UNITEDNET)
40 5
1    2606:4700:3034::6815:106b (United States)

ASN13335 (CLOUDFLARENET, US)
udpays.xyz
26    2606:4700:3030::6815:360f (United States)

ASN13335 (CLOUDFLARENET, US)
uqpays.xyz
6    95.163.118.168 (Russian Federation)

ASN12695 (DINET-AS, RU)
PTR: ulogin.ru
ulogin.ru
7    148.251.41.166 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.166.41.251.148.clients.your-server.de
sonar.semantiqo.com
cdn3.caltat.com
1    80.87.202.200 (Irkutsk, Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: belesta21.ru
ulclick.ru
1    23.45.96.43 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-96-43.deploy.static.akamaitechnologies.com
s.click.aliexpress.com
1    47.254.143.107 (Frankfurt am Main, Germany)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
flashdeals.aliexpress.com
1    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
Apex Domain
Subdomains		 Transfer
26 uqpays.xyz
uqpays.xyz
220 KB
6 ulogin.ru
ulogin.ru
19 KB
4 semantiqo.com
sonar.semantiqo.com
22 KB
3 caltat.com
cdn3.caltat.com
628 B
2 aliexpress.com
s.click.aliexpress.com
flashdeals.aliexpress.com
2 KB
1 yadro.ru
counter.yadro.ru
332 B
1 ulclick.ru
ulclick.ru
9 KB
1 udpays.xyz
udpays.xyz
607 B
40 8
Domain Requested by
26 uqpays.xyz uqpays.xyz
6 ulogin.ru 1 redirects uqpays.xyz
ulogin.ru
4 sonar.semantiqo.com ulogin.ru
sonar.semantiqo.com
uqpays.xyz
3 cdn3.caltat.com uqpays.xyz
sonar.semantiqo.com
1 counter.yadro.ru 1 redirects
1 flashdeals.aliexpress.com ulclick.ru
1 s.click.aliexpress.com 1 redirects
1 ulclick.ru ulogin.ru
1 udpays.xyz 1 redirects
40 9

This site contains links to these domains. Also see Links.

Domain
ojooo.com
www.neobux.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-31 -
2022-01-30		 a year crt.sh
ulogin.ru
R3		 2021-01-08 -
2021-04-08		 3 months crt.sh
semantiqo.com
R3		 2021-01-21 -
2021-04-21		 3 months crt.sh
ulclick.ru
R3		 2020-12-31 -
2021-03-31		 3 months crt.sh
cdn3.caltat.com
R3		 2020-12-22 -
2021-03-22		 3 months crt.sh
*.aliexpress.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-01-26 -
2021-07-05		 5 months crt.sh

This page contains 7 frames:

Primary Page: https://uqpays.xyz/
Frame ID: 97E10600537E84BFC3D6EED33E969A65
Requests: 34 HTTP requests in this frame

Frame: https://ulogin.ru/stats.html?r=58840&type=panel&xdm_e=https%3A%2F%2Fuqpays.xyz&xdm_c=default2489&xdm_p=1
Frame ID: 20E89642A1B4C3777FA17F032CC5889C
Requests: 1 HTTP requests in this frame

Frame: https://ulogin.ru/version/3.0/html/drop.html?id=0&redirect_uri=https%3A%2F%2Fuqpays.xyz%2Fsocregister.php&callback=&providers=twitter,youtube,yandex,linkedin,instagram,mailru,steam,webmoney,wargaming,openid&fields=first_name,last_name&force_fields=&popup_css=&optional=&othprov=google,facebook,linkedin,youtube&protocol=https&host=uqpays.xyz&lang=en&verify=&sort=relevant&m=0&icons_32=&icons_16=&theme=flat&client=&page=https%3A%2F%2Fuqpays.xyz%2F&version=3&xdm_e=https%3A%2F%2Fuqpays.xyz&xdm_c=default2490&xdm_p=1
Frame ID: C3F23C73400974DE6510D37D926F3A7E
Requests: 1 HTTP requests in this frame

Frame: https://ulogin.ru/stats.html?r=60901&type=panel&xdm_e=https%3A%2F%2Fuqpays.xyz&xdm_c=default2491&xdm_p=1
Frame ID: B60115EF64D2AD47032C900A95276605
Requests: 1 HTTP requests in this frame

Frame: https://ulogin.ru/version/3.0/html/drop.html?id=1&redirect_uri=https%3A%2F%2Fuqpays.xyz%2Fsocregister.php&callback=&providers=twitter,youtube,yandex,linkedin,instagram,mailru,steam,webmoney,wargaming,openid&fields=first_name,last_name&force_fields=&popup_css=&optional=&othprov=google,facebook,linkedin,youtube&protocol=https&host=uqpays.xyz&lang=en&verify=&sort=relevant&m=0&icons_32=&icons_16=&theme=flat&client=&page=https%3A%2F%2Fuqpays.xyz%2F&version=3&xdm_e=https%3A%2F%2Fuqpays.xyz&xdm_c=default2492&xdm_p=1
Frame ID: C78E144D9EC02CBDE3955315AB9EE5C9
Requests: 1 HTTP requests in this frame

Frame: https://flashdeals.aliexpress.com/ru.htm?aff_fsk=_A6bWKV&aff_platform=portals-promotion&sk=_A6bWKV&aff_trace_key=1d82c791058045e481c7dfa87234f8f2-1612895704178-00118-_A6bWKV&terminal_id=50853ab30d904b97bd5292113ee9d11e
Frame ID: 6DEDDE20E7CD745D2B21D83887415540
Requests: 1 HTTP requests in this frame

Frame: https://sonar.semantiqo.com/i/
Frame ID: 447CB540579C8E3E99148867EA9E4520
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://udpays.xyz/338098585606283/ HTTP 302
    https://uqpays.xyz/?refid=338098585606283 Page URL
  2. https://uqpays.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

40
Requests

100 %
HTTPS

25 %
IPv6

8
Domains

9
Subdomains

5
IPs

4
Countries

271 kB
Transfer

722 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://udpays.xyz/338098585606283/ HTTP 302
    https://uqpays.xyz/?refid=338098585606283 Page URL
  2. https://uqpays.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://udpays.xyz/338098585606283/ HTTP 302
  • https://uqpays.xyz/?refid=338098585606283
Request Chain 29
  • https://ulogin.ru/cpx HTTP 302
  • https://cdn3.caltat.com/78784f16-8571-4898-9a7e-2b816ea84f37/pixel.php?u=
Request Chain 30
  • https://s.click.aliexpress.com/e/_A6bWKV HTTP 302
  • https://flashdeals.aliexpress.com/ru.htm?aff_fsk=_A6bWKV&aff_platform=portals-promotion&sk=_A6bWKV&aff_trace_key=1d82c791058045e481c7dfa87234f8f2-1612895704178-00118-_A6bWKV&terminal_id=50853ab30d904b97bd5292113ee9d11e
Request Chain 35
  • https://counter.yadro.ru/id127/reff-id.gif?sid=bc510ae37b27464183ea66870c70a95f HTTP 302
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=bc510ae37b27464183ea66870c70a95f

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
uqpays.xyz/
Redirect Chain
  • https://udpays.xyz/338098585606283/
  • https://uqpays.xyz/?refid=338098585606283
38 B
777 B 		Document
General
Check archive.org
Download Go to
Full URL
https://uqpays.xyz/?refid=338098585606283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
8eb2293cd13005eaae174189c86922af2d40fee9d21b309568bcbc96c62cb3d8

Request headers

:method
GET
:authority
uqpays.xyz
:scheme
https
:path
/?refid=338098585606283
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d070f5e48ccf176795bd516f81f82aca91612895703; expires=Thu, 11-Mar-21 18:35:03 GMT; path=/; domain=.uqpays.xyz; HttpOnly; SameSite=Lax refid=338098585606283; expires=Wed, 09-Feb-2022 18:35:03 GMT; path=/; domain=.uqpays.xyz
x-powered-by
PHP/5.4.16
expires
Mon, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache, must-revalidate
pragma
no-cache
last-modified
Tue, 09 Feb 2021 18:35:03GMT
cf-cache-status
DYNAMIC
cf-request-id
0829ac673f00002c363e9ef000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9qm8s1NrkkT3uk8ERJ9Vz%2B%2FYSVA03F4OkXCJ4BJ%2BljWNb1IygtB93fk6%2FDlC4ijq2YlW6xiBMpGF09Ifo6KcpOzRiZq60gNTMaRlmvPEd4KDJOYPf6BW"}]}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
61efb01ecae22c36-FRA
content-encoding
br

Redirect headers

date
Tue, 09 Feb 2021 18:35:02 GMT
content-type
text/html
set-cookie
__cfduid=d28ad5d556c37e0d138ef0531037fb23b1612895702; expires=Thu, 11-Mar-21 18:35:02 GMT; path=/; domain=.udpays.xyz; HttpOnly; SameSite=Lax
x-powered-by
PHP/5.4.16
location
https://uqpays.xyz/?refid=338098585606283
cf-cache-status
DYNAMIC
cf-request-id
0829ac67040000c295d2bc2000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m09yaE4acHTVAoz8%2FofkHylK%2BOy9yMzl8NAn%2BMAHwPnVUlDEStgmLfvvdIEElbU26apV9Q4ut0ofxz44cfq3VRIC%2F0PeD8qyrHrAyvQzlrDly30mcUAu"}],"group":"cf-nel"}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
61efb01e6ef6c295-FRA
Primary Request /
uqpays.xyz/ 		25 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uqpays.xyz/
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/?refid=338098585606283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
77399ff66d9cb4fa856689941e4f315e429e6db45c9755b40ea9503bd07701ac

Request headers

:method
GET
:authority
uqpays.xyz
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://uqpays.xyz/?refid=338098585606283
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d070f5e48ccf176795bd516f81f82aca91612895703; refid=338098585606283
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uqpays.xyz/?refid=338098585606283

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-type
text/html; charset=utf-8
x-powered-by
PHP/5.4.16
expires
Mon, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache, must-revalidate
pragma
no-cache
last-modified
Tue, 09 Feb 2021 18:35:03GMT
set-cookie
uid=20566287917134; expires=Wed, 09-Feb-2022 18:35:03 GMT; path=/; domain=.uqpays.xyz uid=873331647832073; expires=Wed, 09-Feb-2022 18:35:03 GMT; path=/; domain=.uqpays.xyz uid=693565718829938; expires=Wed, 09-Feb-2022 18:35:03 GMT; path=/; domain=.uqpays.xyz uid=328992427327410; expires=Wed, 09-Feb-2022 18:35:03 GMT; path=/; domain=.uqpays.xyz
cf-cache-status
DYNAMIC
cf-request-id
0829ac683800002c36538f9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k6%2F%2BePk1a1tkSk1NToFK8c11NGqaDp6f3yXEmPgJ6dzY59jB3W%2Fi2bYS9ZhC%2Fh0tl1VQIMek%2BS9PqZoHC1fVT2s1OjjFnqOelWtNvWCLgkhp9Lxn8f1S"}]}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
61efb0205eef2c36-FRA
content-encoding
br
jquery.min.js
uqpays.xyz/js/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uqpays.xyz/js/jquery.min.js
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2020 07:57:09 GMT
server
cloudflare
age
5599
etag
W/"5fcf31d5-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TA6xTQi7FslsH2Z8UjatqkE6bAGVf7FCLQk4L7Avb930V8cho%2Bm%2FNH5RGbF4HNBJqgYCRU350RzNF5oMpMz%2FtUM1z9SHL7%2BxVs6o8QDMyRf%2FxsqN6wDq"}]}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
61efb020afca2c36-FRA
cf-request-id
0829ac686e00002c36870fb000000001
bootstrap.css
uqpays.xyz/css/ 		204 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uqpays.xyz/css/bootstrap.css
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
387a9f338f15a1f4f313f45fc8f756f1cfd24ef01fec14af8f1371031e00c62e

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2020 07:55:00 GMT
server
cloudflare
age
5599
etag
W/"5fcf3154-32e08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3SKSjCJagBXjvYBIRnHNfU082ZZHkZhYRIJfptHKHwMintWJ38tUjGiJ%2FfSdfJ4AY7ZqV2eqvUHqWROKeJmSsAuVOEf7t8pBykvAh03sRlOOZVI4ECBp"}]}
content-type
text/css
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
61efb020afbe2c36-FRA
cf-request-id
0829ac686c00002c368391a000000001
font.css
uqpays.xyz/css/ 		72 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uqpays.xyz/css/font.css
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98daa73f831b71d2de9b894bae45de79c839e0111f7355c0f5375a5a3d8799a0

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2020 07:55:32 GMT
server
cloudflare
age
5599
etag
W/"5fcf3174-121f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AFvmtGEQqeX6M9OKKkRemTZR3CxmBRNp5GfeI0ytdVwP1yKtQAuBPczLWjacgMLVM20KwdgdMTuMTySMwB4gC9Ck8URWiSxRDmmGdZpl7uib%2BkADY7t%2F"}]}
content-type
text/css
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
61efb020afc22c36-FRA
cf-request-id
0829ac686c00002c36843b8000000001
maincss.php
uqpays.xyz/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uqpays.xyz/maincss.php?rstr=673277719878
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
d278d834a588ae05a47b304541ad68b23976bcfb7ba551eac251935cbeb6c347

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7HClXtzIS6IvgIIm6534Xo7x3aTs0T6yIQv62PwnAn85mRWMVyoLAvuNcM3gznJHyi4Yygu6aLCeTDnetyunUCtmyWmBMZdIFjeyZzKjDY%2FgD3D5656J"}]}
content-type
text/css
cf-ray
61efb020afc62c36-FRA
cf-request-id
0829ac686c00002c365829f000000001
bootstrap.min.js
uqpays.xyz/js/ 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uqpays.xyz/js/bootstrap.min.js
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fe63d431094210c8dc23a574ffcf610d6ce97e9f62fcb51be179e066e8f51ef

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2020 07:57:55 GMT
server
cloudflare
age
5599
etag
W/"5fcf3203-ea92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=85CYIpm%2BiSQUNm53D38ALceLwqs5kUyRvt7UNB9NNdfonPTezDimLEAe85GDqGCvo3CMqMVoyLR41yLivXEn3V0S%2B%2BvnClqLqPiiuESbJWOdi3Gj24Ho"}]}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
61efb020afcc2c36-FRA
cf-request-id
0829ac686d00002c36340e5000000001
popper.min.js
uqpays.xyz/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uqpays.xyz/js/popper.min.js
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccdb0d76bc64c3c03c56926547f9dc157ebc06bc3faa5c76e72b14b6227e1e41

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2020 07:57:39 GMT
server
cloudflare
age
5599
etag
W/"5fcf31f3-52fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3839QvW692xzTvETy5ldPgbRsEhf%2B04AciShLS797TPSwq4QNkyzgSXC6Yue2i4YCufDRBC%2FEWEliCfxZsdkfxHR3dompDS%2BX8lYuQLrrApxMxdNNA6V"}]}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
61efb020afcf2c36-FRA
cf-request-id
0829ac686d00002c363a8ec000000001
commonscripts.php
uqpays.xyz/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uqpays.xyz/commonscripts.php?rstr=673277719878
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
f9e0d5f509ffc74ac490962fadcf7dd4c9ed9d62a8b0559c32d35826391d66ab

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rXZHOonDuCClIY7LmuI7%2Fti1%2BZ3R%2Bq7kMigd66DoM7A1C1PkyEU6uHDx6611al%2F2oeoyKHcaIkLSje94yuy2z2CH0ugXw0bBOipZLh3sCv8IuxodlCta"}]}
content-type
text/html; charset=utf-8
cf-ray
61efb020afd42c36-FRA
cf-request-id
0829ac686e00002c3610057000000001
geterrorcodes.php
uqpays.xyz/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uqpays.xyz/geterrorcodes.php?rstr=673277719878
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
6338511e39087a8a8351ffbb72d87f1f13be01f8c106e5c7eb7e23a9c19622fa

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Feb 2021 18:35:03GMT
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"max_age":604800,"report_to":"cf-nel"}
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=41i4rcMmnHoMZ1kNyAo7UwmrkXn6ynBWBBwbmn%2BVrAIgH6dQBfAeI%2BWoqTcgH26DxouZZvF0baqnUmbKVX6jx7CK6rOXiO%2FYjOYsXK0jSSqyt7i9Gz5K"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, must-revalidate
cf-ray
61efb020afdc2c36-FRA
cf-request-id
0829ac686f00002c3643a6a000000001
expires
Mon, 26 Jul 1997 05:00:00 GMT
gl.png
uqpays.xyz/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uqpays.xyz/images/gl.png
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20b87b6d9a14fa62b247961db92490addc51b32a394d19ec83dccdd132cf81e3

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
5599
content-length
9278
cf-request-id
0829ac68ad00002c363ea1f000000001
last-modified
Sun, 31 Jan 2021 14:57:32 GMT
server
cloudflare
etag
"6016c55c-243e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=krVa5asjitpiAk32QYzett77%2FNWlrRS4tL0e79gAb5RahfT0Cw8WuC17tt2jYoxIUjHm3x53enmkk8lhpi0nTUrnPoJeL2zWLCF%2Fas1yMjq464R01a3K"}]}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61efb02118d52c36-FRA
flag.php
uqpays.xyz/ 		2 KB
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uqpays.xyz/flag.php?country=gd
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
d266749c44ceeff46640791d95ac98cbf2ee3cdf67f97cbeccbf26def7d8523a

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LWgic5A%2F9VSe1qStgT2XCCbOG0UyQ5%2FD%2Fyh7cwUrW8JO8lTc1Ya2ofnugDmlGEeTz9L3czrXa0y8Z62GCgM7jGOvnMvny5LHzQQdnWYkWC5afq1qUdw%2B"}]}
content-type
image/svg+xml
cf-ray
61efb02118dd2c36-FRA
cf-request-id
0829ac68b000002c3663aee000000001
flag.php
uqpays.xyz/ 		295 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uqpays.xyz/flag.php?country=gn
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
735109ba23330ad9e8602b6e27e658bd12e36f2616b7ead65bd908d553b2acda

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Uu8WhDoPPigtej3%2Ffus8E3qjAJaelbFcZehFprjck2fn0zMN9FNCSLA5u9VVJrvWgBc4Ag7X3lOHgIBE%2FqYNA%2FynapsXu%2BwcU6PjqCvSWsRquxgdvzU7"}]}
content-type
image/svg+xml
cf-ray
61efb02118e12c36-FRA
cf-request-id
0829ac68b100002c366b8b7000000001
flag.php
uqpays.xyz/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uqpays.xyz/flag.php?country=mw
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
2c1cc54f2da19fc3b24bca7aab5e4cd67c249073a570072df4fa27d223a5d492

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=alr2XAMVJFTccXrJ6%2FdzPC%2Fgi9rGlVmgXfaDmN4iAwhCu%2FEIInk97V6KR5u7bcv8P9WoK4IDgmrcuG6L2pRnbBP5VekyZOCiHTechzRvRK7l%2BWDIZ3j7"}]}
content-type
image/svg+xml
cf-ray
61efb02118e42c36-FRA
cf-request-id
0829ac68b100002c361a32b000000001
flag.php
uqpays.xyz/ 		2 KB
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uqpays.xyz/flag.php?country=nu
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
95396c9f13456505992b15bfa46f4bfb82dc7428dea1e7969366bed2fb49b91c

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bok92FlkS9xCbcAznjysQ8NBqEBZYwbGWr3LHMbk4m9L8aHXknBJKrZnyCPz3Zuoe8VW4cqGw6Trf0k6pZ5VgdGk6oZ5xJye2uKGKUgIulNXUyjKf1S8"}]}
content-type
image/svg+xml
cf-ray
61efb02118e62c36-FRA
cf-request-id
0829ac68b200002c361aa11000000001
flag.php
uqpays.xyz/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uqpays.xyz/flag.php?country=al
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
428e2ae3549a8bd0142419fcfcd1df808e78f622c27b246dc321f1c73bb61f89

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DD23woil9bWPDYg5nVetIYSRZYCtUXizP0hr7B8VFO3qWkwdui81Y4Wy%2BISqgBnwb2d0%2FgAcnBZlLAZCJKrHYtGdtGtGE9iaKFQ2D4Wfs0JQr%2B2nr0jI"}]}
content-type
image/svg+xml
cf-ray
61efb02118e72c36-FRA
cf-request-id
0829ac68b100002c363a8f1000000001
flag.php
uqpays.xyz/ 		275 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uqpays.xyz/flag.php?country=sl
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
d8106777ab26efc28f786a1345bd411a4a0a10da738b691e3f4deea96d3c3c3a

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uUdk%2Bo11ouJuUuZiH4EZiJwY7h9qYRvyYoLLvZfU%2FgXIj%2FiwfBffr5XNcDlVHpoC0PyiLCmLeRrd67PybGeczzk8sUdQ0hSmtgmb3%2Fjy1RGkKzl5hV8l"}]}
content-type
image/svg+xml
cf-ray
61efb02118e82c36-FRA
cf-request-id
0829ac68b100002c3641380000000001
flag.php
uqpays.xyz/ 		250 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uqpays.xyz/flag.php?country=ma
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
f40a79d79c88c1bb927ec0e40c5d044f838f0a2c48d820b3e8449e92a71d02d6

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ltR37iBT67Bq%2Brmw8xPgUIxlQF8Zf2e4klJcecZoYq55NWPpy27DeXPELoXwkTd%2BxK20GOMYyt3WKboUDKsRuEgHh8EmUv5RdQhLdEAhfIvc1LngXFNp"}]}
content-type
image/svg+xml
cf-ray
61efb02118e92c36-FRA
cf-request-id
0829ac68b100002c36843c0000000001
flag.php
uqpays.xyz/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uqpays.xyz/flag.php?country=ck
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
a0c2570f2e98e1ee86c5ad02660351a47b0541c6d51d9ac927ce0c3ab06620a4

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E1%2FlWI3e5JN8BdITBFwrRRXvG154X2o646dfACBL%2BPOVr43R4eM%2BAIzhbO2bfcDUtgCni3YUSBi9W7mz6fTUt1JVVtjMhnrx7cSYbH4NnEMlbJVtKlx5"}]}
content-type
image/svg+xml
cf-ray
61efb02118ea2c36-FRA
cf-request-id
0829ac68b200002c361005f000000001
flag.php
uqpays.xyz/ 		22 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uqpays.xyz/flag.php?country=bm
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
cbd384975c74c5a8fcd611e75a7c44567ffa32a4493f8139883ebcf5748fe69b

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GElDR8xfZOBNWxcwqnVxjTZPZjICElpbfdUMhM9I7FbX5vMAu%2F2W2PDZEmBIRpCcFEfIbRHkKhTzvBc5T9Ia2yt80azzWJegrci17giByKzJfzF0wJsd"}]}
content-type
image/svg+xml
cf-ray
61efb02118eb2c36-FRA
cf-request-id
0829ac68b300002c3610060000000001
flag.php
uqpays.xyz/ 		292 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uqpays.xyz/flag.php?country=yt
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
b1e78ed98f7111d6a115d73d2c604f5c1ef65ba9b01713ca47d914de0d22b351

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FRMvtoVyImxfua3O1B7BjJfIpkbKrZdW1lYKG2cMVghJRXKknUQUpUmHqRWwCJ%2F31lwclsdJmzz8mvwCYpxjf41quP6kuodPZrRoOlCpp%2FKXgkh1GgTF"}]}
content-type
image/svg+xml
cf-ray
61efb02118ec2c36-FRA
cf-request-id
0829ac68b200002c3681b44000000001
ulogin.js
ulogin.ru/js/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ulogin.ru/js/ulogin.js
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.118.168 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
ulogin.ru
Software
nginx /
Resource Hash
a2f80a19cd3f09a8630aecd4860c684b80fd52f0986150ec390d8f2e3374d63f

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 18:35:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Sep 2020 15:52:30 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=259200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 12 Feb 2021 18:35:08 GMT
background.png
uqpays.xyz/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uqpays.xyz/images/background.png?rstr=2644618950
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/maincss.php?rstr=673277719878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c1f0f967dde44dc4397b81c8f3ec4da8e52f80277a9dca281757c2314813547

Request headers

Referer
https://uqpays.xyz/maincss.php?rstr=673277719878
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
cf-cache-status
MISS
last-modified
Sat, 15 Feb 2020 10:31:38 GMT
server
cloudflare
etag
"5e47c88a-5757"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=At6eqOJh2YD6zgUuzMWk8xnS7WveVLZta3Z%2BY8y2jYKFyAl8HvpOUIQrwBQVuYx2ahhf1DwQV%2Fm8eEVySAtDVhKlpq%2BeouwlHA%2F2T9wgrn%2BYMT2YGqoO"}]}
content-type
image/png
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
61efb02128fc2c36-FRA
content-length
22359
cf-request-id
0829ac68b500002c3615387000000001
fontawesome-webfont.woff2
uqpays.xyz/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uqpays.xyz/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/css/font.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://uqpays.xyz
Referer
https://uqpays.xyz/css/font.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
573
content-length
77160
cf-request-id
0829ac68b800002c365aa1b000000001
last-modified
Sun, 18 Oct 2020 09:32:19 GMT
server
cloudflare
etag
"5f8c0ba3-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zO%2FaGw3CaAOoJB2XdybW%2B7qEBYUIUFVJAeFydwREiVQcicVbu4EZXfmx2JS4kqO2%2BLL9ky7cIu%2F4dFOkWp4bkMtZxesw98kIUEjUJYWZh05K2rsJ1W4v"}]}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
61efb02129082c36-FRA
stats.html
ulogin.ru/ Frame 20E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ulogin.ru/stats.html?r=58840&type=panel&xdm_e=https%3A%2F%2Fuqpays.xyz&xdm_c=default2489&xdm_p=1
Requested by
Host: ulogin.ru
URL: https://ulogin.ru/js/ulogin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.118.168 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
ulogin.ru
Software
nginx /
Resource Hash

Request headers

Host
ulogin.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://uqpays.xyz/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uqpays.xyz/

Response headers

Server
nginx
Date
Tue, 09 Feb 2021 18:35:08 GMT
Content-Type
text/html
Last-Modified
Tue, 07 Jun 2016 14:59:13 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
drop.html
ulogin.ru/version/3.0/html/ Frame C3F2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ulogin.ru/version/3.0/html/drop.html?id=0&redirect_uri=https%3A%2F%2Fuqpays.xyz%2Fsocregister.php&callback=&providers=twitter,youtube,yandex,linkedin,instagram,mailru,steam,webmoney,wargaming,openid&fields=first_name,last_name&force_fields=&popup_css=&optional=&othprov=google,facebook,linkedin,youtube&protocol=https&host=uqpays.xyz&lang=en&verify=&sort=relevant&m=0&icons_32=&icons_16=&theme=flat&client=&page=https%3A%2F%2Fuqpays.xyz%2F&version=3&xdm_e=https%3A%2F%2Fuqpays.xyz&xdm_c=default2490&xdm_p=1
Requested by
Host: ulogin.ru
URL: https://ulogin.ru/js/ulogin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.118.168 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
ulogin.ru
Software
nginx /
Resource Hash

Request headers

Host
ulogin.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://uqpays.xyz/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uqpays.xyz/

Response headers

Server
nginx
Date
Tue, 09 Feb 2021 18:35:08 GMT
Content-Type
text/html
Last-Modified
Wed, 20 Feb 2019 15:11:55 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
stats.html
ulogin.ru/ Frame B601 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ulogin.ru/stats.html?r=60901&type=panel&xdm_e=https%3A%2F%2Fuqpays.xyz&xdm_c=default2491&xdm_p=1
Requested by
Host: ulogin.ru
URL: https://ulogin.ru/js/ulogin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.118.168 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
ulogin.ru
Software
nginx /
Resource Hash

Request headers

Host
ulogin.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://uqpays.xyz/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uqpays.xyz/

Response headers

Server
nginx
Date
Tue, 09 Feb 2021 18:35:08 GMT
Content-Type
text/html
Last-Modified
Tue, 07 Jun 2016 14:59:13 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
drop.html
ulogin.ru/version/3.0/html/ Frame C78E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ulogin.ru/version/3.0/html/drop.html?id=1&redirect_uri=https%3A%2F%2Fuqpays.xyz%2Fsocregister.php&callback=&providers=twitter,youtube,yandex,linkedin,instagram,mailru,steam,webmoney,wargaming,openid&fields=first_name,last_name&force_fields=&popup_css=&optional=&othprov=google,facebook,linkedin,youtube&protocol=https&host=uqpays.xyz&lang=en&verify=&sort=relevant&m=0&icons_32=&icons_16=&theme=flat&client=&page=https%3A%2F%2Fuqpays.xyz%2F&version=3&xdm_e=https%3A%2F%2Fuqpays.xyz&xdm_c=default2492&xdm_p=1
Requested by
Host: ulogin.ru
URL: https://ulogin.ru/js/ulogin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.118.168 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
ulogin.ru
Software
nginx /
Resource Hash

Request headers

Host
ulogin.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://uqpays.xyz/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uqpays.xyz/

Response headers

Server
nginx
Date
Tue, 09 Feb 2021 18:35:08 GMT
Content-Type
text/html
Last-Modified
Wed, 20 Feb 2019 15:11:55 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
checking.js
sonar.semantiqo.com/c83ul/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sonar.semantiqo.com/c83ul/checking.js
Requested by
Host: ulogin.ru
URL: https://ulogin.ru/js/ulogin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.41.251.148.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
24f92168e4c2875c3d83f5b8d042bb2383a8ec28b574a884627891ef6159af04

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:03 GMT
mode
no-cors
last-modified
Tue, 09 Feb 2021 10:44:07 GMT
server
nginx/1.18.0
etag
"60226777-5668"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
22120
b-count.js
ulclick.ru/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ulclick.ru/b-count.js
Requested by
Host: ulogin.ru
URL: https://ulogin.ru/js/ulogin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.87.202.200 Irkutsk, Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
belesta21.ru
Software
nginx/1.13.12 /
Resource Hash
21ea8a9ed8ed051392861c6645048db42c34cd46f0f046901136d4d43828daa5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 18:35:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tuesday, 09-Feb-2021 18:35:03 GMT
Server
nginx/1.13.12
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
pixel.php
cdn3.caltat.com/78784f16-8571-4898-9a7e-2b816ea84f37/
Redirect Chain
  • https://ulogin.ru/cpx
  • https://cdn3.caltat.com/78784f16-8571-4898-9a7e-2b816ea84f37/pixel.php?u=
0
148 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.caltat.com/78784f16-8571-4898-9a7e-2b816ea84f37/pixel.php?u=
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.41.251.148.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Feb 2021 18:35:06 GMT
mode
no-cors
server
nginx/1.18.0
content-encoding
gzip
content-type
text/javascript;charset=UTF-8

Redirect headers

Location
https://cdn3.caltat.com/78784f16-8571-4898-9a7e-2b816ea84f37/pixel.php?u=
Date
Tue, 09 Feb 2021 18:35:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
161
Content-Type
text/html
ru.htm
flashdeals.aliexpress.com/ Frame 6DED
Redirect Chain
  • https://s.click.aliexpress.com/e/_A6bWKV
  • https://flashdeals.aliexpress.com/ru.htm?aff_fsk=_A6bWKV&aff_platform=portals-promotion&sk=_A6bWKV&aff_trace_key=1d82c791058045e481c7dfa87234f8f2-1612895704178-00118-_A6bWKV&terminal_id=50853ab30d9...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://flashdeals.aliexpress.com/ru.htm?aff_fsk=_A6bWKV&aff_platform=portals-promotion&sk=_A6bWKV&aff_trace_key=1d82c791058045e481c7dfa87234f8f2-1612895704178-00118-_A6bWKV&terminal_id=50853ab30d904b97bd5292113ee9d11e
Requested by
Host: ulclick.ru
URL: https://ulclick.ru/b-count.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
47.254.143.107 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
Tengine/Aserver /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains max-age=0
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
flashdeals.aliexpress.com
:scheme
https
:path
/ru.htm?aff_fsk=_A6bWKV&aff_platform=portals-promotion&sk=_A6bWKV&aff_trace_key=1d82c791058045e481c7dfa87234f8f2-1612895704178-00118-_A6bWKV&terminal_id=50853ab30d904b97bd5292113ee9d11e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://uqpays.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%221d82c791058045e481c7dfa87234f8f2-1612895704178-00118-_A6bWKV%22%2C%22affiliateKey%22%3A%22_A6bWKV%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222988879772%22%2C%22tagtime%22%3A1612895704178%7D&acs_rt=50853ab30d904b97bd5292113ee9d11e; acs_usuc_t=x_csrf=3ptjqu71behg&acs_rt=50853ab30d904b97bd5292113ee9d11e; aeu_cid=1d82c791058045e481c7dfa87234f8f2-1612895704178-00118-_A6bWKV; xman_t=x/r6KRao4abIADnpIekseb2VeHpcroeCd6uRu3e5t6LDnOVV8e5fOqYY/1raOmNo; xman_f=tJ8xVIza8lXhkUaLHfyqvkgzqcjNdh8xV+mxkS9csFaLVo4IIZXOv3DuG+RdMIkG50/siFXgXoJgSqoc+Cmv94PDBAWOvEP1nA11ywMm6VdPmS2/Ajew5A==; af_ss_a=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uqpays.xyz/

Response headers

date
Tue, 09 Feb 2021 18:35:04 GMT
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
set-cookie
ali_apache_id=33.0.189.215.1612895704289.305331.6; path=/; domain=.aliexpress.com; expires=Wed, 30-Nov-2084 01:01:01 GMT xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%221d82c791058045e481c7dfa87234f8f2-1612895704178-00118-_A6bWKV%22%2C%22affiliateKey%22%3A%22_A6bWKV%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222988879772%22%2C%22tagtime%22%3A1612895704178%7D&acs_rt=50853ab30d904b97bd5292113ee9d11e; Domain=.aliexpress.com; Expires=Sun, 27-Feb-2089 21:49:11 GMT; Path=/; Secure; SameSite=None XSRF-TOKEN=2cb572c3-2c44-46da-a86e-90b86c38144d; Path=/; HttpOnly
p3p
CP="CAO PSA OUR"
cache-control
no-transform,public,max-age=90,s-maxage=120
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=0
server
Tengine/Aserver
eagleeye-traceid
2100bdd716128957042878571ee050
timing-allow-origin
*
content-encoding
gzip

Redirect headers

content-length
0
x-application-context
global-traffic-holmes-f:production:7001
p3p
CP="CAO PSA OUR"
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
0
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
location
https://flashdeals.aliexpress.com/ru.htm?aff_fsk=_A6bWKV&aff_platform=portals-promotion&sk=_A6bWKV&aff_trace_key=1d82c791058045e481c7dfa87234f8f2-1612895704178-00118-_A6bWKV&terminal_id=50853ab30d904b97bd5292113ee9d11e
content-language
en-US
server
Tengine/Aserver
eagleeye-traceid
0b0a050b16128957041763939e670c
timing-allow-origin
*
date
Tue, 09 Feb 2021 18:35:04 GMT
set-cookie
xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%221d82c791058045e481c7dfa87234f8f2-1612895704178-00118-_A6bWKV%22%2C%22affiliateKey%22%3A%22_A6bWKV%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222988879772%22%2C%22tagtime%22%3A1612895704178%7D&acs_rt=50853ab30d904b97bd5292113ee9d11e; Domain=.aliexpress.com; Expires=Sun, 27-Feb-2089 21:49:11 GMT; Path=/; Secure; SameSite=None acs_usuc_t=x_csrf=3ptjqu71behg&acs_rt=50853ab30d904b97bd5292113ee9d11e; Domain=.aliexpress.com; Path=/; Secure; SameSite=None aeu_cid=1d82c791058045e481c7dfa87234f8f2-1612895704178-00118-_A6bWKV; Domain=.aliexpress.com; Expires=Sun, 27-Feb-2089 21:49:11 GMT; Path=/; Secure; SameSite=None xman_t=x/r6KRao4abIADnpIekseb2VeHpcroeCd6uRu3e5t6LDnOVV8e5fOqYY/1raOmNo; Domain=.aliexpress.com; Expires=Mon, 10-May-2021 18:35:04 GMT; Path=/; Secure; SameSite=None; HttpOnly xman_f=tJ8xVIza8lXhkUaLHfyqvkgzqcjNdh8xV+mxkS9csFaLVo4IIZXOv3DuG+RdMIkG50/siFXgXoJgSqoc+Cmv94PDBAWOvEP1nA11ywMm6VdPmS2/Ajew5A==; Domain=.aliexpress.com; Expires=Sun, 27-Feb-2089 21:49:11 GMT; Path=/; Secure; SameSite=None; HttpOnly traffic_se_co=%7B%7D; Domain=aliexpress.com; Expires=Sun, 27-Feb-2089 21:49:11 GMT; Path=/ af_ss_a=1; Path=/; Domain=.aliexpress.com; Max-Age=2147483647; Secure; SameSite=None af_ss_b=1; Path=/; Domain=.aliexpress.com; Max-Age=2147483647; SameSite=Lax
x-akamai-fwd-auth-sha
D040FE9533CEE1C69F55656C0D5E21FAE9AA5DD22CA2AD6A1FD4283DA7937786
x-akamai-fwd-auth-data
557291201, 23.14.94.209, 1612895704, 82.102.19.136
x-akamai-fwd-auth-sign
9Zo+/8INTsNqyt3UHQDy5Wkqbj+ic1K82LgJEfkodY7XRWwc/faCrFybGbQ/BkHXRKbZSrbYjX3A8lNUU1yYrbQU1NPKYhHMRmsAfbEnQy4=
/
sonar.semantiqo.com/i/ Frame 447C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sonar.semantiqo.com/i/
Requested by
Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c83ul/checking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.41.251.148.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash

Request headers

:method
GET
:authority
sonar.semantiqo.com
:scheme
https
:path
/i/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://uqpays.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uqpays.xyz/

Response headers

server
nginx/1.18.0
date
Tue, 09 Feb 2021 18:35:04 GMT
content-type
text/html
last-modified
Tue, 09 Feb 2021 10:44:07 GMT
etag
W/"60226777-a6"
content-encoding
gzip
mode
no-cors
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control
no-cache
sls_new.php
cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ 		3 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/sls_new.php
Requested by
Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c83ul/checking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.41.251.148.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Feb 2021 18:35:04 GMT
mode
no-cors
server
nginx/1.18.0
content-type
application/javascript
ces.php
cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ces.php?spid=bc510ae37b27464183ea66870c70a95f
Requested by
Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c83ul/checking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.41.251.148.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Feb 2021 18:35:04 GMT
mode
no-cors
referrer-policy
no-referrer
server
nginx/1.18.0
content-type
application/javascript
analize.js
sonar.semantiqo.com/c83ul/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sonar.semantiqo.com/c83ul/analize.js
Requested by
Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c83ul/checking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.41.251.148.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash

Request headers

Referer
https://uqpays.xyz/no-referrer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Feb 2021 18:35:04 GMT
content-encoding
gzip
server
nginx/1.18.0
mode
no-cors
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
data_sess_sync.php
sonar.semantiqo.com/fbfli/
Redirect Chain
  • https://counter.yadro.ru/id127/reff-id.gif?sid=bc510ae37b27464183ea66870c70a95f
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=bc510ae37b27464183ea66870c70a95f
0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=bc510ae37b27464183ea66870c70a95f
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.166.41.251.148.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uqpays.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:04 GMT
content-encoding
gzip
server
nginx/1.18.0
mode
no-cors
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=bc510ae37b27464183ea66870c70a95f
Date
Tue, 09 Feb 2021 18:35:04 GMT
Server
nginx/1.17.9
Connection
keep-alive
Content-Length
364
Strict-Transport-Security
max-age=86400
Content-Type
text/html; charset=iso-8859-1
getpayvideos.php
uqpays.xyz/ 		147 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uqpays.xyz/getpayvideos.php?rstr=0.9463234063136226
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
a27c10012a7342a9413e0822281b0d97f7d2d3bd92212ccb942ea1e04e606ba0

Request headers

Accept
*/*
Referer
https://uqpays.xyz/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mpIpV64utq3M0T1NTqGXNZZN3cuvMOvEC4ZBL1BV%2FCBsUdLvJjQtxgw1lR%2F1vp0QW9DBzyIw6SwxALGSDaJ4c%2BFjpCdVqh6%2B%2FYk9spVgn98rNWpBMeCf"}]}
content-type
text/html; charset=utf-8
cf-ray
61efb04298aa2c36-FRA
cf-request-id
0829ac7d9e00002c3630b14000000001
getpayvideos.php
uqpays.xyz/ 		146 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uqpays.xyz/getpayvideos.php?rstr=0.9913928299542625
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
0834b8d7e1b78139f9112a259bdb0e09947adbbfe089453def6e20c5dee9c600

Request headers

Accept
*/*
Referer
https://uqpays.xyz/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rleHWfDzGbPo8AbQJIRq9nZmSDROMPDZlIFoU2CpC1iQaMHW%2FRBRfWd6hGhwnaqQuV%2FaUb1ealUjQiJQmaon%2BoT%2FZrWPqo%2Fe040yOXsLdLdoWE%2FKHhDB"}]}
content-type
text/html; charset=utf-8
cf-ray
61efb061dd582c36-FRA
cf-request-id
0829ac912600002c3643b1d000000001
getpayvideos.php
uqpays.xyz/ 		147 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uqpays.xyz/getpayvideos.php?rstr=0.23572185068388785
Requested by
Host: uqpays.xyz
URL: https://uqpays.xyz/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:360f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
7ef7530aa902e7b1a0356a67c9dac623fefe6e37b485604b99a26917ed960611

Request headers

Accept
*/*
Referer
https://uqpays.xyz/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:35:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aD8y4bSIs%2Fe%2BWx3TpJzXjQFMVkvSMZoouhDg%2FFqoru8vODPC93Uf4r6vc8tLNYb1HfvlNjX2Id83GFcYG96FopGCt4mwzmYoaah73T3iO6LcFeaMT39z"}]}
content-type
text/html; charset=utf-8
cf-ray
61efb0811ff82c36-FRA
cf-request-id
0829aca4ad00002c364f103000000001

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| bootstrap function| Popper function| trim function| strpos function| hideerror function| showerror function| randomint function| postform function| postformwithoutchecking function| doerrorfunction function| dosuccessfunction function| doselect function| setcookie function| getcookie function| erasecookie function| getuserhost function| logout function| shuffle function| copytoclipboard function| getvalfromjson function| geterrorfromcode function| focuserrorfield string| errorcodes string| payvideos object| imgs number| imgpos function| getpayvideos function| getlastpayments function| redraw string| regim string| oldhtml number| id_projects number| moneycount number| sessmoneycount function| signup function| signin function| test function| doregister function| dologin function| dowritemess function| errorfunction function| successfunction function| clearerror object| easyXDM object| uLogin object| bc function| receiver function| redirect string| _0x23e7a94387dcba object| _0x1777 function| _0x12cb

2 Cookies

Domain/Path Name / Value
.aliexpress.com/ Name: xlly_s
Value: 1
.aliexpress.com/ Name: cna
Value: 2cOpGJLXFCYCAVJmE4gf5SBP

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn3.caltat.com
counter.yadro.ru
flashdeals.aliexpress.com
s.click.aliexpress.com
sonar.semantiqo.com
udpays.xyz
ulclick.ru
ulogin.ru
uqpays.xyz
148.251.41.166
23.45.96.43
2606:4700:3030::6815:360f
2606:4700:3034::6815:106b
47.254.143.107
80.87.202.200
88.212.201.204
95.163.118.168
0834b8d7e1b78139f9112a259bdb0e09947adbbfe089453def6e20c5dee9c600
20b87b6d9a14fa62b247961db92490addc51b32a394d19ec83dccdd132cf81e3
21ea8a9ed8ed051392861c6645048db42c34cd46f0f046901136d4d43828daa5
24f92168e4c2875c3d83f5b8d042bb2383a8ec28b574a884627891ef6159af04
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c1cc54f2da19fc3b24bca7aab5e4cd67c249073a570072df4fa27d223a5d492
2fe63d431094210c8dc23a574ffcf610d6ce97e9f62fcb51be179e066e8f51ef
387a9f338f15a1f4f313f45fc8f756f1cfd24ef01fec14af8f1371031e00c62e
428e2ae3549a8bd0142419fcfcd1df808e78f622c27b246dc321f1c73bb61f89
5c1f0f967dde44dc4397b81c8f3ec4da8e52f80277a9dca281757c2314813547
6338511e39087a8a8351ffbb72d87f1f13be01f8c106e5c7eb7e23a9c19622fa
6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167
735109ba23330ad9e8602b6e27e658bd12e36f2616b7ead65bd908d553b2acda
77399ff66d9cb4fa856689941e4f315e429e6db45c9755b40ea9503bd07701ac
7ef7530aa902e7b1a0356a67c9dac623fefe6e37b485604b99a26917ed960611
8eb2293cd13005eaae174189c86922af2d40fee9d21b309568bcbc96c62cb3d8
95396c9f13456505992b15bfa46f4bfb82dc7428dea1e7969366bed2fb49b91c
98daa73f831b71d2de9b894bae45de79c839e0111f7355c0f5375a5a3d8799a0
a0c2570f2e98e1ee86c5ad02660351a47b0541c6d51d9ac927ce0c3ab06620a4
a27c10012a7342a9413e0822281b0d97f7d2d3bd92212ccb942ea1e04e606ba0
a2f80a19cd3f09a8630aecd4860c684b80fd52f0986150ec390d8f2e3374d63f
b1e78ed98f7111d6a115d73d2c604f5c1ef65ba9b01713ca47d914de0d22b351
cbd384975c74c5a8fcd611e75a7c44567ffa32a4493f8139883ebcf5748fe69b
ccdb0d76bc64c3c03c56926547f9dc157ebc06bc3faa5c76e72b14b6227e1e41
d266749c44ceeff46640791d95ac98cbf2ee3cdf67f97cbeccbf26def7d8523a
d278d834a588ae05a47b304541ad68b23976bcfb7ba551eac251935cbeb6c347
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
d8106777ab26efc28f786a1345bd411a4a0a10da738b691e3f4deea96d3c3c3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f40a79d79c88c1bb927ec0e40c5d044f838f0a2c48d820b3e8449e92a71d02d6
f9e0d5f509ffc74ac490962fadcf7dd4c9ed9d62a8b0559c32d35826391d66ab