Report - send.cm/d/4udp

Report Overview

Visited public
2023-11-19 07:53:22
Tags
URL
send.cm/d/4udp
Finishing URL
send.cm/d/4udp
IP / ASN
172.67.70.55
#13335 CLOUDFLARENET
Title
p4w2grbwdd1u

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
send.cm	338619	2019-03-18	2019-08-16 11:13:47	2023-11-18 12:52:39	15 kB	1.3 MB	104.26.1.171
walker.send.cm	unknown	2019-03-18	2023-09-07 08:45:04	2023-11-11 22:31:45	1.3 kB	23 kB	104.26.1.171
adiingsinspiri.org	unknown	2023-11-08	2023-11-15 08:36:02	2023-11-19 08:24:05	1.4 kB	2.6 kB	65.9.55.116
professionalswebcheck.com	unknown	2022-04-01	2022-04-02 00:47:29	2023-11-19 05:11:35	420 B	414 B	52.59.122.145
dismantlepenantiterrorist.com	17847	2021-11-01	2021-11-01 22:12:12	2023-11-18 00:03:26	745 B	0 B	0.0.0.0
pogothere.xyz	unknown	2022-08-22	2022-09-04 21:11:25	2023-11-19 08:24:05	820 B	104 kB	188.114.96.1
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-11-19 05:19:38	395 B	86 kB	172.64.99.2
evidenceguidance.com	unknown	2023-09-27	2023-09-27 03:53:01	2023-11-17 09:08:31	458 B	1.1 kB	192.243.59.20
setitoefanyor.org	unknown	2023-11-08	2023-11-17 20:20:45	2023-11-19 08:24:05	988 B	1.7 kB	188.114.97.1
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2023-11-19 07:56:46	3.6 kB	11 kB	142.250.74.109
d2dkurdav21mkk.cloudfront.net	unknown	2008-04-25	2023-04-15 22:09:18	2023-11-10 21:28:32	1.1 kB	170 kB	54.230.241.157
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-11-19 07:26:43	340 B	942 B	54.230.218.11

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-19	medium	dismantlepenantiterrorist.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (18)

	URL	From	Size	First Seen	Last Seen
	send.cm/lib/bootstrap/js/bootstrap.bundle.min.js	ScriptElement	79 kB	2023-03-07	2025-05-08
Pretty URL send.cm/lib/bootstrap/js/bootstrap.bundle.min.js IP 104.26.1.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-08 06:28 Times Seen5191 Hash a454220fc07088bf1fdd19313b6bfd50 265a733cb7fbc481fd2510a659a85ad55c93c895 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c Loading...

	send.cm/static/js/clipboard.min.js	ScriptElement	9.0 kB	2023-03-07	2025-05-09
Pretty URL send.cm/static/js/clipboard.min.js IP 104.26.1.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41 Last Seen2025-05-09 21:10 Times Seen795 Hash ad98572d415d2f2452845a6068a913c0 6674f81dd01c76be986cf0a8172d1073e56d7ef4 baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1 Loading...

	unknown	ScriptElement	70 kB	2023-11-16	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-16 06:21 Last Seen2024-08-20 19:20 Times Seen15 Hash b372fe657729ece620fda3cc9324c0df 0aefd07be01c564214b0a4b690d6863e91887b4a 131d4a3b42cd3bcc8aab9c59e93c2c20a2311172ee630f972ee7b4a87813c981 Loading...

	send.cm/d/4udp	ScriptElement	774 B	2023-09-09	2024-08-21
Pretty URL send.cm/d/4udp IP 104.26.1.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-09 11:34 Last Seen2024-08-21 07:14 Times Seen43 Hash a8734a75e65c8c65207033535f3b9cdf 47124c635ebbeebc206778bda4055cf8aafd149a d3f740850f3c2c5e1ba96783869ef33ac4b3685a9754e213ebaa586be5ac0f4c Loading...

	send.cm/js/share.js	ScriptElement	329 B	2023-03-07	2025-01-01
Pretty URL send.cm/js/share.js IP 104.26.1.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-01-01 04:31 Times Seen386 Hash e38522ef9b2fe6940894f9f35a29f407 d5227e21fbae55e23bd87bf084a4049e797d0775 59b3cd5e8d2207976f8f687c84eba22d83cf960318fa8f7a6f31022ef4e69208 Loading...

	d2dkurdav21mkk.cloudfront.net/?rukdd=984022	ScriptElement	168 kB	2024-08-20	2024-08-20
Pretty URL d2dkurdav21mkk.cloudfront.net/?rukdd=984022 IP 54.230.241.157 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 18:49 Last Seen2024-08-20 18:49 Times Seen1 Hash a9196a427dc14cee9d8bfbef91b18a64 f6dd4e1b51537b803dfde8cde0128b3915724e17 ef35abbf4d0f37bd89af72ebb2f704880f618b88abe6d6ad5b2a3aeb662573ed Loading...

	send.cm/lib/feather-icons/feather.min.js	ScriptElement	66 kB	2023-03-07	2025-05-10
Pretty URL send.cm/lib/feather-icons/feather.min.js IP 104.26.1.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04 Last Seen2025-05-10 00:24 Times Seen151 Hash 44dee7fbafd7dc2404fa62713a8398c2 34f8691360e3548d1c9c18534cb0ec38b5c63154 a90582369e8cfed7b41dca4758e2fbe09fccf55b89f0cd0b7d46efd0745db831 Loading...

	send.cm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-05-10
Pretty URL send.cm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.26.1.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 10:22 Times Seen31252 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.4 kB	2023-11-19	2023-11-19
Pretty URL send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.26.1.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-19 08:53 Last Seen2023-11-19 08:53 Times Seen1 Hash e62f6dee864765e9c5e58cac315c292e af6c02de078ed44ebd08a51c991b5daf34de8420 4dd98d54a65acbeddc3ca67ea42149cca7bf871ecc55bece0868cf5ecd92f72f Loading...

	unknown	ScriptElement	258 B	2023-03-09	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:17 Last Seen2024-08-21 09:31 Times Seen59 Hash 142706d0b3bdf389d89ca29074552cf4 30eb7f76871c57befd3689498c3786aa35bc0729 8dfddd06ce7e1a1eb0cc9c570c85b6f73a734e01e25e756d4625e69fcf98dd02 Loading...

	unknown	ScriptElement	247 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 18:49 Last Seen2024-08-20 18:49 Times Seen1 Hash 7d06ba564f36104534361122081f688c 45368eb87f0b79228b7002e7d935ae98fce81a43 fe7144e2760f4dbdf70081f5b7f3ec3f30e0e1dd25eb0c09e5ae900c08e574de Loading...

	send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.4 kB	2023-11-19	2023-11-19
Pretty URL send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.26.1.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-19 08:49 Last Seen2023-11-19 08:53 Times Seen2 Hash 4a617a88090007e4f337a696a7ed00a5 c78db6fc02e4bf2bf67979dcc2c85424d5294be0 c7538e968a2dde36796f8834b5c9de79c7a0d0cf0fe35e689e678969308c5005 Loading...

	send.cm/static/js/jquery.min.js	ScriptElement	93 kB	2023-03-07	2025-05-10
Pretty URL send.cm/static/js/jquery.min.js IP 104.26.1.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27 Last Seen2025-05-10 01:53 Times Seen879 Hash bdce12c949e78d570c8d44e9c2b23508 9afdc4fec954646bd6270caf82f107fdef605bc5 c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-08-25	2023-11-23
Pretty URL friendshipmale.com/sfp.js IP 172.64.99.2 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 12:30 Last Seen2023-11-23 01:47 Times Seen6642 Hash 2d0450888479d4ddda305bd96206b240 5b4595aab1cd3f854718e05db9be0c65a12ab2f6 44de073e74ff24c6b1c0fe1f3ac5b33d793560e85ef24fb6ce89e76c2cf90af6 Loading...

	walker.send.cm/s.js	ScriptElement	66 kB	2023-03-08	2025-01-14
Pretty URL walker.send.cm/s.js IP 104.26.1.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:25 Last Seen2025-01-14 06:56 Times Seen252 Hash e5461eb0cef4256771e360d6306c3033 f31a23f1e2d15a7a03992010c359833efba3e6b8 78c25da6082dd620e0fe7f12d7ef6e3c6015304575d9ced465b4e84e15a7d82a Loading...

	send.cm/assets/js/dashforge.js	ScriptElement	2.3 kB	2023-03-07	2024-10-04
Pretty URL send.cm/assets/js/dashforge.js IP 104.26.1.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:15 Last Seen2024-10-04 10:18 Times Seen131 Hash 6ede26a7d7238a4ed67bcbdb67b30bb6 581c80a8cfec9844478e3b99b7774221c78d2be9 ccc7d942a1cfa3c238044a4885889799d7b215b5b29b2c48f5db28bececc2040 Loading...

	send.cm/lib/perfect-scrollbar/perfect-scrollbar.min.js	ScriptElement	18 kB	2023-03-07	2025-05-09
Pretty URL send.cm/lib/perfect-scrollbar/perfect-scrollbar.min.js IP 104.26.1.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2025-05-09 21:58 Times Seen1997 Hash 4a10bcfa0a9c9fa9d503b5a498cac31e c4f6c403e99fb37cb496c3844b332823db7c5837 a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634 Loading...

	send.cm/d/4udp	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL send.cm/d/4udp IP 104.26.1.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 18:49 Last Seen2024-08-20 18:49 Times Seen1 Hash 2bec40a2ded435c890fd6e1ed19b4285 e6d2b4be3ce11a228e1bf5516679d075d762fea7 8ca615ec795bd1336042cd59c007af10b228d48200c0def20a4a73c3a06be7f8 Loading...

HTTP Transactions (46)

URL IP Response Size

send.cm/qr/P3L1

104.26.1.171

200 OK

341 B

URL GET HTTP/3
send.cm/qr/P3L1
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
PNG image data, 135 x 135, 1-bit grayscale, non-interlaced\012- data
Size
341 B (341 bytes)
Hash
18333a55f278f6cd9387616798e581b9
9a23aada7c9dded3c8ded48aba301f57136a28ed
126efaf9a0642a67d9be05174c1a67af84bac25f877ee4b7349c80c8a084433b

HTTP Headers

GET /qr/P3L1 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/4udp
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: image/png
content-length: 341
content-transfer-encoding: binary
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FV6CIrEq6EoxzjnHlql96u%2FP2pdgR9M2aGNXmTYsZKNy1tC377%2FdpLao7s8q9IiCYqmU6aG76ivRhaUfAFy%2BxlF3ekExnoPda%2BF8DWhIC533rQx9pxElKc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a06ee6b50f-OSL
alt-svc: h3=":443"; ma=86400

send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff

104.26.1.171

200 OK

82 kB

URL GET HTTP/3
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
Web Open Font Format, TrueType, length 82076, version 1.1\012- data
Size
82 kB (82076 bytes)
Hash
dac78b0f1626eb1aa95d41b488e699c1
a377d0df34945fc45bdc030dc63139bd9cf28a2d
ee6d9467e82f91146b9f71f3ac572d66f4aeed0f261b30ef4765550edc11119d

HTTP Headers

GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: font/woff
content-length: 82076
last-modified: Thu, 17 Sep 2020 12:29:20 GMT
vary: Accept-Encoding
etag: "5f6356a0-1409c"
expires: Sat, 11 Nov 2023 16:42:52 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 2181534
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzK4Jsk2FSTptgzankeD9F4%2BSga%2FvQrJdBjin6D79VOMcw5O3D9HGWcnp4aAi6vSLy2uxKDeZHUfV8o8WEhrZbCHq6CA69DpyEN7Ld9C%2BlC6fBjk1yUuTpQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a16f68b50f-OSL
alt-svc: h3=":443"; ma=86400

send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff

104.26.1.171

200 OK

77 kB

URL GET HTTP/3
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
Web Open Font Format, TrueType, length 77420, version 1.1\012- data
Size
77 kB (77420 bytes)
Hash
2afba28a9ce96315436db858db163c47
550d4374a60527b4f68d4700019aaac11a9140a2
b51d665d9cfebb31a2b61491bf408a172a5791166a0eb99a57ae4a7acbcba0d4

HTTP Headers

GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: font/woff
content-length: 77420
last-modified: Thu, 17 Sep 2020 12:29:21 GMT
vary: Accept-Encoding
etag: "5f6356a1-12e6c"
expires: Sat, 11 Nov 2023 16:43:34 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1912095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4ltmcYNS1tryxJ4YIdpu6w8qIVQiwf6XpxS7KA%2FL9QdfKA5yyy4VpkdOkS4PmAN7IjMjEjOxdksGNFUFZaxqeHAGit3yZqOneaIgDeZFQ4UMXRhmOQxoDU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a16f6fb50f-OSL
alt-svc: h3=":443"; ma=86400

send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff

104.26.1.171

200 OK

82 kB

URL GET HTTP/3
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
Web Open Font Format, TrueType, length 81760, version 1.1\012- data
Size
82 kB (81760 bytes)
Hash
220843e2f1927e726e78ca63f426ce50
d86801f8452cda25025530f406773162decd1458
ae9310191397b69cd6dd015ba0c6f9d674f493d35384f29c9c7d23e3c7df0d24

HTTP Headers

GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: font/woff
content-length: 81760
last-modified: Thu, 17 Sep 2020 12:29:20 GMT
vary: Accept-Encoding
etag: "5f6356a0-13f60"
expires: Thu, 12 Oct 2023 16:43:10 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 2168404
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p06lRp1CDofMZdbL8zku6Rp6gsZedZPkymYJ7N8KvJGYmGRfnwAmfbD37iZKC1niDJ3lQstEAlQnT%2F4ZKD34aHZNdpRxQH%2FXUrtb69%2Fma44VB%2F5RX72F9GY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a16f70b50f-OSL
alt-svc: h3=":443"; ma=86400

send.cm/d/4udp

104.26.1.171

200 OK

86 kB

URL User Request GET HTTP/2
send.cm/d/4udp
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (53095)
Size
86 kB (85467 bytes)
Hash
6843b00b34ab7d132b1fde467052b0ff
9b34028bff3ed08e11513d4eaf3dbcc37d3e0d16
3c6d1463537caaf29349c4d73749154a182c94b750b6333da0b54bcdc394247f

HTTP Headers

GET /d/4udp HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=0;includeSubDomains;
expires: Sat, 18 Nov 2023 07:53:05 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnRy08nbhBePpiw%2FTPNzF8GEuZ4sznf3gC2bywbM9D9lOtGWgeC86cuZ7uS0VjcbpGO2gvJCJYWIBVGXVU8tCOG97DeDdzbmV8TNRuLAMgXZ93MAzO76U7Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: aff=26154; domain=.send.cm; path=/; expires=Sun, 03-Dec-2023 07:53:05 GMT
lang=english; domain=.send.cm; path=/
c_7hyj5tegwm4sd1=p4w2grbwdd1u; domain=.send.cm; path=/
__cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR; SameSite=None; Secure; path=/; expires=Sun, 19-Nov-23 08:23:05 GMT; HttpOnly
server: cloudflare
cf-ray: 8286e0976988569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

walker.send.cm/s.js

104.26.1.171

200 OK

22 kB

URL GET HTTP/3
walker.send.cm/s.js
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (63519)
Size
22 kB (21801 bytes)
Hash
e5461eb0cef4256771e360d6306c3033
f31a23f1e2d15a7a03992010c359833efba3e6b8
78c25da6082dd620e0fe7f12d7ef6e3c6015304575d9ced465b4e84e15a7d82a

HTTP Headers

GET /s.js HTTP/1.1
Host: walker.send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=65842
etag: W/"10132-602c8b81f787d"
last-modified: Sun, 13 Aug 2023 07:16:06 GMT
cache-control: max-age=259200
cf-cache-status: HIT
age: 5704
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXefO9BavZEGDKlQKbV3SinTCbruLk8gNGbFJhPIim6IyWYldOiNg3ofOwWvz9l1hbVOsoZq2ofqA%2FszPeqMguxDcy707bTE9dJSXCl0LZl%2F0Ae3pxdHtfFK5U982iK%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8286e0a16f71b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/static/css/auth.min.css

104.26.1.171

200 OK

74 kB

URL GET HTTP/3
send.cm/static/css/auth.min.css
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (789), with no line terminators
Size
74 kB (74513 bytes)
Hash
f095cdbc5703353ae870aa6fd1504bb8
395b5898fde4cb72dc30e7752bde4e68317fb299
d7091a28d7048b34315acc78d543eb1181751aec851df73f83da7d3b07081116

HTTP Headers

GET /static/css/auth.min.css HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/4udp
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: text/css
last-modified: Tue, 23 Mar 2021 17:04:40 GMT
etag: W/"315-5be372d95fefb-gzip"
vary: Accept-Encoding
expires: Sun, 19 Nov 2023 08:05:58 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1H3wHSu%2FItiMn8vQr8FGc0pPWC592SI%2BztAQgA4SKhlBcyQ6%2F0u%2FuB%2Bnsxqg8So9BPBMPMHFs9SlBk5u1%2F4chXOck4ge4oh1S0qvQCwQSX5mXNQbGLI4kvs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a06ee2b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

setitoefanyor.org/NUNwMkcafBNBelYVGAcJcHIxUxIFABV3EUESIQN2Zy4EeQZbLFZGLlF+SQpzBXFCFDdcJ00DYUY3EUYyRn5BFC5bJR8PYUN+QRx0AW1DBmkFZQUPdhM3AFMgCHJWQjNBL00DcAVzQwp3BntHAnEN

188.114.97.1

204 No Content

0 B

URL GET HTTP/2
setitoefanyor.org/NUNwMkcafBNBelYVGAcJcHIxUxIFABV3EUESIQN2Zy4EeQZbLFZGLlF+SQpzBXFCFDdcJ00DYUY3EUYyRn5BFC5bJR8PYUN+QRx0AW1DBmkFZQUPdhM3AFMgCHJWQjNBL00DcAVzQwp3BntHAnEN
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsetitoefanyor.org
Fingerprint71:E6:35:28:05:47:4A:2C:6E:EB:4C:92:5D:31:D3:8B:D5:4D:B8:83
ValidityWed, 15 Nov 2023 06:34:23 GMT - Tue, 13 Feb 2024 06:34:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /NUNwMkcafBNBelYVGAcJcHIxUxIFABV3EUESIQN2Zy4EeQZbLFZGLlF+SQpzBXFCFDdcJ00DYUY3EUYyRn5BFC5bJR8PYUN+QRx0AW1DBmkFZQUPdhM3AFMgCHJWQjNBL00DcAVzQwp3BntHAnEN HTTP/1.1
Host: setitoefanyor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sun, 19 Nov 2023 07:53:05 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qc%2Fv0mx3tnQUuuv3VTw%2BrXitDUmA5g8XoYkVj6%2B4rt58CqYH4TgLQZmy5e8fyjUkd02vBxkLD9w%2Fj9RptGgaHrWHAjW2d3QtKOoz%2F2bXf9ohLtoGUjoc%2BL6BI2J7mLyZe%2BT4Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a2dd075691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

adiingsinspiri.org/WmRIREs7BispdDtZKmI+KAh1YXkcQXoCL2gAIzE5PgU+dno3DyNqKDYLPSAtKAsmMGU0ATxheRwuBwE7aTEfdSkQNiN3HjETIgF5IjEJDH4SPXl8LhMlGWF5GCV4LHgUNRl8CCADIAYyAyoFIwY/K3lxfQ83HRwTEgAAIDwcPgIGCSk3eXQgHCMwJwMzFxwJehspKgUGMiUkCngSIAUIGDAtBwsjKjQEEg4xIAkRJR0nOwEdGT0fIA1jQXoGLWsIIBcKKlIQPSc5Jx99Dh9ULw8uMhd8BXtqHR0pBT41AA4JHgg7CSlqNRwXCipSChcvEyc/MAwDMhkTLjZJfXQTLQM8ASETIx52chwieXwCP1QsLBMbDH8RJhQAEC0GHCoJMBMXCAIuAC0IfxYlYwAALnIRPQliISkLJjR2GDEZdzkMMgNxMy4rHiJ7

65.9.55.116

200 OK

1.2 kB

URL GET HTTP/2
adiingsinspiri.org/WmRIREs7BispdDtZKmI+KAh1YXkcQXoCL2gAIzE5PgU+dno3DyNqKDYLPSAtKAsmMGU0ATxheRwuBwE7aTEfdSkQNiN3HjETIgF5IjEJDH4SPXl8LhMlGWF5GCV4LHgUNRl8CCADIAYyAyoFIwY/K3lxfQ83HRwTEgAAIDwcPgIGCSk3eXQgHCMwJwMzFxwJehspKgUGMiUkCngSIAUIGDAtBwsjKjQEEg4xIAkRJR0nOwEdGT0fIA1jQXoGLWsIIBcKKlIQPSc5Jx99Dh9ULw8uMhd8BXtqHR0pBT41AA4JHgg7CSlqNRwXCipSChcvEyc/MAwDMhkTLjZJfXQTLQM8ASETIx52chwieXwCP1QsLBMbDH8RJhQAEC0GHCoJMBMXCAIuAC0IfxYlYwAALnIRPQliISkLJjR2GDEZdzkMMgNxMy4rHiJ7
IP
65.9.55.116:443
ASN
#16509 AMAZON-02

Requested by
https://send.cm/d/4udp
Certificate
IssuerAmazon
Subjectadiingsinspiri.org
FingerprintF1:71:03:4D:5E:75:1B:A9:AB:5F:04:38:5F:1A:B1:DB:D9:D4:85:4C
ValidityWed, 15 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3028), with no line terminators
Size
1.2 kB (1180 bytes)
Hash
4f57fe1e9d07a178ca34f67e76983934
78ad5de744e1b6c4a5c032859f365907248aa72d
88a59ea4c8bd3809537724caa78583deecc614e346d35ead9a6df3b4df23dcf1

HTTP Headers

GET /WmRIREs7BispdDtZKmI+KAh1YXkcQXoCL2gAIzE5PgU+dno3DyNqKDYLPSAtKAsmMGU0ATxheRwuBwE7aTEfdSkQNiN3HjETIgF5IjEJDH4SPXl8LhMlGWF5GCV4LHgUNRl8CCADIAYyAyoFIwY/K3lxfQ83HRwTEgAAIDwcPgIGCSk3eXQgHCMwJwMzFxwJehspKgUGMiUkCngSIAUIGDAtBwsjKjQEEg4xIAkRJR0nOwEdGT0fIA1jQXoGLWsIIBcKKlIQPSc5Jx99Dh9ULw8uMhd8BXtqHR0pBT41AA4JHgg7CSlqNRwXCipSChcvEyc/MAwDMhkTLjZJfXQTLQM8ASETIx52chwieXwCP1QsLBMbDH8RJhQAEC0GHCoJMBMXCAIuAC0IfxYlYwAALnIRPQliISkLJjR2GDEZdzkMMgNxMy4rHiJ7 HTTP/1.1
Host: adiingsinspiri.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1180
date: Sun, 19 Nov 2023 07:53:05 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 0edd9f6bc061f9d64e77285b1cac290c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: ej2wdZ3KnIrLY5XZ8V4TrhX6geyVoQKSmlciTSgS-VoLXDBVISfTvg==
X-Firefox-Spdy: h2

send.cm/assets/js/dashforge.js

104.26.1.171

200 OK

631 B

URL GET HTTP/3
send.cm/assets/js/dashforge.js
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (366)
Size
631 B (631 bytes)
Hash
6ede26a7d7238a4ed67bcbdb67b30bb6
581c80a8cfec9844478e3b99b7774221c78d2be9
ccc7d942a1cfa3c238044a4885889799d7b215b5b29b2c48f5db28bececc2040

HTTP Headers

GET /assets/js/dashforge.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/4udp
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: application/javascript; charset=utf8
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-control: max-age=259200
cf-bgj: minify
cf-polished: origSize=3370
etag: W/"d2a-5d2f044f765a3-gzip"
expires: Sun, 19 Nov 2023 08:03:56 GMT
last-modified: Sun, 12 Dec 2021 10:17:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdauR42Bn1N5f9sB0lfyCVqUc9OiIPnsxpiuZHiRU%2FTVI9QYdTfBFatIbklIHRfJ5YHwik7MSHftgyUw%2FCQz9%2FNMCeHKEYu6p6UYIjSwGmogBSb5n0efUiY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a07ee9b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

142.250.74.109

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:l4yJc1OTXIq9KRIV6NcTXFaptywbSQ:3lXdSKLHjOvfrCb7; Expires=Tue, 18-Nov-2025 07:53:06 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 19 Nov 2023 07:53:06 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyyXm4TeAojylvGqu8vlltcSiuE4nBjRNK1nahkG0Om0D6-QEZOLk8PeJ3ST1Yzm_93h4P8Z
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'nonce-3MtBXHZUccA_ktaQ3qTmTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

send.cm/static/js/clipboard.min.js

104.26.1.171

200 OK

3.2 kB

URL GET HTTP/3
send.cm/static/js/clipboard.min.js
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
Unicode text, UTF-8 text, with very long lines (8941)
Size
3.2 kB (3206 bytes)
Hash
ad98572d415d2f2452845a6068a913c0
6674f81dd01c76be986cf0a8172d1073e56d7ef4
baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1

HTTP Headers

GET /static/js/clipboard.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/4udp
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR; _pk_id.1.43ee=116195775ed3974d.1700380387.; _pk_ses.1.43ee=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: application/javascript; charset=utf8
last-modified: Wed, 14 Dec 2022 18:00:20 GMT
etag: W/"234a-5efcd82834534-gzip"
vary: Accept-Encoding
expires: Sun, 19 Nov 2023 07:59:10 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMtCUA0CuHoVCZEFP2GnFwpmj0XKhtsEZXHWf2WJBjmsOK1p7BR%2FvR9Puyjm9GEZcvAxkr7IxWwVZODYP6EI3VW2t7lNh9%2FdKxlGh5A%2B2YFDNIZ4OeEKBus%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a2f855b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

d2dkurdav21mkk.cloudfront.net/JOEp3UW1bJRk3UkwjE2xUAH5HY18eIAQ+A0h3NQQ8CzghByYNMgMeO156USUXXHdHdwFZJBBsS10kFGxcHisTM1AMbAMhAlN3HDMLSjIOOhpPLVEkDAUnGCsEVCYWdF9+f1lhSAp6XylcCW9EE0gKehs4A00yUmNdQHJBDlsMb0QTSAp6BSdICwtGYVQWel-50XwgtEjIGV29FF18Ie0dhXAh7UmNdXiMFNAtXMlJjKwl7Rn9dHj9KYA

54.230.241.157

640 B

URL
d2dkurdav21mkk.cloudfront.net/JOEp3UW1bJRk3UkwjE2xUAH5HY18eIAQ+A0h3NQQ8CzghByYNMgMeO156USUXXHdHdwFZJBBsS10kFGxcHisTM1AMbAMhAlN3HDMLSjIOOhpPLVEkDAUnGCsEVCYWdF9+f1lhSAp6XylcCW9EE0gKehs4A00yUmNdQHJBDlsMb0QTSAp6BSdICwtGYVQWel-50XwgtEjIGV29FF18Ie0dhXAh7UmNdXiMFNAtXMlJjKwl7Rn9dHj9KYA
IP
54.230.241.157:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (883), with no line terminators
Size
640 B (640 bytes)
Hash
7723b488bfaca0c9ad2837f03651341a
1c60501ed7ca2d1cc7a62a754126e3c79291747a
8137edd1d81d3792358c7ef6e5dd93532bb075db412d5691caf2c5cc43d4151e

HTTP Headers

GET /JOEp3UW1bJRk3UkwjE2xUAH5HY18eIAQ+A0h3NQQ8CzghByYNMgMeO156USUXXHdHdwFZJBBsS10kFGxcHisTM1AMbAMhAlN3HDMLSjIOOhpPLVEkDAUnGCsEVCYWdF9+f1lhSAp6XylcCW9EE0gKehs4A00yUmNdQHJBDlsMb0QTSAp6BSdICwtGYVQWel-50XwgtEjIGV29FF18Ie0dhXAh7UmNdXiMFNAtXMlJjKwl7Rn9dHj9KYA HTTP/1.1
Host: d2dkurdav21mkk.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adiingsinspiri.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 640
date: Sun, 19 Nov 2023 07:53:06 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W7v4vM7YPl7Uj1dENcxFh-XKDJTpxgx380PHVHFkxZRNQYfyLi45og==
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyzaiMAT2RU934as3vG3pm9PT_mY3hWUpJ1y0aHFyFdkKJXR4nBHNHBCQprXTBg01-srCVFA

142.250.74.109

302 Found

403 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyzaiMAT2RU934as3vG3pm9PT_mY3hWUpJ1y0aHFyFdkKJXR4nBHNHBCQprXTBg01-srCVFA
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (397)
Size
403 B (403 bytes)
Hash
c34d57c2e52cc49f9db499646b279c80
8a1132f1979db4c53560acbec063d1099ba61a12
31ed8106cb9afc8c5d2ed2cd634f557684e68e7d54ab24a68845a8a8696e7051

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyzaiMAT2RU934as3vG3pm9PT_mY3hWUpJ1y0aHFyFdkKJXR4nBHNHBCQprXTBg01-srCVFA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:LUWYEp3_VuRHVJVVfYKEpFZ2dlrw1g:GF9wOmusYT4_aV_q;Path=/;Expires=Tue, 18-Nov-2025 07:53:06 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 19 Nov 2023 07:53:06 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxDuSoBkv-jpsNuQCKjZcW8qvsgqyk5VZp91FQqwPVkyUXLs8XvoBH_y2-76ekWkd8A7q04&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-955869855%3A1700380386254585&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-KRd10rJtWAf2LFGGkSkJ1w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 403
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

send.cm/cdn-cgi/challenge-platform/h/g/jsd/r/8286e0976988569b

104.26.1.171

200 OK

82 kB

URL POST HTTP/3
send.cm/cdn-cgi/challenge-platform/h/g/jsd/r/8286e0976988569b
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
data
Size
82 kB (82077 bytes)
Hash
8e6db44af4f0ecab8f15efb38b183689
112cfd1710a06cae8f2c8af1d4bcc1cb37b48db1
cc07bda115bb0ef8361eda610ebc480d17d976994acf453a5c10b2b1d855a315

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/8286e0976988569b HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12168
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/4udp
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR; _pk_id.1.43ee=116195775ed3974d.1700380387.; _pk_ses.1.43ee=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:06 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=Ll.o8LCr..8DX.NARttb6F7rtvmyYmdjgI.cef0WlRI-1700380386-0-1-69b0ef05.6b0d8b6b.438cce4a-0.2.1700380386; path=/; expires=Mon, 18-Nov-24 07:53:06 GMT; domain=.send.cm; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLKVP62UkEQKwEzui4kg3MpmtFQaL6w%2FBjlOPLKsbrFHH9rmjnt47ZEWyFdXRj%2B0IUA3fRwSVWw3LUgVPiHTaIkloJTLugzOw8%2FOk1bfDnwCzLH4HGyhbRg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a5da52b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff

104.26.1.171

200 OK

82 kB

URL GET HTTP/3
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
Web Open Font Format, TrueType, length 81760, version 1.1\012- data
Size
82 kB (81760 bytes)
Hash
220843e2f1927e726e78ca63f426ce50
d86801f8452cda25025530f406773162decd1458
ae9310191397b69cd6dd015ba0c6f9d674f493d35384f29c9c7d23e3c7df0d24

HTTP Headers

GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR; _pk_id.1.43ee=116195775ed3974d.1700380387.; _pk_ses.1.43ee=1; cf_clearance=Ll.o8LCr..8DX.NARttb6F7rtvmyYmdjgI.cef0WlRI-1700380386-0-1-69b0ef05.6b0d8b6b.438cce4a-0.2.1700380386
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:06 GMT
content-type: font/woff
content-length: 81760
last-modified: Thu, 17 Sep 2020 12:29:20 GMT
vary: Accept-Encoding
etag: "5f6356a0-13f60"
expires: Thu, 12 Oct 2023 16:43:10 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 2168405
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HqemmgtJriKa5OI4k%2FHQbZvZDc%2Bq0DMY9fJ1DN3icVp7Lzm34apIvqR15fqvvbtywyhiKBlSp%2BjupCPbLS7h0Wu%2FoVutEBK0e5LdnexkdxHkAVdaQij5ts%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a66ab4b50f-OSL
alt-svc: h3=":443"; ma=86400

send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff

104.26.1.171

200 OK

77 kB

URL GET HTTP/3
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
Web Open Font Format, TrueType, length 77420, version 1.1\012- data
Size
77 kB (77420 bytes)
Hash
2afba28a9ce96315436db858db163c47
550d4374a60527b4f68d4700019aaac11a9140a2
b51d665d9cfebb31a2b61491bf408a172a5791166a0eb99a57ae4a7acbcba0d4

HTTP Headers

GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR; _pk_id.1.43ee=116195775ed3974d.1700380387.; _pk_ses.1.43ee=1; cf_clearance=Ll.o8LCr..8DX.NARttb6F7rtvmyYmdjgI.cef0WlRI-1700380386-0-1-69b0ef05.6b0d8b6b.438cce4a-0.2.1700380386
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:06 GMT
content-type: font/woff
content-length: 77420
last-modified: Thu, 17 Sep 2020 12:29:21 GMT
vary: Accept-Encoding
etag: "5f6356a1-12e6c"
expires: Sat, 11 Nov 2023 16:43:34 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1912096
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QyrDJ%2BqPj%2F2hxuB1RNd7p3W7sUpZmXfWRomTAuFYqDbxClDQgk7RFXhk%2F9kOyeSa6i81bb%2F9dJigsy4utFCwu2rlYQcFIKNWfNYbtnWN0%2BFEKkrCTKuZcA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a66ab2b50f-OSL
alt-svc: h3=":443"; ma=86400

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyyXm4TeAojylvGqu8vlltcSiuE4nBjRNK1nahkG0Om0D6-QEZOLk8PeJ3ST1Yzm_93h4P8Z

142.250.74.109

302 Found

402 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyyXm4TeAojylvGqu8vlltcSiuE4nBjRNK1nahkG0Om0D6-QEZOLk8PeJ3ST1Yzm_93h4P8Z
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (396)
Size
402 B (402 bytes)
Hash
17081173bfe89f8d6da6d63348f45f85
c816ec0e0c649717cc2408285bcf77e78a9924d3
b5a8a955726fb1f0587a84133df1e7e877feb4d91a1895b1fae92962331becee

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyyXm4TeAojylvGqu8vlltcSiuE4nBjRNK1nahkG0Om0D6-QEZOLk8PeJ3ST1Yzm_93h4P8Z HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:Bu-QCQiPkYJHCAjEc4MhV_NosCo56w:Q8SwU1CJflXP90Ed;Path=/;Expires=Tue, 18-Nov-2025 07:53:06 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 19 Nov 2023 07:53:06 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyyI7RSwLVAPUFnj5z3GEw5wLJb9tjag48l1pJM1jvT5kcZ4Zh1skOo1gTrgatScSSIJ7BIttA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1827844584%3A1700380386297577&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-01M-RIUMX70Vip9lkHxZ5g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 402
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ac432db9579ca2482e214aa71f85e901
f1d2ee642220e945927109b3b5c25c1c0d794126
7239d6b0f2c1bf8fa7be7b53868153779a8a88d94f6b8a20a2eadea12be92ae6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 19 Nov 2023 07:53:07 GMT
Last-Modified: Sun, 19 Nov 2023 06:26:45 GMT
Server: ECAcc (ska/F75B)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NXQT0Lzy_UCvbIMqTSLAZKEs3H97LPogVek7FSyrMm0LArybCjRe8A==
Age: 5182

professionalswebcheck.com/stats

52.59.122.145

200 OK

40 B

URL GET HTTP/2
professionalswebcheck.com/stats
IP
52.59.122.145:443
ASN
#16509 AMAZON-02

Requested by
https://send.cm/d/4udp
Certificate
IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
9f79f42cac3a0e013215d1f5c9afa438
ca31fb69bd2c676acb2a4cc65d7804974ad93e91
e9a18154214fe4fdf8a19f85985fa9dd9ccca6556d442d5aeaff78ef5b53a980

HTTP Headers

GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 19 Nov 2023 07:53:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://send.cm
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=3dcf6758-0124-4e9e-aac5-261df4875545:2:1; expires=Wed, 16 Nov 2033 07:53:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

setitoefanyor.org/popunder.gif

188.114.97.1

200 OK

439 B

URL GET HTTP/3
setitoefanyor.org/popunder.gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsetitoefanyor.org
Fingerprint71:E6:35:28:05:47:4A:2C:6E:EB:4C:92:5D:31:D3:8B:D5:4D:B8:83
ValidityWed, 15 Nov 2023 06:34:23 GMT - Tue, 13 Feb 2024 06:34:22 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
439 B (439 bytes)
Hash
9a743ba0c373a3872a68641cff02a9c7
347adcf9ee0842b013443725b3a24ba287f01a1e
00326007ff7935d99326981360a03a585bdfa58da013daed04a33d2d7280bba5

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: setitoefanyor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:06 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 131737
last-modified: Fri, 17 Nov 2023 19:17:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAp7B9OtoFcM9gwxOomoo24rDIOCPpMYgdAZel9eeCzjSUFIh2G4gss69PORXL7jjEadYte%2Bp7EJEQRPANMsz4mnVLF98DTzOMaukYQje6%2FEIhcvh1pPyJnCCMCpZEtmDCzNsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8286e0aa3c0bb4ff-OSL
alt-svc: h3=":443"; ma=86400

send.cm/lib/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2

104.26.1.171

200 OK

74 kB

URL GET HTTP/3
send.cm/lib/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
Web Open Font Format (Version 2), TrueType, length 74256, version 329.-17761\012- data
Size
74 kB (74256 bytes)
Hash
418dad87601f9c8abd0e5798c0dc1feb
a6b003ef506e92d05cde73adf67487d7fd7ec6df
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

HTTP Headers

GET /lib/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/lib/@fortawesome/fontawesome-free/css/fa.min.css
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR; _pk_id.1.43ee=116195775ed3974d.1700380387.; _pk_ses.1.43ee=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: font/woff2
content-length: 74256
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
etag: "12210-5ae64b14b0680"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cache-control: max-age=259200
cf-cache-status: HIT
age: 5704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wny0GAW7DDGjv301iA4CE7PIbAx2FF8W4SEdlCrx3VObHmd8nEwac6KL8MkbiSqD%2BktFguI0dSI%2Bb1H%2FvrS1ByU48EmbhUMURyn89ToXSZRs8PGG%2BuKxyI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8286e0a30861b50f-OSL
alt-svc: h3=":443"; ma=86400

send.cm/favicon.ico

104.26.1.171

200 OK

65 kB

URL GET HTTP/3
send.cm/favicon.ico
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 64x64, 32 bits/pixel\012- data
Size
65 kB (64686 bytes)
Hash
22dab3b36a487940c539e179b7edd7ea
ad1d193daab9eb56c4d27b10e0f0638307c262cc
b64c225956915ee8b619ea190276ebe838880d3a16793a5614487e8be5b5d3bf

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/4udp
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR; _pk_id.1.43ee=116195775ed3974d.1700380387.; _pk_ses.1.43ee=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: image/x-icon
last-modified: Thu, 03 Sep 2020 08:39:39 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5f50abcb-fcae"
expires: Sun, 13 Aug 2023 21:41:26 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 2160091
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kC3Y%2F62f75XPUI4168Z0U7B3aLSSUSIfY5fJIQwzXvb1R0kPG7NhIB75CrlCo6oV5XWuAIxVabUfhhR0z%2Bj3LxpywFTL0k2si21rZ%2BWPoD9z7UDuFIA06zI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a3e913b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

adiingsinspiri.org/utx?cb=Mfprdec9DXT4&top=send.cm&tid=984022

65.9.55.116

204 No Content

0 B

URL GET HTTP/2
adiingsinspiri.org/utx?cb=Mfprdec9DXT4&top=send.cm&tid=984022
IP
65.9.55.116:443
ASN
#16509 AMAZON-02

Requested by
https://send.cm/d/4udp
Certificate
IssuerAmazon
Subjectadiingsinspiri.org
FingerprintF1:71:03:4D:5E:75:1B:A9:AB:5F:04:38:5F:1A:B1:DB:D9:D4:85:4C
ValidityWed, 15 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=Mfprdec9DXT4&top=send.cm&tid=984022 HTTP/1.1
Host: adiingsinspiri.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sun, 19 Nov 2023 07:53:05 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://send.cm
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 19 Nov 2023 07:54:05 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 0edd9f6bc061f9d64e77285b1cac290c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: uV-78DPixuOK4W9scro6Pk4p_PmbZwbhZ8dLEivSssCJ8ope45VrqA==
X-Firefox-Spdy: h2

send.cm/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

104.26.1.171

200 OK

7.4 kB

URL GET HTTP/3
send.cm/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (7390), with no line terminators
Size
7.4 kB (7390 bytes)
Hash
e62f6dee864765e9c5e58cac315c292e
af6c02de078ed44ebd08a51c991b5daf34de8420
4dd98d54a65acbeddc3ca67ea42149cca7bf871ecc55bece0868cf5ecd92f72f

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR; _pk_id.1.43ee=116195775ed3974d.1700380387.; _pk_ses.1.43ee=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DeJ6TDZ6boz7PFqZtI6391b8SzIizzInvHhssbaTTk4givu%2FXtugU457l3yj%2BVgcgEsv1CYRPDm5EQC772fipcOzawUNNO1%2FCcE3x6HJLmEhVPGSQJLtXRw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a40921b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/static/js/jquery.min.js

104.26.1.171

200 OK

93 kB

URL GET HTTP/3
send.cm/static/js/jquery.min.js
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (32072)
Size
93 kB (93064 bytes)
Hash
bdce12c949e78d570c8d44e9c2b23508
9afdc4fec954646bd6270caf82f107fdef605bc5
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

HTTP Headers

GET /static/js/jquery.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/4udp
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: application/javascript; charset=utf8
last-modified: Sat, 26 Sep 2020 12:00:16 GMT
etag: W/"16b88-5b0362d29f400-gzip"
vary: Accept-Encoding
expires: Sun, 19 Nov 2023 08:03:50 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPs66AZv4310YUkDfqhXK40zKQRiVdIH5lU34FCfrAzYAq%2Ba205nlScwqAS0nzUyUUuZwEx4bgI1IPJ1Zfa1TGXUkp7CXqW%2FHYAmc%2FUoqIbnRohlBhfdwHk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a06ee4b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/js/share.js

104.26.1.171

200 OK

329 B

URL GET HTTP/3
send.cm/js/share.js
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (332), with no line terminators
Size
329 B (329 bytes)
Hash
1d2236286294d62230ccc88e96b5297b
de15f3e22b3e2719f872e47a63b5702c48835a3f
c482daeb5dbeb1b8b60adbd8a47e025cbfe19ea0a0f798d8f77b862781694dbc

HTTP Headers

GET /js/share.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/4udp
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR; _pk_id.1.43ee=116195775ed3974d.1700380387.; _pk_ses.1.43ee=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: application/javascript; charset=utf8
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-control: max-age=259200
cf-bgj: minify
cf-polished: origSize=354
etag: W/"162-5ae64b15a48c0-gzip"
expires: Sun, 19 Nov 2023 08:11:07 GMT
last-modified: Thu, 03 Sep 2020 08:39:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Th4vrVO3XVKI7A7TMhvkwPd0c7oE7qqgu6hn4QIWeRPuzBsNGkIbYX1HD5xrFdQpbQtPDeBJXCBQuF%2FFrQc7t97y0YOaLNAkGxCNK132TSwcvBzeEI1NSpQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a2f85ab50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

d2dkurdav21mkk.cloudfront.net/?rukdd=984022

54.230.241.157

200 OK

168 kB

URL GET HTTP/2
d2dkurdav21mkk.cloudfront.net/?rukdd=984022
IP
54.230.241.157:443
ASN
#16509 AMAZON-02

Requested by
https://send.cm/d/4udp
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type

Size
168 kB (168104 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?rukdd=984022 HTTP/1.1
Host: d2dkurdav21mkk.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 54838
date: Sun, 19 Nov 2023 07:53:05 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 36bx6Pg4aJq7BGzU4TylMvqUhbTViog-xCDvWoPVH7zOpwvAOobSgg==
X-Firefox-Spdy: h2

send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.26.1.171

302 Found

7.4 kB

URL GET HTTP/3
send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type

Size
7.4 kB (7390 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR; _pk_id.1.43ee=116195775ed3974d.1700380387.; _pk_ses.1.43ee=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Sun, 19 Nov 2023 07:53:05 GMT
vary: accept-encoding
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9xKW5vOQ3HtS4rqSjqhhFuvbiPZfLhwFxG0yS01GHRWW50RxcxJls1QbKKzeekl0%2FNE19HlLykqp4tYLbqa40KkBoIIwSy8nPGlBChyXj9m2wIiNhMzZoA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a368c1b50f-OSL
alt-svc: h3=":443"; ma=86400

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxDuSoBkv-jpsNuQCKjZcW8qvsgqyk5VZp91FQqwPVkyUXLs8XvoBH_y2-76ekWkd8A7q04&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-955869855%3A1700380386254585&theme=glif

142.250.74.109

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxDuSoBkv-jpsNuQCKjZcW8qvsgqyk5VZp91FQqwPVkyUXLs8XvoBH_y2-76ekWkd8A7q04&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-955869855%3A1700380386254585&theme=glif
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxDuSoBkv-jpsNuQCKjZcW8qvsgqyk5VZp91FQqwPVkyUXLs8XvoBH_y2-76ekWkd8A7q04&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-955869855%3A1700380386254585&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 19 Nov 2023 07:53:06 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-WjVolVmjXUIEqvPxG22lzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

dismantlepenantiterrorist.com/pxf.gif?uuid=3dcf6758-0124-4e9e-aac5-261df4875545&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=7

0.0.0.0

0 B

URL GET
dismantlepenantiterrorist.com/pxf.gif?uuid=3dcf6758-0124-4e9e-aac5-261df4875545&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=7
IP
0.0.0.0:0
ASN
#0

Requested by
https://send.cm/d/4udp

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=3dcf6758-0124-4e9e-aac5-261df4875545&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=7 HTTP/1.1
Host: dismantlepenantiterrorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

send.cm/lib/bootstrap/js/bootstrap.bundle.min.js

104.26.1.171

200 OK

79 kB

URL GET HTTP/3
send.cm/lib/bootstrap/js/bootstrap.bundle.min.js
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (65297)
Size
79 kB (78635 bytes)
Hash
a454220fc07088bf1fdd19313b6bfd50
265a733cb7fbc481fd2510a659a85ad55c93c895
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

HTTP Headers

GET /lib/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/4udp
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR; _pk_id.1.43ee=116195775ed3974d.1700380387.; _pk_ses.1.43ee=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: application/javascript; charset=utf8
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
etag: W/"1332b-5ae64b14b0680-gzip"
vary: Accept-Encoding
expires: Sun, 19 Nov 2023 08:04:51 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIVo8IPvJQ9Nd38LzL47arEZMKvKfP%2FUissaqaoUHuEJlyW0MLEpiDpYnUOaY%2B6Btp%2FE3T1vPg7U9MCCzPB9IidL3oAOLt1BzuxtT4ilXBHJOeWfP%2FRq1ZU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a2f857b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.26.1.171

302 Found

7.4 kB

URL GET HTTP/3
send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type

Size
7.4 kB (7380 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR; _pk_id.1.43ee=116195775ed3974d.1700380387.; _pk_ses.1.43ee=1; cf_clearance=Ll.o8LCr..8DX.NARttb6F7rtvmyYmdjgI.cef0WlRI-1700380386-0-1-69b0ef05.6b0d8b6b.438cce4a-0.2.1700380386
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Sun, 19 Nov 2023 07:53:06 GMT
access-control-allow-origin: *
cache-control: max-age=300, public
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEQA4BhWtrR%2BEz664A%2Bb8zvyLB%2BTviT5dNpfTfgHDU837qYvMX%2BviDjP0pSZsZUeIPPNAmnxyg2AnJzYXMKL%2BcoYfhRt1dgYJZitV7jmqCPYZolsqYK8NSk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0aa9d49b50f-OSL
alt-svc: h3=":443"; ma=86400

walker.send.cm/s.php?action_name=send.cm%2Fp4w2grbwdd1u&idsite=1&rec=1&r=098778&h=7&m=53&s=6&url=https%3A%2F%2Fsend.cm%2Fd%2F4udp&_id=116195775ed3974d&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=UcuCyn&pf_net=17&pf_srv=1169&pf_tfr=32&uadata=%7B%7D

104.26.1.171

204 No Content

0 B

URL POST HTTP/3
walker.send.cm/s.php?action_name=send.cm%2Fp4w2grbwdd1u&idsite=1&rec=1&r=098778&h=7&m=53&s=6&url=https%3A%2F%2Fsend.cm%2Fd%2F4udp&_id=116195775ed3974d&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=UcuCyn&pf_net=17&pf_srv=1169&pf_tfr=32&uadata=%7B%7D
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /s.php?action_name=send.cm%2Fp4w2grbwdd1u&idsite=1&rec=1&r=098778&h=7&m=53&s=6&url=https%3A%2F%2Fsend.cm%2Fd%2F4udp&_id=116195775ed3974d&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=UcuCyn&pf_net=17&pf_srv=1169&pf_tfr=32&uadata=%7B%7D HTTP/1.1
Host: walker.send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/3 204 No Content
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.12
content-encoding: none
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMKxL68HvkUhg0Ye29VgMdhSUw24YSDuhwQjk9myoG3EeVMv42tPHH9J5L7ihkwjuj30t1zURtQDFfKShaCjht%2Bq6UFSnfXVfdDFxL5f2ZaFOZqpCc9FOgASnuIAmRQe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a1dfc0b50f-OSL
alt-svc: h3=":443"; ma=86400

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyyI7RSwLVAPUFnj5z3GEw5wLJb9tjag48l1pJM1jvT5kcZ4Zh1skOo1gTrgatScSSIJ7BIttA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1827844584%3A1700380386297577&theme=glif

142.250.74.109

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyyI7RSwLVAPUFnj5z3GEw5wLJb9tjag48l1pJM1jvT5kcZ4Zh1skOo1gTrgatScSSIJ7BIttA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1827844584%3A1700380386297577&theme=glif
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyyI7RSwLVAPUFnj5z3GEw5wLJb9tjag48l1pJM1jvT5kcZ4Zh1skOo1gTrgatScSSIJ7BIttA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1827844584%3A1700380386297577&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 19 Nov 2023 07:53:06 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-MW15O4-yza0Pey4fj_s1nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

send.cm/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

104.26.1.171

200 OK

7.4 kB

URL GET HTTP/3
send.cm/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (7380), with no line terminators
Size
7.4 kB (7380 bytes)
Hash
4a617a88090007e4f337a696a7ed00a5
c78db6fc02e4bf2bf67979dcc2c85424d5294be0
c7538e968a2dde36796f8834b5c9de79c7a0d0cf0fe35e689e678969308c5005

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR; _pk_id.1.43ee=116195775ed3974d.1700380387.; _pk_ses.1.43ee=1; cf_clearance=Ll.o8LCr..8DX.NARttb6F7rtvmyYmdjgI.cef0WlRI-1700380386-0-1-69b0ef05.6b0d8b6b.438cce4a-0.2.1700380386
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:06 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlXGDBboTbOI3OT7zTtiW7rvWTCBX3WDfU8n8L%2Bnd0u5X9cEabmuBg4Tqnnk73RCQLhoBYJTvowG3tGEHn73jGw0K%2Fa0jk0NElr65YLwQ0aqh%2BMW%2F7kEROA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0aabd54b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/lib/@fortawesome/fontawesome-free/css/fa.min.css

104.26.1.171

200 OK

6.8 kB

URL GET HTTP/3
send.cm/lib/@fortawesome/fontawesome-free/css/fa.min.css
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (7103), with no line terminators
Size
6.8 kB (6752 bytes)
Hash
3a4e6fe620850879f073fbeb7d915969
1ea842aabcf1d80ffd383b84c8da0650baefc68f
5a072970160446a139243170334741139bd414e1285dfd785bd552db7c263f80

HTTP Headers

GET /lib/@fortawesome/fontawesome-free/css/fa.min.css HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/4udp
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 10:52:41 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"61f7bf79-1a60"
expires: Sun, 13 Aug 2023 21:42:22 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1915820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRfasl0jTqxhAjAof5m02q9qNLp%2BycRfo4hgp6XXdQFmCUMIr0M0c1q8P7jbKwcQVJIovlTMhvRRZNGDLSt%2FpgABqkcWI6ktWFG3m7ZYjp6IBvycv7QCQ84%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a06edcb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.26.1.171

200 OK

12 kB

URL GET HTTP/3
send.cm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/4udp
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
etag: W/"65568fe4-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqSVZBOnMA9IpsRMJ9eBrVKjzDPZw7KDSbu8h%2Fko4yNIqCvEfgX3QAL0DFm4YmLubJ31tZ6T3iLSk9umgkzw7ssR9Vv7Cq9AdgEkeyt0pqOKy18hK6CkRYo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8286e0a07eecb50f-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 21 Nov 2023 07:53:05 GMT
cache-control: max-age=172800, public
content-encoding: gzip

send.cm/static/css/dl.min.css

104.26.1.171

200 OK

180 kB

URL GET HTTP/3
send.cm/static/css/dl.min.css
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
180 kB (179945 bytes)
Hash
3e85e3b581d51ddba21136119002fc2d
038a7216f7187936b4f4e5bee0975bf44e3e1449
dde25a807ebc087b35d1bbe9b3030ea528a52e414ce29a7894abd937bf67e7c6

HTTP Headers

GET /static/css/dl.min.css HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/4udp
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: text/css
last-modified: Thu, 07 Sep 2023 13:24:21 GMT
etag: W/"2bee9-604c4c72211a7-gzip"
vary: Accept-Encoding
expires: Sun, 19 Nov 2023 08:22:22 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBvjM1soCaXmtD8AY3x3xc8F2%2B9svP6MbBhv65bJ5HYJ9SdRjQcgS7nhWXQTsczbm3oUJkrAzM8A2gq215BaDVCQOnCXGOm7KAHGT%2BiVbp89ErgDxilF7%2BE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a06ee0b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/lib/perfect-scrollbar/perfect-scrollbar.min.js

104.26.1.171

200 OK

18 kB

URL GET HTTP/3
send.cm/lib/perfect-scrollbar/perfect-scrollbar.min.js
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (18216)
Size
18 kB (18291 bytes)
Hash
4a10bcfa0a9c9fa9d503b5a498cac31e
c4f6c403e99fb37cb496c3844b332823db7c5837
a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634

HTTP Headers

GET /lib/perfect-scrollbar/perfect-scrollbar.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/4udp
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: application/javascript; charset=utf8
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5f50abca-4773"
expires: Sun, 13 Aug 2023 21:42:47 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 2081010
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzOSxr2iwblfmi0PcAGZAzaoHyZEP2M3Y6eZ7IidnspbVDbDnt51wrXN%2FpPCU4sw34w6Sd7i7ksCYldGaym73znhF6ujtMlQqdr68UHWomr3u4vKRrwqWjs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a07eeab50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pogothere.xyz/

188.114.96.1

200 OK

27 B

URL GET HTTP/2
pogothere.xyz/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
46578149b43809e724484ddfa447a155
bfbf1e661bcc517f67432fa2b28df738ea3115dc
c3aa43ac2b1e5a35e221c860e99ba9b4ac22689f3dd56f5c7652ee0ef4ff7458

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 19 Nov 2023 07:53:06 GMT
content-type: text/plain
set-cookie: csu=2227990632638775@1@1700380386; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55Isxb6HodUguYUTjuGSO%2Ft51jNaz7j8ZHyvo3lOkaqT5M%2BMoPaUU3MUt9hMHDZc2L%2FfhLzS85LcoirHOLA875KsEbOXrmmGgCHgDMCfWy0wCKRkcFnnh095jknCKzjJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a43d541c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

188.114.96.1

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 19 Nov 2023 07:53:06 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Sat, 18 Nov 2023 18:31:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecAp0N3NJnC8BtPjJnWMZdVrUx5skxgG%2BQuSNHnhPqOP5S%2BCJWH22chtELjSiU6N%2BLoXipMetCfGwaOrH6Ro7Hv5PpbZXp2scFnwasV321a7NyhfH4sMSitY5YuE7AJN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8286e0a43d521c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.99.2

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
172.64.99.2:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85471 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 19 Nov 2023 07:53:07 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 4997306cd7efc78c82914b7204bc1ce0
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 19 Nov 2023 07:53:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mGn%2BpJvdckuTlZeTMBQ8Ua%2BQMiJx7pO3CMRTPo3oFa7KZOXHZ5VRyidcNIf%2BI2f%2FrwV1QP2zXl0l9mGc8749miXCn4v9NPADjg4pDaoMg0AFEYH5fShpSR0WIQy43LpFf5L3q0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8286e0b04b16642a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

evidenceguidance.com/9c/ed/24/9ced2453f41586bc39632e754938332a.json

192.243.59.20

200 OK

404 B

URL GET HTTP/1.1
evidenceguidance.com/9c/ed/24/9ced2453f41586bc39632e754938332a.json
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://send.cm/d/4udp
Certificate
IssuerLet's Encrypt
Subjectevidenceguidance.com
Fingerprint38:01:65:F0:F8:72:F1:97:B1:4C:8B:99:F6:DD:5C:EE:DF:2F:EE:D4
ValidityWed, 27 Sep 2023 00:51:09 GMT - Tue, 26 Dec 2023 00:51:08 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (492), with no line terminators
Size
404 B (404 bytes)
Hash
be855905628bc7fe1e2cdadbfcd4822e
569b52b2bd114cabc31933f8dad4b35d8f93f037
96f0d5d8e6c60bee865bc44e7771cb937829c65391979db6633933a6860221b8

HTTP Headers

GET /9c/ed/24/9ced2453f41586bc39632e754938332a.json HTTP/1.1
Host: evidenceguidance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 19 Nov 2023 07:53:07 GMT
Content-Type: application/json
Content-Length: 404
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a7d2980a44a49059d85004c20109f773
Strict-Transport-Security: max-age=0; includeSubdomains

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

142.250.74.109

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:xJ0kzUKGcyQCAJd8sw0SvwM_pDBrUg:smH0dZU47i1IFoBH; Expires=Tue, 18-Nov-2025 07:53:06 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 19 Nov 2023 07:53:06 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyzaiMAT2RU934as3vG3pm9PT_mY3hWUpJ1y0aHFyFdkKJXR4nBHNHBCQprXTBg01-srCVFA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-tuS1QwP2W7htEIXXzHnCpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

send.cm/lib/feather-icons/feather.min.js

104.26.1.171

200 OK

66 kB

URL GET HTTP/3
send.cm/lib/feather-icons/feather.min.js
IP
104.26.1.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/4udp
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type

Size
66 kB (65962 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lib/feather-icons/feather.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/4udp
Cookie: aff=26154; lang=english; c_7hyj5tegwm4sd1=p4w2grbwdd1u; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWKVgxoznpNR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 19 Nov 2023 07:53:05 GMT
content-type: application/javascript; charset=utf8
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5f50abca-101aa"
expires: Sun, 13 Aug 2023 21:42:42 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1987109
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrkblSus9DZaimgxCxKT9EMeVqt3cL5TgIV7XtZXWFZy2Q67C3rYdrPBnlswWLgDfiy%2FPWmccL9Guqz%2FdOT4mJb2fbJc2JGZnNP7L5TTabgM1AR6gOGZ0J8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8286e0a06ee8b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations