send.cm/d/GuV2
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d/GuV2 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 19:34:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 09 Dec 2022 20:34:11 GMT
Location: https://send.cm/d/GuV2
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cx333UWrEJSJNLOXGyQ%2FTDPie4%2BYEOZwcedAOmIlNeYxjPjCnI60YLbacpQEHONUgxs7WRuLCJ5PFWVz2U2u%2BisxD8h6MXAYKqfSMt35G75WyhCWuuDGHT4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77702d409dddb51d-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3527
Expires: Fri, 09 Dec 2022 20:32:58 GMT
Date: Fri, 09 Dec 2022 19:34:11 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3483
Expires: Fri, 09 Dec 2022 20:32:14 GMT
Date: Fri, 09 Dec 2022 19:34:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 19:33:14 GMT
content-type: application/json
age: 57
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4591
Expires: Fri, 09 Dec 2022 20:50:42 GMT
Date: Fri, 09 Dec 2022 19:34:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CUKfJ6PCf+YuA5Scss+2VrLOOztaVyRAQeZ5GoYfgZBEwFMW6gB/QdhVzKeGqqG20JuioTjntWw=
x-amz-request-id: B2KAVXX2NMC3M4GG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 18:48:27 GMT
age: 2744
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 19:34:11 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash f66097f1ddb0e51a4bd089a767f4d817
ce33d59419c41d3e15680f6cc5b12f63d2eeb8d0
9d189f39734665796414d64f4aeff69d60d9a6026bce1edcb4ed352859d5e47f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6410
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:11 GMT
Last-Modified: Fri, 09 Dec 2022 17:47:21 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 82 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
File type Web Open Font Format, TrueType, length 82076, version 1.1\012- data
Hash dac78b0f1626eb1aa95d41b488e699c1
a377d0df34945fc45bdc030dc63139bd9cf28a2d
ee6d9467e82f91146b9f71f3ac572d66f4aeed0f261b30ef4765550edc11119d
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 505
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d44ff401c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
send.cm/d/GuV2
200 OK 208 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (52922)
Size 208 kB (207605 bytes)
Hash e5749f6f4754c4be06c57cdaa0cf08d2
73e97fb4674b0043e95e85d64e2040da73eca5e3
b20a0880616efff1362d6c00f4d592afff59e8d99a001b2502e7d17efa951999
GET /d/GuV2 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=0;includeSubDomains;
expires: Thu, 08 Dec 2022 19:34:11 GMT
set-cookie: lang=english; domain=.send.cm; path=/
c_7hyj5tegwm4sd1=0hjoyxy9bpxo; domain=.send.cm; path=/
aff=1731; domain=.send.cm; path=/; expires=Fri, 23-Dec-2022 19:34:11 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDBka%2BI1kzBJZPkp0Z65CSeURUg7XI%2Fz3BsPqxufr294pnxTvRxMbQpBflDBzUbkx6EL%2BUckB4pzCrWByf4DPXM8V6HKwV12709ZQxhFKgbYWkl5JxEzqXY%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q; report-to cf-csp-endpoint
server: cloudflare
cf-ray: 77702d423846b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 329 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 505
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:11 GMT
server: cloudflare
cf-ray: 77702d44ff2b1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
godpvqnszo.com/aas/r45d/vki/1951167/07cbb3ce.js
200 OK 27 kB URL HTTP/2 godpvqnszo.com/aas/r45d/vki/1951167/07cbb3ce.js
IP
Hash c55edfe61b637a598f6315e7cdcbadd6
e4e08ca8ebb0656474628bed9765d6c8b4b8e4ae
71c8ba7ecf04e9af3b2b1a12e4af57b4d9e6149dacc356a8711b8af5321d440e
Analyzer Verdict Alert quad9 Sinkholed
GET /aas/r45d/vki/1951167/07cbb3ce.js HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 19:34:11 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-10f52"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 704
Cache-Control: max-age=135867
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:12 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:18:39 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
godpvqnszo.com/solid.gif?z=1951167&abvar=0
200 OK 43 B URL HTTP/2 godpvqnszo.com/solid.gif?z=1951167&abvar=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1951167&abvar=0 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 19:34:12 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 6fc409a6be37f929fee479edc746afcd
9a57f235d248b8a7cf90eca7961704a5dc50d394
7535abf3abc71f2bfa828b3a83dd5919cd724aa271a49b5ea2f0fee8c0068289
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4517
Cache-Control: max-age=110186
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:12 GMT
Etag: "63928779-116"
Expires: Sun, 11 Dec 2022 02:10:38 GMT
Last-Modified: Fri, 09 Dec 2022 00:55:21 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-3400026-25
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-3400026-25
IP
File type ASCII text, with very long lines (1921)
Hash d17a0d37d8fabfb034f52f1afcfbca47
c3bb8cf7c83e4c2b29580734c6b6286443fc6064
2b563f7514f9fa34759df0129f58520c09a82be3cf51ef24f8c3baf473b5de67
GET /gtag/js?id=UA-3400026-25 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 19:34:12 GMT
expires: Fri, 09 Dec 2022 19:34:12 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43615
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 6fc409a6be37f929fee479edc746afcd
9a57f235d248b8a7cf90eca7961704a5dc50d394
7535abf3abc71f2bfa828b3a83dd5919cd724aa271a49b5ea2f0fee8c0068289
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4517
Cache-Control: max-age=110186
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:12 GMT
Etag: "63928779-116"
Expires: Sun, 11 Dec 2022 02:10:38 GMT
Last-Modified: Fri, 09 Dec 2022 00:55:21 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
limurol.com/ssp/req/1951167/?pb=cfd1434e4c501c69f6ac9d77ef2793bc1670621652&psp=ArXtTZyv7oomPpvwwbbmyGyKIq4opfDXFi9_meJ_-4jkstkrPJIN15nrxzISBLz8QlYMpmPcgcoANrgHeLNqXzSR4e8qctkhb-DWNGxRyFY78d6fB7EPA_LiwRXbaPDv0UdLc6dT1XP_CqXP5wvgif84MLYFnAZRfvnaPJWwgIUO1M_i5oRFRMiUDL-J21RBZBOepu0cotzObOhNEDE2eA20qiNOoG9jIPiPGs4rkEXhnxuhaqcRrpXw8QF2dvaD1P8HbBbKFXWa0azuwfE_5ft1TR9iGyT8Vl6kh5PP6rW1n5wgIEMtD1a-E3gCAJupPGm2-nW0lys9wWHknI_MbHJBJL667mfNbUvWYiXUl772x2TqjnxhOiblGSx5TzTdmijm1wHimbSg5z30NNqZOB83gldrdb7YyMKVJnawGphJgpUyFqdTt94Sy8MkunyGET9orLIakREfqPtfOTEWt95e0KkUx3tqJxm52l5xOhcka17PhIg=&cb=_cl64w9igce69naf33ho2b8&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1951167/?pb=cfd1434e4c501c69f6ac9d77ef2793bc1670621652&psp=ArXtTZyv7oomPpvwwbbmyGyKIq4opfDXFi9_meJ_-4jkstkrPJIN15nrxzISBLz8QlYMpmPcgcoANrgHeLNqXzSR4e8qctkhb-DWNGxRyFY78d6fB7EPA_LiwRXbaPDv0UdLc6dT1XP_CqXP5wvgif84MLYFnAZRfvnaPJWwgIUO1M_i5oRFRMiUDL-J21RBZBOepu0cotzObOhNEDE2eA20qiNOoG9jIPiPGs4rkEXhnxuhaqcRrpXw8QF2dvaD1P8HbBbKFXWa0azuwfE_5ft1TR9iGyT8Vl6kh5PP6rW1n5wgIEMtD1a-E3gCAJupPGm2-nW0lys9wWHknI_MbHJBJL667mfNbUvWYiXUl772x2TqjnxhOiblGSx5TzTdmijm1wHimbSg5z30NNqZOB83gldrdb7YyMKVJnawGphJgpUyFqdTt94Sy8MkunyGET9orLIakREfqPtfOTEWt95e0KkUx3tqJxm52l5xOhcka17PhIg=&cb=_cl64w9igce69naf33ho2b8&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1951167/?pb=cfd1434e4c501c69f6ac9d77ef2793bc1670621652&psp=ArXtTZyv7oomPpvwwbbmyGyKIq4opfDXFi9_meJ_-4jkstkrPJIN15nrxzISBLz8QlYMpmPcgcoANrgHeLNqXzSR4e8qctkhb-DWNGxRyFY78d6fB7EPA_LiwRXbaPDv0UdLc6dT1XP_CqXP5wvgif84MLYFnAZRfvnaPJWwgIUO1M_i5oRFRMiUDL-J21RBZBOepu0cotzObOhNEDE2eA20qiNOoG9jIPiPGs4rkEXhnxuhaqcRrpXw8QF2dvaD1P8HbBbKFXWa0azuwfE_5ft1TR9iGyT8Vl6kh5PP6rW1n5wgIEMtD1a-E3gCAJupPGm2-nW0lys9wWHknI_MbHJBJL667mfNbUvWYiXUl772x2TqjnxhOiblGSx5TzTdmijm1wHimbSg5z30NNqZOB83gldrdb7YyMKVJnawGphJgpUyFqdTt94Sy8MkunyGET9orLIakREfqPtfOTEWt95e0KkUx3tqJxm52l5xOhcka17PhIg=&cb=_cl64w9igce69naf33ho2b8&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 19:34:12 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2212091434fed96b7c2f1d401c8764912acb; Path=/; Expires=Sat, 09 Dec 2023 19:34:12 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 7 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 732
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d46e9371c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
limurol.com/ssp/req/1951167/?pb=cfd1434e4c501c69f6ac9d77ef2793bc1670621652&psp=ArXtTZyv7oomPpvwwbbmyGyKIq4opfDXFi9_meJ_-4jkstkrPJIN15nrxzISBLz8QlYMpmPcgcoANrgHeLNqXzSR4e8qctkhb-DWNGxRyFY78d6fB7EPA_LiwRXbaPDv0UdLc6dT1XP_CqXP5wvgif84MLYFnAZRfvnaPJWwgIUO1M_i5oRFRMiUDL-J21RBZBOepu0cotzObOhNEDE2eA20qiNOoG9jIPiPGs4rkEXhnxuhaqcRrpXw8QF2dvaD1P8HbBbKFXWa0azuwfE_5ft1TR9iGyT8Vl6kh5PP6rW1n5wgIEMtD1a-E3gCAJupPGm2-nW0lys9wWHknI_MbHJBJL667mfNbUvWYiXUl772x2TqjnxhOiblGSx5TzTdmijm1wHimbSg5z30NNqZOB83gldrdb7YyMKVJnawGphJgpUyFqdTt94Sy8MkunyGET9orLIakREfqPtfOTEWt95e0KkUx3tqJxm52l5xOhcka17PhIg=&cb=_cl64w9igce69naf33ho2b8&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1951167/?pb=cfd1434e4c501c69f6ac9d77ef2793bc1670621652&psp=ArXtTZyv7oomPpvwwbbmyGyKIq4opfDXFi9_meJ_-4jkstkrPJIN15nrxzISBLz8QlYMpmPcgcoANrgHeLNqXzSR4e8qctkhb-DWNGxRyFY78d6fB7EPA_LiwRXbaPDv0UdLc6dT1XP_CqXP5wvgif84MLYFnAZRfvnaPJWwgIUO1M_i5oRFRMiUDL-J21RBZBOepu0cotzObOhNEDE2eA20qiNOoG9jIPiPGs4rkEXhnxuhaqcRrpXw8QF2dvaD1P8HbBbKFXWa0azuwfE_5ft1TR9iGyT8Vl6kh5PP6rW1n5wgIEMtD1a-E3gCAJupPGm2-nW0lys9wWHknI_MbHJBJL667mfNbUvWYiXUl772x2TqjnxhOiblGSx5TzTdmijm1wHimbSg5z30NNqZOB83gldrdb7YyMKVJnawGphJgpUyFqdTt94Sy8MkunyGET9orLIakREfqPtfOTEWt95e0KkUx3tqJxm52l5xOhcka17PhIg=&cb=_cl64w9igce69naf33ho2b8&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1951167/?pb=cfd1434e4c501c69f6ac9d77ef2793bc1670621652&psp=ArXtTZyv7oomPpvwwbbmyGyKIq4opfDXFi9_meJ_-4jkstkrPJIN15nrxzISBLz8QlYMpmPcgcoANrgHeLNqXzSR4e8qctkhb-DWNGxRyFY78d6fB7EPA_LiwRXbaPDv0UdLc6dT1XP_CqXP5wvgif84MLYFnAZRfvnaPJWwgIUO1M_i5oRFRMiUDL-J21RBZBOepu0cotzObOhNEDE2eA20qiNOoG9jIPiPGs4rkEXhnxuhaqcRrpXw8QF2dvaD1P8HbBbKFXWa0azuwfE_5ft1TR9iGyT8Vl6kh5PP6rW1n5wgIEMtD1a-E3gCAJupPGm2-nW0lys9wWHknI_MbHJBJL667mfNbUvWYiXUl772x2TqjnxhOiblGSx5TzTdmijm1wHimbSg5z30NNqZOB83gldrdb7YyMKVJnawGphJgpUyFqdTt94Sy8MkunyGET9orLIakREfqPtfOTEWt95e0KkUx3tqJxm52l5xOhcka17PhIg=&cb=_cl64w9igce69naf33ho2b8&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 19:34:12 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2212091434db60f761e22e4ea1b948ebc137; Path=/; Expires=Sat, 09 Dec 2023 19:34:12 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1951167/?pb=cfd1434e4c501c69f6ac9d77ef2793bc1670621652&psp=PKDrY86sJSJ691vNofro9c9N1Gy9UqPgxkxjl7jE1AvRZd205x3e1GyX6_4qxQzHA1ISunI9zluP8NzhqsiV_XbamHqQbbtieZJnAGQi9jCbVSvudijxAbRYdGT4qBbvFT8DJzfCOBWiNLB1l9uSVs0E7Z2sn3lrrcsDpwhhTnX4_veDUB-qE3Lg3t5613_4ZFSJ21wQCpsQlSp3VwuDI9k7S9Tj7iqda83ouyfAbQh2BrcZFhqFZ5JuYB0aCPQSadsk9Nq6Jn03pkeSNVmNMmU96-87dkaLj6cU3vDRjfvjO8hEP9R56c6WiOn6qUB6E4WSTytiiFLKkrPqMpBZ8W6kWW00_wBf_RdfQRg59gR-SV5Dq2PSMSnJHo6SBQy4n_ZrviX8R1eSgruH_n9u3coGesmOo45fVSn2bpMfcFmfnDf43YjyaO2m5GV8u__-xHfWoyKP_0y9r-V--qo6Hw0CD8aMuFuoL0Wa_rN-Jf_mngpHsWE=&cb=_clgjkeo90sl47u5u87o6bp&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1951167/?pb=cfd1434e4c501c69f6ac9d77ef2793bc1670621652&psp=PKDrY86sJSJ691vNofro9c9N1Gy9UqPgxkxjl7jE1AvRZd205x3e1GyX6_4qxQzHA1ISunI9zluP8NzhqsiV_XbamHqQbbtieZJnAGQi9jCbVSvudijxAbRYdGT4qBbvFT8DJzfCOBWiNLB1l9uSVs0E7Z2sn3lrrcsDpwhhTnX4_veDUB-qE3Lg3t5613_4ZFSJ21wQCpsQlSp3VwuDI9k7S9Tj7iqda83ouyfAbQh2BrcZFhqFZ5JuYB0aCPQSadsk9Nq6Jn03pkeSNVmNMmU96-87dkaLj6cU3vDRjfvjO8hEP9R56c6WiOn6qUB6E4WSTytiiFLKkrPqMpBZ8W6kWW00_wBf_RdfQRg59gR-SV5Dq2PSMSnJHo6SBQy4n_ZrviX8R1eSgruH_n9u3coGesmOo45fVSn2bpMfcFmfnDf43YjyaO2m5GV8u__-xHfWoyKP_0y9r-V--qo6Hw0CD8aMuFuoL0Wa_rN-Jf_mngpHsWE=&cb=_clgjkeo90sl47u5u87o6bp&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1951167/?pb=cfd1434e4c501c69f6ac9d77ef2793bc1670621652&psp=PKDrY86sJSJ691vNofro9c9N1Gy9UqPgxkxjl7jE1AvRZd205x3e1GyX6_4qxQzHA1ISunI9zluP8NzhqsiV_XbamHqQbbtieZJnAGQi9jCbVSvudijxAbRYdGT4qBbvFT8DJzfCOBWiNLB1l9uSVs0E7Z2sn3lrrcsDpwhhTnX4_veDUB-qE3Lg3t5613_4ZFSJ21wQCpsQlSp3VwuDI9k7S9Tj7iqda83ouyfAbQh2BrcZFhqFZ5JuYB0aCPQSadsk9Nq6Jn03pkeSNVmNMmU96-87dkaLj6cU3vDRjfvjO8hEP9R56c6WiOn6qUB6E4WSTytiiFLKkrPqMpBZ8W6kWW00_wBf_RdfQRg59gR-SV5Dq2PSMSnJHo6SBQy4n_ZrviX8R1eSgruH_n9u3coGesmOo45fVSn2bpMfcFmfnDf43YjyaO2m5GV8u__-xHfWoyKP_0y9r-V--qo6Hw0CD8aMuFuoL0Wa_rN-Jf_mngpHsWE=&cb=_clgjkeo90sl47u5u87o6bp&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 19:34:12 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2212091434dbf76416037141e183be4667a5; Path=/; Expires=Sat, 09 Dec 2023 19:34:12 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1951167/?pb=cfd1434e4c501c69f6ac9d77ef2793bc1670621652&psp=ArXtTZyv7oomPpvwwbbmyGyKIq4opfDXFi9_meJ_-4jkstkrPJIN15nrxzISBLz8QlYMpmPcgcoANrgHeLNqXzSR4e8qctkhb-DWNGxRyFY78d6fB7EPA_LiwRXbaPDv0UdLc6dT1XP_CqXP5wvgif84MLYFnAZRfvnaPJWwgIUO1M_i5oRFRMiUDL-J21RBZBOepu0cotzObOhNEDE2eA20qiNOoG9jIPiPGs4rkEXhnxuhaqcRrpXw8QF2dvaD1P8HbBbKFXWa0azuwfE_5ft1TR9iGyT8Vl6kh5PP6rW1n5wgIEMtD1a-E3gCAJupPGm2-nW0lys9wWHknI_MbHJBJL667mfNbUvWYiXUl772x2TqjnxhOiblGSx5TzTdmijm1wHimbSg5z30NNqZOB83gldrdb7YyMKVJnawGphJgpUyFqdTt94Sy8MkunyGET9orLIakREfqPtfOTEWt95e0KkUx3tqJxm52l5xOhcka17PhIg=&cb=_cl64w9igce69naf33ho2b8&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1951167/?pb=cfd1434e4c501c69f6ac9d77ef2793bc1670621652&psp=ArXtTZyv7oomPpvwwbbmyGyKIq4opfDXFi9_meJ_-4jkstkrPJIN15nrxzISBLz8QlYMpmPcgcoANrgHeLNqXzSR4e8qctkhb-DWNGxRyFY78d6fB7EPA_LiwRXbaPDv0UdLc6dT1XP_CqXP5wvgif84MLYFnAZRfvnaPJWwgIUO1M_i5oRFRMiUDL-J21RBZBOepu0cotzObOhNEDE2eA20qiNOoG9jIPiPGs4rkEXhnxuhaqcRrpXw8QF2dvaD1P8HbBbKFXWa0azuwfE_5ft1TR9iGyT8Vl6kh5PP6rW1n5wgIEMtD1a-E3gCAJupPGm2-nW0lys9wWHknI_MbHJBJL667mfNbUvWYiXUl772x2TqjnxhOiblGSx5TzTdmijm1wHimbSg5z30NNqZOB83gldrdb7YyMKVJnawGphJgpUyFqdTt94Sy8MkunyGET9orLIakREfqPtfOTEWt95e0KkUx3tqJxm52l5xOhcka17PhIg=&cb=_cl64w9igce69naf33ho2b8&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1951167/?pb=cfd1434e4c501c69f6ac9d77ef2793bc1670621652&psp=ArXtTZyv7oomPpvwwbbmyGyKIq4opfDXFi9_meJ_-4jkstkrPJIN15nrxzISBLz8QlYMpmPcgcoANrgHeLNqXzSR4e8qctkhb-DWNGxRyFY78d6fB7EPA_LiwRXbaPDv0UdLc6dT1XP_CqXP5wvgif84MLYFnAZRfvnaPJWwgIUO1M_i5oRFRMiUDL-J21RBZBOepu0cotzObOhNEDE2eA20qiNOoG9jIPiPGs4rkEXhnxuhaqcRrpXw8QF2dvaD1P8HbBbKFXWa0azuwfE_5ft1TR9iGyT8Vl6kh5PP6rW1n5wgIEMtD1a-E3gCAJupPGm2-nW0lys9wWHknI_MbHJBJL667mfNbUvWYiXUl772x2TqjnxhOiblGSx5TzTdmijm1wHimbSg5z30NNqZOB83gldrdb7YyMKVJnawGphJgpUyFqdTt94Sy8MkunyGET9orLIakREfqPtfOTEWt95e0KkUx3tqJxm52l5xOhcka17PhIg=&cb=_cl64w9igce69naf33ho2b8&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Cookie: UID=2212091434eddbecfadada464f92e648e96d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 19:34:12 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1951167/?pb=cfd1434e4c501c69f6ac9d77ef2793bc1670621652&psp=PKDrY86sJSJ691vNofro9c9N1Gy9UqPgxkxjl7jE1AvRZd205x3e1GyX6_4qxQzHA1ISunI9zluP8NzhqsiV_XbamHqQbbtieZJnAGQi9jCbVSvudijxAbRYdGT4qBbvFT8DJzfCOBWiNLB1l9uSVs0E7Z2sn3lrrcsDpwhhTnX4_veDUB-qE3Lg3t5613_4ZFSJ21wQCpsQlSp3VwuDI9k7S9Tj7iqda83ouyfAbQh2BrcZFhqFZ5JuYB0aCPQSadsk9Nq6Jn03pkeSNVmNMmU96-87dkaLj6cU3vDRjfvjO8hEP9R56c6WiOn6qUB6E4WSTytiiFLKkrPqMpBZ8W6kWW00_wBf_RdfQRg59gR-SV5Dq2PSMSnJHo6SBQy4n_ZrviX8R1eSgruH_n9u3coGesmOo45fVSn2bpMfcFmfnDf43YjyaO2m5GV8u__-xHfWoyKP_0y9r-V--qo6Hw0CD8aMuFuoL0Wa_rN-Jf_mngpHsWE=&cb=_clgjkeo90sl47u5u87o6bp&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1951167/?pb=cfd1434e4c501c69f6ac9d77ef2793bc1670621652&psp=PKDrY86sJSJ691vNofro9c9N1Gy9UqPgxkxjl7jE1AvRZd205x3e1GyX6_4qxQzHA1ISunI9zluP8NzhqsiV_XbamHqQbbtieZJnAGQi9jCbVSvudijxAbRYdGT4qBbvFT8DJzfCOBWiNLB1l9uSVs0E7Z2sn3lrrcsDpwhhTnX4_veDUB-qE3Lg3t5613_4ZFSJ21wQCpsQlSp3VwuDI9k7S9Tj7iqda83ouyfAbQh2BrcZFhqFZ5JuYB0aCPQSadsk9Nq6Jn03pkeSNVmNMmU96-87dkaLj6cU3vDRjfvjO8hEP9R56c6WiOn6qUB6E4WSTytiiFLKkrPqMpBZ8W6kWW00_wBf_RdfQRg59gR-SV5Dq2PSMSnJHo6SBQy4n_ZrviX8R1eSgruH_n9u3coGesmOo45fVSn2bpMfcFmfnDf43YjyaO2m5GV8u__-xHfWoyKP_0y9r-V--qo6Hw0CD8aMuFuoL0Wa_rN-Jf_mngpHsWE=&cb=_clgjkeo90sl47u5u87o6bp&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1951167/?pb=cfd1434e4c501c69f6ac9d77ef2793bc1670621652&psp=PKDrY86sJSJ691vNofro9c9N1Gy9UqPgxkxjl7jE1AvRZd205x3e1GyX6_4qxQzHA1ISunI9zluP8NzhqsiV_XbamHqQbbtieZJnAGQi9jCbVSvudijxAbRYdGT4qBbvFT8DJzfCOBWiNLB1l9uSVs0E7Z2sn3lrrcsDpwhhTnX4_veDUB-qE3Lg3t5613_4ZFSJ21wQCpsQlSp3VwuDI9k7S9Tj7iqda83ouyfAbQh2BrcZFhqFZ5JuYB0aCPQSadsk9Nq6Jn03pkeSNVmNMmU96-87dkaLj6cU3vDRjfvjO8hEP9R56c6WiOn6qUB6E4WSTytiiFLKkrPqMpBZ8W6kWW00_wBf_RdfQRg59gR-SV5Dq2PSMSnJHo6SBQy4n_ZrviX8R1eSgruH_n9u3coGesmOo45fVSn2bpMfcFmfnDf43YjyaO2m5GV8u__-xHfWoyKP_0y9r-V--qo6Hw0CD8aMuFuoL0Wa_rN-Jf_mngpHsWE=&cb=_clgjkeo90sl47u5u87o6bp&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Cookie: UID=2212091434eddbecfadada464f92e648e96d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 19:34:12 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YD/9RnEff6pjC+Fmt0Ux2A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YxCvtD2msKR/zblKrmnJYNWBSJg=
ocsp.digicert.com/
200 OK 279 B IP
Hash 52eb3959b0a3006edd2dd44c370aa423
6558c51681b845a22a773d6e9b6cdb603b9d6778
e3dcdff5851e77915f4bd935b794ac312523699901021761e883e2ba7e388c90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 329
Cache-Control: max-age=161084
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:12 GMT
Etag: "63935ea7-117"
Expires: Sun, 11 Dec 2022 16:18:56 GMT
Last-Modified: Fri, 09 Dec 2022 16:13:27 GMT
Server: ECS (amb/6BBF)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 0a7f3569daca0714122cf2c2e2145763
a286adaa66480bb99214659c2e78f26723eec5cf
24153f851e57ee0c86efdb33ee350e608e1e1eb67a8e481afca65ffaafdaada9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "24153F851E57EE0C86EFDB33EE350E608E1E1EB67A8E481AFCA65FFAAFDAADA9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12861
Expires: Fri, 09 Dec 2022 23:08:33 GMT
Date: Fri, 09 Dec 2022 19:34:12 GMT
Connection: keep-alive
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 503 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash 48c4ae798eed020cfe7c01b8ec16f250
635b69ebda830dd360dec78285a3ec86375cac3e
69cd9f803760bf2fd3dcd8915787d38f3e2edaf6a06b680077a252d14d37b775
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 545
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d497bfa1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 0a7f3569daca0714122cf2c2e2145763
a286adaa66480bb99214659c2e78f26723eec5cf
24153f851e57ee0c86efdb33ee350e608e1e1eb67a8e481afca65ffaafdaada9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "24153F851E57EE0C86EFDB33EE350E608E1E1EB67A8E481AFCA65FFAAFDAADA9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12861
Expires: Fri, 09 Dec 2022 23:08:33 GMT
Date: Fri, 09 Dec 2022 19:34:12 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/PIudMIVwldY
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/PIudMIVwldY
IP
Hash c1b3f456e3c84e3a2a9fd33d890e16ed
6a71d809023415957c45984ecd3f91fbcb35af56
dd9c0c8d710ab033bdba40995ffcc3aa294d8b110c134a4e7b81fc5ef5dc2dda
POST /s/gts1p5/PIudMIVwldY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 17 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash 51f247ddc29c8549f85f62b0fc82b221
cb0da9e228c5d36f787411eba25d55dde8fa195e
f30e5067eb62e0e631b278349da74cc864140ad7ced47271d89b485d945ee3a5
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 566
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4668dc1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
eventhenherthisi.com/Q0pKakkiKCkHdiJ3KEw8MSZ3T3sFb3gsLXB8eBolIjAgACZxcylEKi8lPw4vMSUkHmctLz5PewUCB1ohEBkcDhgJMD0cKAYpIiQnET8LWT0yLw07HwojDwcGFgR7OgE0Ii84CCYDMFoLISMTEAQ0f34OChZ4EjlwNSgwIC0IeHNeKhUDOScBESAMPj4qACAdBgoeJR4EBRN9OiAkJx0tfS0BDRosCTMtDQZycjoOejAYCAcTKigNPw0aCR8NBhUpJCAdMzMLMi57GhIjCyYNBF8sEgQ+Mxg3MwsyLi8DDgEPJQIuXA8REHwzIwUiCFh4Kwl5IwsmCWcrbHEMKQ0ICRN5BiALEiJdKwQfDiYzIDsaLDE3EwtTJQJ5JgMsFBMODxEnfRBbHCsDCR0xGw4IWSw7DwkPDickEBIceih5DW8pOSUEOX4kfxwDGwYgAHs
200 OK 1.2 kB URL HTTP/2 eventhenherthisi.com/Q0pKakkiKCkHdiJ3KEw8MSZ3T3sFb3gsLXB8eBolIjAgACZxcylEKi8lPw4vMSUkHmctLz5PewUCB1ohEBkcDhgJMD0cKAYpIiQnET8LWT0yLw07HwojDwcGFgR7OgE0Ii84CCYDMFoLISMTEAQ0f34OChZ4EjlwNSgwIC0IeHNeKhUDOScBESAMPj4qACAdBgoeJR4EBRN9OiAkJx0tfS0BDRosCTMtDQZycjoOejAYCAcTKigNPw0aCR8NBhUpJCAdMzMLMi57GhIjCyYNBF8sEgQ+Mxg3MwsyLi8DDgEPJQIuXA8REHwzIwUiCFh4Kwl5IwsmCWcrbHEMKQ0ICRN5BiALEiJdKwQfDiYzIDsaLDE3EwtTJQJ5JgMsFBMODxEnfRBbHCsDCR0xGw4IWSw7DwkPDickEBIceih5DW8pOSUEOX4kfxwDGwYgAHs
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3035), with no line terminators
Hash 6428684e1fc0a5ae79d6af55154364de
b20b7cce38df047971db8322e3849d82b01ec252
8742f40d4c95a7eb49f3159986b062ee136f2dc04ab5efa3e7664512633bc10c
GET /Q0pKakkiKCkHdiJ3KEw8MSZ3T3sFb3gsLXB8eBolIjAgACZxcylEKi8lPw4vMSUkHmctLz5PewUCB1ohEBkcDhgJMD0cKAYpIiQnET8LWT0yLw07HwojDwcGFgR7OgE0Ii84CCYDMFoLISMTEAQ0f34OChZ4EjlwNSgwIC0IeHNeKhUDOScBESAMPj4qACAdBgoeJR4EBRN9OiAkJx0tfS0BDRosCTMtDQZycjoOejAYCAcTKigNPw0aCR8NBhUpJCAdMzMLMi57GhIjCyYNBF8sEgQ+Mxg3MwsyLi8DDgEPJQIuXA8REHwzIwUiCFh4Kwl5IwsmCWcrbHEMKQ0ICRN5BiALEiJdKwQfDiYzIDsaLDE3EwtTJQJ5JgMsFBMODxEnfRBbHCsDCR0xGw4IWSw7DwkPDickEBIceih5DW8pOSUEOX4kfxwDGwYgAHs HTTP/1.1
Host: eventhenherthisi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1188
date: Fri, 09 Dec 2022 19:34:12 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PUbxW4Vopwz1kRiGoJoRs8yHkBqfZxuQNrWnpIBVS3Btvdh4m3I8Aw==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d5c93ef7003df17bf374be306618bf7d
2d7aff3a2810194e95202e4b6b529edc0f1dd0ac
f4b6cde4f74e5e2b0fb8ce3bd70b71d093cd4b259e2daddb44c601a52c0db013
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4B6CDE4F74E5E2B0FB8CE3BD70B71D093CD4B259E2DADDB44C601A52C0DB013"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2646
Expires: Fri, 09 Dec 2022 20:18:18 GMT
Date: Fri, 09 Dec 2022 19:34:12 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d5c93ef7003df17bf374be306618bf7d
2d7aff3a2810194e95202e4b6b529edc0f1dd0ac
f4b6cde4f74e5e2b0fb8ce3bd70b71d093cd4b259e2daddb44c601a52c0db013
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4B6CDE4F74E5E2B0FB8CE3BD70B71D093CD4B259E2DADDB44C601A52C0DB013"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2646
Expires: Fri, 09 Dec 2022 20:18:18 GMT
Date: Fri, 09 Dec 2022 19:34:12 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash e9d006b90824c97342cc37829f8ffc4b
88e267e94f6d9d44877182a349c9702fe763fb45
ed1b527765c8090e33241a246be3c3a3acb3419ef63599b68c50180b073705e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3585
Cache-Control: max-age=139128
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:12 GMT
Etag: "6392fc2b-117"
Expires: Sun, 11 Dec 2022 10:13:00 GMT
Last-Modified: Fri, 09 Dec 2022 09:13:15 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 609
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4a2ca71c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 508
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4a2ca51c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 508
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4a1ca11c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
thefacux.com/tag.min.js
200 OK 23 kB IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash fc4b8cf5c4bf15997c887aaaf24d1ffa
6be0ce49f4840f61713462272352db221fd242de
96e4ca96f57882c52a700177c1e3aa277e8a72032cbae412be9bb7e99925adfa
Analyzer Verdict Alert quad9 Sinkholed
GET /tag.min.js HTTP/1.1
Host: thefacux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 19:34:12 GMT
content-type: text/javascript; charset=utf-8
content-length: 23393
content-encoding: br
x-trace-id: 984d6ec5f17f9a4485cde56e7e1615e5
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 09 Dec 2022 06:45:38 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7a3b93489047f9ea14340f8606a4e869
6ed81d6bfa1507093680864ac2a93414473afcb2
ad23df78236e546d4650ec7b8b8f9094a4c927f0291c5f5ad86abfd997afae45
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156914
Date: Fri, 09 Dec 2022 19:34:12 GMT
Etag: "6393389b-1d7"
Expires: Sun, 11 Dec 2022 15:09:26 GMT
Last-Modified: Fri, 09 Dec 2022 13:31:07 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YCVjkCWAMcylrzf-vwzNuJVpeCsDDay4ddX8AE9zHnKC9PcLtxpcCQ==
Age: 5899
hecherthepar.com/ZG54NUZLURtGez45Ln0JIQIgYB4pJR5ZADMKKXdjVigtY3dBXDpxHlxIDFwiWVdIBn5VXV5FLwBTSRM1EA8MQDVZX15cKAIBRRMwWV9WBnJKXUkbd0IbRQRgEB4ZUntVSAhBMghTSQNxVFhJAXJRX00Mcw
204 No Content 0 B URL HTTP/2 hecherthepar.com/ZG54NUZLURtGez45Ln0JIQIgYB4pJR5ZADMKKXdjVigtY3dBXDpxHlxIDFwiWVdIBn5VXV5FLwBTSRM1EA8MQDVZX15cKAIBRRMwWV9WBnJKXUkbd0IbRQRgEB4ZUntVSAhBMghTSQNxVFhJAXJRX00Mcw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZG54NUZLURtGez45Ln0JIQIgYB4pJR5ZADMKKXdjVigtY3dBXDpxHlxIDFwiWVdIBn5VXV5FLwBTSRM1EA8MQDVZX15cKAIBRRMwWV9WBnJKXUkbd0IbRQRgEB4ZUntVSAhBMghTSQNxVFhJAXJRX00Mcw HTTP/1.1
Host: hecherthepar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 09 Dec 2022 19:34:12 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwQ%2FYMxUeaLq%2BQ336jSFLs3Wwx6jZRRBqflX%2FpsVPeCg7wJhi%2FeuQhKKQvtViukppZ%2B0hZ7C%2BX5FsDc8lLLErgSGFMxZecYyD9VzMpD5XaFTMZU%2BoWfAbxanWv7URHdu2KNi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77702d4a0a380b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 0a7f3569daca0714122cf2c2e2145763
a286adaa66480bb99214659c2e78f26723eec5cf
24153f851e57ee0c86efdb33ee350e608e1e1eb67a8e481afca65ffaafdaada9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "24153F851E57EE0C86EFDB33EE350E608E1E1EB67A8E481AFCA65FFAAFDAADA9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12861
Expires: Fri, 09 Dec 2022 23:08:33 GMT
Date: Fri, 09 Dec 2022 19:34:12 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash 52eb3959b0a3006edd2dd44c370aa423
6558c51681b845a22a773d6e9b6cdb603b9d6778
e3dcdff5851e77915f4bd935b794ac312523699901021761e883e2ba7e388c90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 329
Cache-Control: max-age=161084
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:12 GMT
Etag: "63935ea7-117"
Expires: Sun, 11 Dec 2022 16:18:56 GMT
Last-Modified: Fri, 09 Dec 2022 16:13:27 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 49dc63cee213e8ddf19a9fa8c4b6781c
88dd105b0d10365948b2e065d89417a6b286b64c
42efee93c67821e660a79db937b9eedbfa16c01fd40780bc82c46c84fc688b07
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
set-cookie: uid_id2=5fe9404b-a74e-44e2-ab91-5cfb31564fa2:2:1; expires=Mon, 06 Dec 2032 19:34:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/PIudMIVwldY
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/PIudMIVwldY
IP
Hash c1b3f456e3c84e3a2a9fd33d890e16ed
6a71d809023415957c45984ecd3f91fbcb35af56
dd9c0c8d710ab033bdba40995ffcc3aa294d8b110c134a4e7b81fc5ef5dc2dda
POST /s/gts1p5/PIudMIVwldY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fdf18b54452b694d19b16e004d26b241
e9307fdc3c93edcc5be01a6df9dd954a1bc6de54
e9366ec985c171d2f4e21d577895ad06fe0bc887b878471cffed2d869d76c3e1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9366EC985C171D2F4E21D577895AD06FE0BC887B878471CFFED2D869D76C3E1"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4809
Expires: Fri, 09 Dec 2022 20:54:22 GMT
Date: Fri, 09 Dec 2022 19:34:13 GMT
Connection: keep-alive
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 471 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash 101b88a5a141e4659cc3150b7ca565b6
898ea48b6bb3c316e651cb4bc6451be06c050ab9
5ae54f788fa6724f16af03528f24db2ecbbefd8e5fc9af7fb2a79551911ca09f
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 545
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d49fc861c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 472 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 533
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4a0c881c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 20 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
File type gzip compressed data, max compression\012- data
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 596
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d49fc7d1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 472 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash fc4bd6c87697c60c67a4d2cbfe23317f
fc376195c21fa51e8d8320d0e55ede8964bc4a0e
d0d2c4350442443f910f62f0954fa10c85064eefbdaada1392d794db11e12e34
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 542
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d497bf81c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 472 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash fc4bd6c87697c60c67a4d2cbfe23317f
fc376195c21fa51e8d8320d0e55ede8964bc4a0e
d0d2c4350442443f910f62f0954fa10c85064eefbdaada1392d794db11e12e34
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 589
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d49dc521c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 28 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash f4b1121240f541b3c1ddedb46331ae2a
f020b5d741a5f2f20dd9255dd96896cfdfc59241
183c71277addf274e9777d68d4868d37471b849c946cbffb06acca2426e839a6
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 507
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4a1c9f1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 395 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash acc685ee6a2d85e940052b46d8871dc9
f37a16a973f3cd1aa83d66a812a5356081536cf9
895c62e70ea45b53c7e18ecb63471c220c70ae620aac2eb2cb33b855600fd3de
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 19:34:13 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1090402349%3A1670614453132058&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh5MeWJyxi0SOt-GS2tqCTZY5TdeUxQvHMuwYUod-4Hg2Uhc5XLU12TDB1DL1LY1rZGLw5sM
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-Gt5uqDDz-9qJtq3aA3j6Kw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:kRnBsRqdD2w6MK93cVWHzjLz4UH6UA:JOxIYDeTHUJ_IkN0;Path=/;Expires=Sun, 08-Dec-2024 19:34:13 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 393 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 6415537ad6d8592ff800b1238e4eefb7
f02a33ac73a2da98d4040916d2038a191ce74b74
f0bcf387f1cb9f08f1029211cd41aa11b0423801d3c9dcb28741b1a9338eede9
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 508
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4a1c9a1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 472 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 545
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d49dc6c1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 101b88a5a141e4659cc3150b7ca565b6
898ea48b6bb3c316e651cb4bc6451be06c050ab9
5ae54f788fa6724f16af03528f24db2ecbbefd8e5fc9af7fb2a79551911ca09f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6164
Cache-Control: max-age=166878
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:13 GMT
Etag: "63935e7f-1d7"
Expires: Sun, 11 Dec 2022 17:55:31 GMT
Last-Modified: Fri, 09 Dec 2022 16:12:47 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
pl15995674.highperformancecpmgate.com/9c/ed/24/9ced2453f41586bc39632e754938332a.json
200 OK 412 B URL HTTP/1.1 pl15995674.highperformancecpmgate.com/9c/ed/24/9ced2453f41586bc39632e754938332a.json
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (412), with no line terminators
Hash e0b4c9c101f6d17934ee25492f5fef83
0a2c3c96f34d3dd072b2db6481929182902382d3
6a8d2d6c7b017b967c3097b35e32deea0f8156f466417f6ba055fdaa16f6360f
Analyzer Verdict Alert quad9 Sinkholed
GET /9c/ed/24/9ced2453f41586bc39632e754938332a.json HTTP/1.1
Host: pl15995674.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 19:34:13 GMT
Content-Type: application/json
Content-Length: 412
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a59f2511388ebebec7569360c3fd01f1
Strict-Transport-Security: max-age=0; includeSubdomains
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 545
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d497bfc1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash acea7cb44141792f5d84b0c9ab8c57e4
69f1e46739200324bd891063d17c7a7083f313b7
4c0d144b20ab8cf7fec972a66e08ed2b993121e9c4b6c88bbf0f3e7388f2b058
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C0D144B20AB8CF7FEC972A66E08ED2B993121E9C4B6C88BBF0F3E7388F2B058"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2928
Expires: Fri, 09 Dec 2022 20:23:01 GMT
Date: Fri, 09 Dec 2022 19:34:13 GMT
Connection: keep-alive
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 65 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
File type JSON data\012- , ASCII text
Hash 9627a8890cd8c9d8801f211da86812a5
bc3da71e11dd2acfb2c52c776c6143a7950f247c
d48916e3e01a5d4244c675f23871088fa800ffe72bc09d497eb47ff6c0c69ae3
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 604
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:13 GMT
server: cloudflare
cf-ray: 77702d4e08591c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 1 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 584
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:13 GMT
server: cloudflare
cf-ray: 77702d4ed97e1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 54 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash 1e25cc098c61f7fbefeb98ae545d5599
de4c5d916212f3bf005a804cfa5da9a4e7ea29ef
d473254dda2c584e0b1740cdcead9e17c8b83bf905513db1434a5bf03c20a364
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 545
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d498c031c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 137 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Size 137 kB (137399 bytes)
Hash 8256a748d206abd2f84dcf3386a52f6a
b88da0e028c98fcb8f8ee6cd613d7ab2bd46abb4
682a6cb3df3b7a7313626bae5fdac1cba8a7dd03497476d96ae9139255dd59cd
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 604
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:13 GMT
server: cloudflare
cf-ray: 77702d4e08601c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash f66097f1ddb0e51a4bd089a767f4d817
ce33d59419c41d3e15680f6cc5b12f63d2eeb8d0
9d189f39734665796414d64f4aeff69d60d9a6026bce1edcb4ed352859d5e47f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6412
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:13 GMT
Last-Modified: Fri, 09 Dec 2022 17:47:21 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cloudflare.com/cdn-cgi/trace?format=json
200 OK 234 B URL HTTP/2 www.cloudflare.com/cdn-cgi/trace?format=json
IP
Hash 8d4ddf647f34fb43e710347c2564cb3d
47518222d115986f9db80457589fd881175fd9ae
09aed8eb30c1182232d36522a938fe2d2dc23357e5f1ebfa72cc611c4d8bf7f7
GET /cdn-cgi/trace?format=json HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 77702d4a4845b511-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=send.cm
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=send.cm
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=send.cm HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 09 Dec 2022 19:34:13 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=send.cm
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=send.cm
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=send.cm HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 09 Dec 2022 19:34:13 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6c33a1d5d0fc5fe73ec55ac938817ea4
bfc100af7973feb3a7c3501dda66589f08bc6bde
668f1beac80500f1748643c27de6e413b0676a2fa94b0fbb7ef94b1cbab16e50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d362plazjjo29c.cloudfront.net/HM0hSSVdQJzwvaEchNnRuA3tqeGQVIiEmOUN1PHwheRAeIz0BbiYzMw54dCU2XS9vbzJdK294cVIsMHRjFTwiJjwOITotMFY7PigmWG4nKGpeJyggO18pd3sRBmZibGUDYCUgOVcnJTpyAXg8PXIBeGN5eQNtYQtyAXglIDkFfHd6FRZ6YjFhB21hC3IBeC-A/cgAJY3liHXh7bGUDLzcqPFxtYA9lA3lieWYDeXd7Z1UhICwxXDB3exECeGdnZxU9b3g
200 OK 1.3 kB URL HTTP/2 d362plazjjo29c.cloudfront.net/HM0hSSVdQJzwvaEchNnRuA3tqeGQVIiEmOUN1PHwheRAeIz0BbiYzMw54dCU2XS9vbzJdK294cVIsMHRjFTwiJjwOITotMFY7PigmWG4nKGpeJyggO18pd3sRBmZibGUDYCUgOVcnJTpyAXg8PXIBeGN5eQNtYQtyAXglIDkFfHd6FRZ6YjFhB21hC3IBeC-A/cgAJY3liHXh7bGUDLzcqPFxtYA9lA3lieWYDeXd7Z1UhICwxXDB3exECeGdnZxU9b3g
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (2313), with no line terminators
Hash 188b7fc976c1cb4c6b7245cdf1c4dfc6
c6579ed0fd6ef27f4663dc84c4beacfc4672d1b8
a85ca3537f8473ca1dcf0a1c76c1cb642bbe692586cfb52fcea600bf38c9cb0f
GET /HM0hSSVdQJzwvaEchNnRuA3tqeGQVIiEmOUN1PHwheRAeIz0BbiYzMw54dCU2XS9vbzJdK294cVIsMHRjFTwiJjwOITotMFY7PigmWG4nKGpeJyggO18pd3sRBmZibGUDYCUgOVcnJTpyAXg8PXIBeGN5eQNtYQtyAXglIDkFfHd6FRZ6YjFhB21hC3IBeC-A/cgAJY3liHXh7bGUDLzcqPFxtYA9lA3lieWYDeXd7Z1UhICwxXDB3exECeGdnZxU9b3g HTTP/1.1
Host: d362plazjjo29c.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eventhenherthisi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 473
date: Fri, 09 Dec 2022 19:34:13 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tXV7ZVeVkS0FMwNC71weVxw0o_dBZNwXXYYd1yOp6zVrvwPzlNBTEQ==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18457
Expires: Sat, 10 Dec 2022 00:41:50 GMT
Date: Fri, 09 Dec 2022 19:34:13 GMT
Connection: keep-alive
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 503 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 632
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:13 GMT
server: cloudflare
cf-ray: 77702d512b7f1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18457
Expires: Sat, 10 Dec 2022 00:41:50 GMT
Date: Fri, 09 Dec 2022 19:34:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18457
Expires: Sat, 10 Dec 2022 00:41:50 GMT
Date: Fri, 09 Dec 2022 19:34:13 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash b52208a27c12901a96bacccdfc82d4a5
ed6371e6e48962c53d3dbe969b2ed37f18f0583b
93681b21e8c2f2db40f11d83e0bdac896c641d351af75e77364038145a9fc900
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 19:34:14 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Dec 2022 12:52:25 GMT
Expires: Thu, 15 Dec 2022 12:52:24 GMT
Etag: "ed6371e6e48962c53d3dbe969b2ed37f18f0583b"
Cache-Control: max-age=493690,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77702d504e35b4eb-OSL
ocsp.digicert.com/
200 OK 278 B IP
Hash 4fbea77a0d1d179d738cb7851746552e
8808e4b54c414ca5a58c5b859ff335d61b472a8c
414fa4b36451eb121315b4a80993f6632206eb5ea7fe8c65ddf65acfdf18ae15
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1861
Cache-Control: max-age=108226
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:14 GMT
Etag: "63928a33-116"
Expires: Sun, 11 Dec 2022 01:38:00 GMT
Last-Modified: Fri, 09 Dec 2022 01:06:59 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 44459
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 5.2 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 467
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4668e01c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 57348
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 12:33:36 GMT
age: 25238
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:59 GMT
age: 44415
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c94003641bb5a7595e7004f80f95d22
3446450df60d732f9021d5bfd5f5f7c6c870d9ec
4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 23:37:39 GMT
age: 71795
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
offerimage.com/www/images/b5f73ce42127f4d8c5bfab96f57ecde2.jpeg
200 OK 9.4 kB URL HTTP/2 offerimage.com/www/images/b5f73ce42127f4d8c5bfab96f57ecde2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash b5f73ce42127f4d8c5bfab96f57ecde2
686013156c0356f659f2f36284ecff5356a0e097
554f56616073200065c6c4690f8edfadf16c2e67450e625eaaa4386452afecfd
GET /www/images/b5f73ce42127f4d8c5bfab96f57ecde2.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:14 GMT
content-type: image/jpeg
content-length: 9380
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62807d8b-24a4"
expires: Sat, 10 Dec 2022 10:19:12 GMT
last-modified: Sun, 15 May 2022 04:11:55 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 33302
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77702d51af4bb4ed-OSL
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 892
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 09 Dec 2022 19:34:20 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://send.cm
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 2.7 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1308
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:13 GMT
server: cloudflare
cf-ray: 77702d512b751c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env
200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env
IP
File type JSON data\012- , ASCII text, with very long lines (14745), with no line terminators
Hash b6121fecb04ac1b2796e5fbc1fc62a96
55548a3ba888ea45faa0f114a2e7a61740506beb
35af0e1d41f3fd63247acb589eef5b086e6f66beabd803a763761c8bf74b9569
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Fri, 09 Dec 2022 19:34:14 GMT
server: cafe
content-length: 11131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 6.4 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
File type gzip compressed data, max compression\012- data
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 509
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4a1c9e1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 417e194de82e38dc7632f8eef3df3cd4
a0ed04f95f853d5301e8cd977533f5fd662aaadc
72f457cb7afc6436078ca64048e0769a45c950631e829f8bbbe3bfac463148bc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 590 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash 4d632aa0d5815c64863a538d83a08346
e01bb928cbcf7c4693ba2e82521b56b4c99a2d24
07f110be2e30062e2d19d03ee4c745215327cbdd8785bb62af8fdcff18d8d9e0
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 545
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d49dc591c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 715e911ea34c6d49f5d35d08f2ca4199
9fe02fbb2b7dcfdc604b9a1822b1d67b629a9aef
55163ff843f31ea564775a23f25c03eb0ddf5f707615ec2aba0a67bbf1c60b88
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 09 Dec 2022 19:34:14 GMT
date: Fri, 09 Dec 2022 19:34:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-xn0b8vQs0RcTIJxRnsMXCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7a9bc6afade8e3c14cad532ebf241156
a203434fb73d81e67a2abd6d8e36bb69f0c938fc
a99e42476af80b4567e29de56a4f7e1edb1dde548f0df8b6ab95433c27460263
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 472 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash 7a9bc6afade8e3c14cad532ebf241156
a203434fb73d81e67a2abd6d8e36bb69f0c938fc
a99e42476af80b4567e29de56a4f7e1edb1dde548f0df8b6ab95433c27460263
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 601
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:14 GMT
server: cloudflare
cf-ray: 77702d53fe121c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 93e504c13184ba86faba09e4536533a1
3eafc523e986dac137e447616bd258e7dadab1ee
2df96773e22f7e7da4b009bde55c963688f1e97fab7cdd474d190d1b5b6840cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 472 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash 7a9bc6afade8e3c14cad532ebf241156
a203434fb73d81e67a2abd6d8e36bb69f0c938fc
a99e42476af80b4567e29de56a4f7e1edb1dde548f0df8b6ab95433c27460263
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 609
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:14 GMT
server: cloudflare
cf-ray: 77702d53fe131c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
IP
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash 190bcb4c44fd9e0e93baa80c9b2535b8
97bda56ddc8d6a00d19e1747d63325051f3fd144
b7677f820f06329e357561f570729fe4110af4ac5fb741b97567e20a0f533301
GET /rtv/012211060024000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61592
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:08:55 GMT
expires: Tue, 05 Dec 2023 18:08:55 GMT
cache-control: public, max-age=31536000
age: 350719
etag: "a2fca7132416d151"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 472 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash 93e504c13184ba86faba09e4536533a1
3eafc523e986dac137e447616bd258e7dadab1ee
2df96773e22f7e7da4b009bde55c963688f1e97fab7cdd474d190d1b5b6840cb
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 605
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:13 GMT
server: cloudflare
cf-ray: 77702d507aec1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
IP
File type ASCII text, with very long lines (14697)
Hash ae1a9f090984c448deb0629cc2304ee3
e601825ccec746695f370ed68fa33325152e0d9f
6a947bfcdeea64faa6c795caea11ee09dbe00f5d4003b7b9d47e4945c05ac1e4
GET /rtv/012211060024000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5218
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 10:51:50 GMT
expires: Wed, 06 Dec 2023 10:51:50 GMT
cache-control: public, max-age=31536000
age: 290544
etag: "abd4378f71571d78"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 1.9 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash 669c8592ef8f63e7404e45dd6ca56b71
3f6753966361bb86594193009c9097612c361064
d174ae2c0722ab8d4bf736f0200dc5b15d288f9500a706bb161b64f5a3b74f01
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 589
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:14 GMT
server: cloudflare
cf-ray: 77702d525ca61c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
IP
File type ASCII text, with very long lines (65534)
Hash c88b4e73b12307e42222d337bdd646a2
621233bf4e777b2d44b1bc143187111aca2fe718
ef6935537cd5a603b79bc98d4274b70ee5608955792523fc58e818c8ddbb7b48
GET /rtv/012211060024000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28809
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:08:55 GMT
expires: Tue, 05 Dec 2023 18:08:55 GMT
cache-control: public, max-age=31536000
age: 350719
etag: "dd6615029de85e23"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
IP
File type Unicode text, UTF-8 text, with very long lines (41057)
Hash 2f873064835eed23708bde2a16830216
7559437b82b9b761e02549d8d51f9e3571e5ed2c
0f5d00ac674cc34652997f2e0dd7fb6eb1a5b22010989c35a81cd7a388c84fdd
GET /rtv/012211060024000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12946
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:08:55 GMT
expires: Tue, 05 Dec 2023 18:08:55 GMT
cache-control: public, max-age=31536000
age: 350719
etag: "0bacd3f1ce38a7db"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 472 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash 7a9bc6afade8e3c14cad532ebf241156
a203434fb73d81e67a2abd6d8e36bb69f0c938fc
a99e42476af80b4567e29de56a4f7e1edb1dde548f0df8b6ab95433c27460263
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 546
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:14 GMT
server: cloudflare
cf-ray: 77702d54eeea1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 60 kB URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
File type PNG image data, 970 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash ae2b00826f144ccb3fa4de69dfb8ee23
8ac9a5c6026c1dcb9b4fc4a8cf57708ac0552b3c
08d09ebb47ee5803adee930bd223867da975bcef07b785394753be114643530c
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 546
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:14 GMT
server: cloudflare
cf-ray: 77702d54dee41c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ads.rubiconproject.com/ad/22554.js
200 OK 8.9 kB URL HTTP/2 ads.rubiconproject.com/ad/22554.js
IP
File type C source, ASCII text, with very long lines (30726), with no line terminators
Hash abb4df63bf35fe81584cd15359171598
a5b443f07e887235f32abbad2ce7dd44eeeb826b
8afd374f4919a723157e940363b07b39bc5131c533424d3976d99d52de29bfdd
GET /ad/22554.js HTTP/1.1
Host: ads.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
x-powered-by: PHP/5.3.3
content-encoding: gzip
content-length: 8916
content-type: text/javascript
cache-control: max-age=9325
expires: Fri, 09 Dec 2022 22:09:39 GMT
date: Fri, 09 Dec 2022 19:34:14 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 546
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:14 GMT
server: cloudflare
cf-ray: 77702d54fef91c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 694
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:14 GMT
server: cloudflare
cf-ray: 77702d55cf901c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 0970e1bd95efa3c70fc3e7dad34e1060
46c2b89926b987d7de96dff162d27831b70218d6
413b43acb64e204876ae367451cf321afbf328228eeb16c03caea9d21aa1e73c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 417
Cache-Control: max-age=106785
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:14 GMT
Etag: "63928a36-1d7"
Expires: Sun, 11 Dec 2022 01:13:59 GMT
Last-Modified: Fri, 09 Dec 2022 01:07:02 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 508
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:14 GMT
server: cloudflare
cf-ray: 77702d55cf8f1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
smarttag.rubiconproject.com/a/22554/435054/2490514-16.js?&cb=0.5945888592959266&tk_st=1&rf=https%3A//send.cm/d/GuV2&rp_s=c&p_pos=atf&p_screen_res=1280x1024&ad_slot=435054_16&rp_secure=1
200 OK 147 B URL HTTP/2 smarttag.rubiconproject.com/a/22554/435054/2490514-16.js?&cb=0.5945888592959266&tk_st=1&rf=https%3A//send.cm/d/GuV2&rp_s=c&p_pos=atf&p_screen_res=1280x1024&ad_slot=435054_16&rp_secure=1
IP
Hash 1bc9cd1cdabf4c93c1d381745329f160
576ac67a760a4edee4d3e46aa85777b0736ff52f
0e3c899ebdaf5b195762425593850487108f4bb5e29fcbc664bf5fab2fcc3a21
GET /a/22554/435054/2490514-16.js?&cb=0.5945888592959266&tk_st=1&rf=https%3A//send.cm/d/GuV2&rp_s=c&p_pos=atf&p_screen_res=1280x1024&ad_slot=435054_16&rp_secure=1 HTTP/1.1
Host: smarttag.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Fri, 09 Dec 2022 19:34:14 GMT
content-type: text/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LBGWPN9W-Y-91CH; Domain=.rubiconproject.com; Path=/; Expires=Sat, 09-Dec-2023 19:34:14 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qo+rry6c9+Xh+9DtVM30fCgCRlc5uGLilGZqY2SzLJ0KyuPIgtGy9lhisoFuMQke95E2z9RTX3XvA==; Domain=.rubiconproject.com; Path=/; Expires=Sat, 09-Dec-2023 19:34:14 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 147
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 155 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 0fed6b76619acefb38a43867d5fbbd65
b4881fe00376089907ce39fb43398fe2b9d55b8a
172f8ce100094feaee2d292f56c5a847b0a89852a43e79ef7743d28d06dec7d7
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 488
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:14 GMT
server: cloudflare
cf-ray: 77702d5708e11c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 484
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:14 GMT
server: cloudflare
cf-ray: 77702d5779581c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv67osGIj5d83uFFXi2Bs27epKSGby7BD9fZcUO0RG7FgTPA5AmobmlRGA-oCjg2a1k2x1oMVTN1Zg0E6HaLCxT6f1QJqydg_C5WOqnAEVgcz4JxeIK&sig=Cg0ArKJSzL3VtDev6hmUEAE&id=lidar2&mcvt=1001&p=152,472,432,808&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1280,939&mc=1&vu=1&app=0&itpl=19&adk=3686083070&rs=4&la=0&cr=0&vs=4&r=v&rst=1670614453484&rpt=470&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv67osGIj5d83uFFXi2Bs27epKSGby7BD9fZcUO0RG7FgTPA5AmobmlRGA-oCjg2a1k2x1oMVTN1Zg0E6HaLCxT6f1QJqydg_C5WOqnAEVgcz4JxeIK&sig=Cg0ArKJSzL3VtDev6hmUEAE&id=lidar2&mcvt=1001&p=152,472,432,808&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1280,939&mc=1&vu=1&app=0&itpl=19&adk=3686083070&rs=4&la=0&cr=0&vs=4&r=v&rst=1670614453484&rpt=470&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsv67osGIj5d83uFFXi2Bs27epKSGby7BD9fZcUO0RG7FgTPA5AmobmlRGA-oCjg2a1k2x1oMVTN1Zg0E6HaLCxT6f1QJqydg_C5WOqnAEVgcz4JxeIK&sig=Cg0ArKJSzL3VtDev6hmUEAE&id=lidar2&mcvt=1001&p=152,472,432,808&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1280,939&mc=1&vu=1&app=0&itpl=19&adk=3686083070&rs=4&la=0&cr=0&vs=4&r=v&rst=1670614453484&rpt=470&isd=0&lsd=0&met=ie&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Fri, 09 Dec 2022 19:34:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 42 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 560
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4a6cf31c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
oaphoace.net/impression/xQxghPmC9i42ZWlP6Qs6yylNUuNGLfEDj_032bqGiqI4VQV9w88SeMCnwaLTCr8cIsmgP8Vh5Cc5NSJBUHQSBbqZz8ogBK4OJNKP7ZV_LDILWOizZ5gbraUzUghO4VPKzhPBAYnOGfbeSRwXcjqbgxJroIAaE8BIqmxwIF-21Xz8qgHSOnZM-6elN5wemr8YuTHGH7c8Ok2COnX0RWh_dNiszZ7EO-Ghv_2z9VBUP7qE83Tmh_K4HEFFm9TJN2K5ZzpquujpuEdbm3_t9mujFRbJPjdjgFBDQaGDzbV_6BgeoikevCmBuMhX9BZGDC3WHtjo7ZU29_RxbkJZE7_xFSKpTbcjr5WBAOZAR7b8-9INyUVJo-mCm30kVlmP77v__HjP-su96jRwkpfq-sJiYYfJlO4H4-Yytp8aJ4PmJPoXBIT0KulabVKzL88m-SwXJQV-xauyWdSyDyuGV1yNuV7MGZxG-fgRh0_G9KX97j4AbbuLbLEblTmgHeeG7q2gxcuuAHs8TovDHxRLfbKifKDgPpFMhtu-wNzM_MxSHg0mriYVRiCRenHogCyVLHT2UPpYje5yuYGHnIuCQ5OJIA==?_z=4856335&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fsend.cm%2Fd%2FGuV2&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 43 B URL HTTP/2 oaphoace.net/impression/xQxghPmC9i42ZWlP6Qs6yylNUuNGLfEDj_032bqGiqI4VQV9w88SeMCnwaLTCr8cIsmgP8Vh5Cc5NSJBUHQSBbqZz8ogBK4OJNKP7ZV_LDILWOizZ5gbraUzUghO4VPKzhPBAYnOGfbeSRwXcjqbgxJroIAaE8BIqmxwIF-21Xz8qgHSOnZM-6elN5wemr8YuTHGH7c8Ok2COnX0RWh_dNiszZ7EO-Ghv_2z9VBUP7qE83Tmh_K4HEFFm9TJN2K5ZzpquujpuEdbm3_t9mujFRbJPjdjgFBDQaGDzbV_6BgeoikevCmBuMhX9BZGDC3WHtjo7ZU29_RxbkJZE7_xFSKpTbcjr5WBAOZAR7b8-9INyUVJo-mCm30kVlmP77v__HjP-su96jRwkpfq-sJiYYfJlO4H4-Yytp8aJ4PmJPoXBIT0KulabVKzL88m-SwXJQV-xauyWdSyDyuGV1yNuV7MGZxG-fgRh0_G9KX97j4AbbuLbLEblTmgHeeG7q2gxcuuAHs8TovDHxRLfbKifKDgPpFMhtu-wNzM_MxSHg0mriYVRiCRenHogCyVLHT2UPpYje5yuYGHnIuCQ5OJIA==?_z=4856335&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fsend.cm%2Fd%2FGuV2&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/xQxghPmC9i42ZWlP6Qs6yylNUuNGLfEDj_032bqGiqI4VQV9w88SeMCnwaLTCr8cIsmgP8Vh5Cc5NSJBUHQSBbqZz8ogBK4OJNKP7ZV_LDILWOizZ5gbraUzUghO4VPKzhPBAYnOGfbeSRwXcjqbgxJroIAaE8BIqmxwIF-21Xz8qgHSOnZM-6elN5wemr8YuTHGH7c8Ok2COnX0RWh_dNiszZ7EO-Ghv_2z9VBUP7qE83Tmh_K4HEFFm9TJN2K5ZzpquujpuEdbm3_t9mujFRbJPjdjgFBDQaGDzbV_6BgeoikevCmBuMhX9BZGDC3WHtjo7ZU29_RxbkJZE7_xFSKpTbcjr5WBAOZAR7b8-9INyUVJo-mCm30kVlmP77v__HjP-su96jRwkpfq-sJiYYfJlO4H4-Yytp8aJ4PmJPoXBIT0KulabVKzL88m-SwXJQV-xauyWdSyDyuGV1yNuV7MGZxG-fgRh0_G9KX97j4AbbuLbLEblTmgHeeG7q2gxcuuAHs8TovDHxRLfbKifKDgPpFMhtu-wNzM_MxSHg0mriYVRiCRenHogCyVLHT2UPpYje5yuYGHnIuCQ5OJIA==?_z=4856335&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fsend.cm%2Fd%2FGuV2&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Cookie: OAID=59cb4f9d929341e385a2eb3069a6af50
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 19:34:18 GMT
content-type: image/gif
content-length: 43
x-trace-id: b8bc2deb2b667e27c44ee912e18a3ae1
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 2.1 kB IP
Hash 2c301fdd50be38944f2bbfcd33707e85
2da70d81ababe506ad044bfc3471a8a2364afa8a
ec23cfcefc8d8f2cecbd27e43c91ced54e157e40401697f8514470f762b28070
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c9208747f2926b414bae65ed0e18fac5
3b25f459b1fe1a63689880699450305a8aee8b77
2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 472 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
Hash c9208747f2926b414bae65ed0e18fac5
3b25f459b1fe1a63689880699450305a8aee8b77
2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 610
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:14 GMT
server: cloudflare
cf-ray: 77702d540e1a1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://send.cm
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 18:53:49 GMT
expires: Thu, 07 Dec 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 175230
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://send.cm
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:34:08 GMT
expires: Thu, 07 Dec 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 172811
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c9208747f2926b414bae65ed0e18fac5
3b25f459b1fe1a63689880699450305a8aee8b77
2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:34:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1327
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:13 GMT
server: cloudflare
cf-ray: 77702d512b791c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 566
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d45f8721c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 609
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d49dc6a1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 546
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:14 GMT
server: cloudflare
cf-ray: 77702d54eef01c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 595
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d49fc7b1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: c5V0LSly8UVjXKlNWR4S8L6Eonm1cmURM/BWcp685pQ8WiCpzDt6agr//XprLxomFWG4Y0t1lRTknI7on3IZrA==
date: Fri, 09 Dec 2022 19:34:13 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 550
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d46b9151c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1253
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:20 GMT
server: cloudflare
cf-ray: 77702d7abca41c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 555
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4a0c911c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
thefacux.com/5/4277204/?oo=1&aab=1
200 OK 0 B URL HTTP/2 thefacux.com/5/4277204/?oo=1&aab=1
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /5/4277204/?oo=1&aab=1 HTTP/1.1
Host: thefacux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 19:34:12 GMT
content-type: application/json
x-trace-id: 52dc2511bb000427d4954cc76df19de9
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=59cb4f9d929341e385a2eb3069a6af50; expires=Sat, 09 Dec 2023 19:34:12 GMT; path=/; secure; SameSite=None
oaidts=1670614452; expires=Sat, 09 Dec 2023 19:34:12 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 505
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:11 GMT
server: cloudflare
cf-ray: 77702d44ff301c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 453
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4668de1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 546
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:14 GMT
server: cloudflare
cf-ray: 77702d54eeeb1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 545
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d49dc681c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 993
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:15 GMT
server: cloudflare
cf-ray: 77702d5def9a1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1236
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d47ba2b1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 582
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d488abb1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 484
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4668e11c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1236
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4769e01c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1807
last-modified: Fri, 09 Dec 2022 19:04:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXzaAxgCe4LJxaVf3liZj2RtWiQ9WWalWlIpOMRYJCN23HVv82Mww8UcvJwLEXu3BCJ7%2FYAkOGe62pU1qi%2BN2AACBOhKCyTduBRJnxuJ1Bf28prb23koRGEnb32mZcJK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77702d4a1ba8e618-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 522
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:13 GMT
server: cloudflare
cf-ray: 77702d4ed9781c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 450
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4608781c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 732
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d46d9311c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
thefacux.com/?rb=r2R-tHi1ko-FgevEHhxQ6V5Nd8n1CXcUfoVu8lT297nlCXg7-UARWOe8GIdzB-UDNJp4z91JBLRap9zalgbZE3Hwt8l3fwVgNOg_AbnAP5DjXEmg2zSaaHy3iFzwPrc602XvqLfrLFJnQcD0Yex4NWfn4H2YZJcNBGt5oshxjBKMxE9VckOBzgITvpNjIBzoPGvl5RQ7nAhr7IXjLPsQYtZx2wdh-EkkKvHzVQ%3D%3D&request_ab2=96002&zoneid=4277204&js_build=iclick-v1.459.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fsend.cm%2Fd%2FGuV2&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.459.0&bs=1dbd2d3a-97bf-48a1-aa8b-53dc1f2450d7&userId=59cb4f9d929341e385a2eb3069a6af50&m=link
200 OK 0 B URL HTTP/2 thefacux.com/?rb=r2R-tHi1ko-FgevEHhxQ6V5Nd8n1CXcUfoVu8lT297nlCXg7-UARWOe8GIdzB-UDNJp4z91JBLRap9zalgbZE3Hwt8l3fwVgNOg_AbnAP5DjXEmg2zSaaHy3iFzwPrc602XvqLfrLFJnQcD0Yex4NWfn4H2YZJcNBGt5oshxjBKMxE9VckOBzgITvpNjIBzoPGvl5RQ7nAhr7IXjLPsQYtZx2wdh-EkkKvHzVQ%3D%3D&request_ab2=96002&zoneid=4277204&js_build=iclick-v1.459.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fsend.cm%2Fd%2FGuV2&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.459.0&bs=1dbd2d3a-97bf-48a1-aa8b-53dc1f2450d7&userId=59cb4f9d929341e385a2eb3069a6af50&m=link
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=r2R-tHi1ko-FgevEHhxQ6V5Nd8n1CXcUfoVu8lT297nlCXg7-UARWOe8GIdzB-UDNJp4z91JBLRap9zalgbZE3Hwt8l3fwVgNOg_AbnAP5DjXEmg2zSaaHy3iFzwPrc602XvqLfrLFJnQcD0Yex4NWfn4H2YZJcNBGt5oshxjBKMxE9VckOBzgITvpNjIBzoPGvl5RQ7nAhr7IXjLPsQYtZx2wdh-EkkKvHzVQ%3D%3D&request_ab2=96002&zoneid=4277204&js_build=iclick-v1.459.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fsend.cm%2Fd%2FGuV2&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.459.0&bs=1dbd2d3a-97bf-48a1-aa8b-53dc1f2450d7&userId=59cb4f9d929341e385a2eb3069a6af50&m=link HTTP/1.1
Host: thefacux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Origin: https://send.cm
Connection: keep-alive
Cookie: OAID=59cb4f9d929341e385a2eb3069a6af50; oaidts=1670614452
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 19:34:13 GMT
content-type: application/json
x-trace-id: 3a88a8b520460fab3f7b7b8f136c319d
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=59cb4f9d929341e385a2eb3069a6af50; expires=Sat, 09 Dec 2023 19:34:13 GMT; path=/; secure; SameSite=None
oaidts=1670614453; expires=Sat, 09 Dec 2023 19:34:13 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 16 Dec 2022 19:34:13 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 444
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:11 GMT
server: cloudflare
cf-ray: 77702d44cf011c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 545
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d498c041c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 505
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d44ff3c1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 584
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d495bce1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 485
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d45f8741c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 505
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d44ff351c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 557
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d49dc551c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
secureads.increaserev.com/InvalidAds/checkblock.php?ip=91.90.42.154&domain=send.cm
200 OK 0 B URL HTTP/2 secureads.increaserev.com/InvalidAds/checkblock.php?ip=91.90.42.154&domain=send.cm
IP
GET /InvalidAds/checkblock.php?ip=91.90.42.154&domain=send.cm HTTP/1.1
Host: secureads.increaserev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: *
x-varnish: 45669326
age: 0
x-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndIYy3CO5V6BoG%2B5jBos8lV63ZXvCxRcwQYxMKWG4TuftO7OKVdJZ9KF1MT6fOwaAmwP5UyIYKv0WQ%2B7qXG2X%2BBSPF21xl45uXXeJiIyanfI9uZmPyeVZi87nhjscYvX9YNsL6YvSLah%2BsA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77702d4d9ba8b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 593
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:13 GMT
server: cloudflare
cf-ray: 77702d4ed97c1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 606
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:14 GMT
server: cloudflare
cf-ray: 77702d540e1c1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 505
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:11 GMT
server: cloudflare
cf-ray: 77702d44ff2d1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 460
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4608801c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 566
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d49dc6e1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
secureads.increaserev.com/InvalidAds/addRequest.php?ip=91.90.42.154&domain=send.cm&os=Windows%2010&adstype={%22_336x280%22:1}
200 OK 0 B URL HTTP/2 secureads.increaserev.com/InvalidAds/addRequest.php?ip=91.90.42.154&domain=send.cm&os=Windows%2010&adstype={%22_336x280%22:1}
IP
GET /InvalidAds/addRequest.php?ip=91.90.42.154&domain=send.cm&os=Windows%2010&adstype={%22_336x280%22:1} HTTP/1.1
Host: secureads.increaserev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: *
x-varnish: 46054137
age: 0
x-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8EVH7Z%2BYOnbEWdJ8q3pHzkvagXP8FVi%2B3nk4k7T62hu9kpeb4YNV5%2FSrqgwBtJ9eVpWqDZiNT103BWUhibH6djfaj60ljA04EZfPR6iCVRWvANtg36vbbQUpkU2kVGs%2Bwiv66GZjC%2FVBW4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77702d68b881b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
secureads.increaserev.com/InvalidAds/track.php?ip=undefined&domain=send.cm&type=send.js___default
200 OK 0 B URL HTTP/2 secureads.increaserev.com/InvalidAds/track.php?ip=undefined&domain=send.cm&type=send.js___default
IP
GET /InvalidAds/track.php?ip=undefined&domain=send.cm&type=send.js___default HTTP/1.1
Host: secureads.increaserev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: *
x-varnish: 45669323 46442123
age: 4
x-cache: HIT
x-cache-hits: 7
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yb5Dc1xfIu0s1ivlqsXxvrG7U%2FxKrcc%2B%2FQmp3GoEdckkSPCMTMIVXuRJIqfbLQD69evjSY6VSq9bXxxl%2B19FGyvWcifk%2B7RS%2FrzkCWbd3YAu6WR1r5bmR6m38rwSIH%2Bl1LO%2F%2FYDWQZphA10%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77702d49eed6b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 486
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4678e61c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 545
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d49dc541c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 545
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d49dc571c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 443
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4668df1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 658
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:13 GMT
server: cloudflare
cf-ray: 77702d501c570b41-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 472
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d49fc871c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
godpvqnszo.com/get/1951167?zoneid=1951167&jp=_cl3pnshv2teszhlrotzb9p&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4894559992791621
200 OK 0 B URL HTTP/2 godpvqnszo.com/get/1951167?zoneid=1951167&jp=_cl3pnshv2teszhlrotzb9p&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4894559992791621
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1951167?zoneid=1951167&jp=_cl3pnshv2teszhlrotzb9p&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4894559992791621 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 19:34:12 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2212091434f1b17cb8aa0144bd943dc85d4f; Path=/; Expires=Sat, 09 Dec 2023 19:34:12 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 552
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d49dc6b1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 550
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d4a0c8e1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 582
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:14 GMT
server: cloudflare
cf-ray: 77702d54fefb1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
increaserev.com/ads/ob/tagf/send.js
200 OK 0 B URL HTTP/2 increaserev.com/ads/ob/tagf/send.js
IP
GET /ads/ob/tagf/send.js HTTP/1.1
Host: increaserev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 12:43:53 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4882
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZHCgx5UPXT3Fy8LoyXRZOE%2FA%2FRfTIqGDmWhyQHSMge90upy8Rpabo%2Fjm7EgNkUqRGiGNXwSg8rNSFaJWfiLxo33sueXDja8bRU3lWGVOfr0OPGCKsUkezaxa4gNnhFM0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77702d46bdcbb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
200 OK 0 B URL HTTP/2 csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q
IP
POST /cdn-cgi/script_monitor/report?m=.Z8LkXFopzxPE0w1CaASwI6oLnIF7Eg0k6esj5cRXXs-1670614451-0-Ab-0BE_r4stAQKKes76MhM1oQso4iNKUQoP0BZWVvzwUZ9K7DW61nR1AxXFpuRLB-0nmPSziKnI8OU_ANnIdt9Q HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 545
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:34:12 GMT
server: cloudflare
cf-ray: 77702d497bf61c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
104.26.3.171
31.13.72.36
104.18.32.68
62.122.171.6
139.45.197.238
52.28.211.11
23.36.77.32