send.cm/cl28s52uvf04
104.26.2.171301 Moved Permanently 0 B IP 104.26.2.171:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cl28s52uvf04 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 20 Nov 2022 05:23:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 20 Nov 2022 06:23:17 GMT
Location: https://send.cm/cl28s52uvf04
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLRiooXXD7e7Qho6RRtlCqew9pPWdMPY4meDtax7FkFb7H4Fra%2BoNKvgFA%2FzmJ%2BRJbOyEc9kL8L8cc35xErJ09OuD4SCOPYzjasnfOcqiQLGB2gYM3Kr1U8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cec0b43baf0b55-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15595
Expires: Sun, 20 Nov 2022 09:43:12 GMT
Date: Sun, 20 Nov 2022 05:23:17 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5869
Cache-Control: max-age=110744
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:18 GMT
Etag: "6378b071-1d7"
Expires: Mon, 21 Nov 2022 12:09:02 GMT
Last-Modified: Sat, 19 Nov 2022 10:31:13 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1cee7787feebac18f9eca273e56e3741
3a7dac544172921e24c2a1701beef5079b21d01b
79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3324
Expires: Sun, 20 Nov 2022 06:18:42 GMT
Date: Sun, 20 Nov 2022 05:23:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 20 Nov 2022 04:45:14 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2284
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YFBFdeHA+yVoZs9nxDubGhBm3irfpXfMpfxFZ5uU9ayzIBr5VCNch0HFGQCkc7unYbcP2FTzEIezPCYLfMxGug==
x-amz-request-id: HP5R2GC0YV2BJWFG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 20 Nov 2022 04:41:34 GMT
age: 2504
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8c6df4e2cf0ee06410d22a5b09ce8e0c
e5159748cc0d077a0e3e65cb90505187e70fe30c
a4edabae8cd5efa7a17de173a9e7050ed59b43edce555d5406fb9d3a56c81113
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5743
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:18 GMT
Last-Modified: Sun, 20 Nov 2022 03:47:35 GMT
Server: ECS (amb/6B89)
X-Cache: HIT
Content-Length: 278
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 05:23:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 20 Nov 2022 04:44:50 GMT
cache-control: public,max-age=3600
age: 2308
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8c6df4e2cf0ee06410d22a5b09ce8e0c
e5159748cc0d077a0e3e65cb90505187e70fe30c
a4edabae8cd5efa7a17de173a9e7050ed59b43edce555d5406fb9d3a56c81113
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5743
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:18 GMT
Last-Modified: Sun, 20 Nov 2022 03:47:35 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 541
Cache-Control: max-age=100355
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:18 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 09:15:53 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 27cc14af57168508a1c5014ec169823d
d6c4a70bc67feb98fe4630aa9b9446fcee7a79c2
9ad4dd4d714d50db816d54c5a8750d804305a89f6041eddee771f6bee865ae12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3690
Cache-Control: max-age=160408
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:18 GMT
Etag: "63797af4-118"
Expires: Tue, 22 Nov 2022 01:56:46 GMT
Last-Modified: Sun, 20 Nov 2022 00:55:16 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a16fd70048d81d63ac778964066b5fd5
8678fd9c7ef3f0b3a286e170e87bf59773f41881
fa9dd59489cb48e8509ce8297c3491823e446cdcde0f7393cd621b2abd0702dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-3400026-25
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-3400026-25
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash e63ed8dddbf132f6c5c8456228464636
ce41cab45380238f5bfb84167c5419e9dc3e71fe
085490b7425bac584d744bf3c7bdb6c1006929cbe95dc90c46499486dd69173e
GET /gtag/js?id=UA-3400026-25 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 20 Nov 2022 05:23:18 GMT
expires: Sun, 20 Nov 2022 05:23:18 GMT
cache-control: private, max-age=900
last-modified: Sun, 20 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43719
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/XXnBTMRkp_8
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XXnBTMRkp_8
IP 142.250.74.35:0
Hash af66a419451375aa5ed007982ec8452d
ac079008ae0f2e65a61d54722c85948e8c07d27c
83060c182bb931c9a3a50c43647aa658a848aa6ee349345fa56b0488dbd1fca1
POST /s/gts1p5/XXnBTMRkp_8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 418a5c90f0ad2ea616165fcdaf68e304
73ca37c7697adddf9dcd526775edc681d95eada3
cb2bf460751a3ea532638fc65c44879d7f5d68fbcb44a267386cbaaccd67bce9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB2BF460751A3EA532638FC65C44879D7F5D68FBCB44A267386CBAACCD67BCE9"
Last-Modified: Fri, 18 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6491
Expires: Sun, 20 Nov 2022 07:11:29 GMT
Date: Sun, 20 Nov 2022 05:23:18 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 12ca2e720a82396fcf40ba1dc736b34e
779ef0de12877a3c5b76fe7b5122a791529e3dc7
b3d96c8278046da99182729cf142d320edcc61b4fd38aac8f5a6e874c49443f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3125
Cache-Control: max-age=128491
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:18 GMT
Etag: "6379007c-117"
Expires: Mon, 21 Nov 2022 17:04:49 GMT
Last-Modified: Sat, 19 Nov 2022 16:12:44 GMT
Server: ECS (amb/6B89)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a16fd70048d81d63ac778964066b5fd5
8678fd9c7ef3f0b3a286e170e87bf59773f41881
fa9dd59489cb48e8509ce8297c3491823e446cdcde0f7393cd621b2abd0702dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 16 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c381a61c4ffc38cbec86fe0f7917ff0e
54635eef7b4e4e790aff14268acba03af9154c42
04ff5ed00ea5b4c6dc945ada7dac3f96080773ba74e6dad07308eeaa56452b2a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DF9F622C6D4E27F5D2C7E5A18DB5743CA2EE93AA57862767925B85A6B2E51863"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4382
Expires: Sun, 20 Nov 2022 06:36:20 GMT
Date: Sun, 20 Nov 2022 05:23:18 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9feb1280b2d260b910473104d410874f
52ca80e7cffda3569fcad9edf69d2a32c5de508e
df9f622c6d4e27f5d2c7e5a18db5743ca2ee93aa57862767925b85a6b2e51863
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DF9F622C6D4E27F5D2C7E5A18DB5743CA2EE93AA57862767925B85A6B2E51863"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4382
Expires: Sun, 20 Nov 2022 06:36:20 GMT
Date: Sun, 20 Nov 2022 05:23:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fbd51d9480ce6d7ab34861ff4042fd8
6f4a3075da8db0c6e549b33ac52c602805af6f1f
561daba4988a51003df30edc542c7e2fa1817c9d5547d2bc53cc9b4b3b048cfb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "561DABA4988A51003DF30EDC542C7E2FA1817C9D5547D2BC53CC9B4B3B048CFB"
Last-Modified: Thu, 17 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=51
Expires: Sun, 20 Nov 2022 05:24:09 GMT
Date: Sun, 20 Nov 2022 05:23:18 GMT
Connection: keep-alive
d24yj1kykxwq2x.cloudfront.net/Vnhnd1Y3GgQaaTdFBVEjJBRaUmQQXVUxMmcCDQVvNRtVDS5hGwBZNToXEhMwJBcJA3g4HRNSZBBLBjEMERsiPhoZKwAgMAQPQkUQHxNWQAERLkJFFAcgITgGEi0BOxQ+CiIjG2E/HzIsHA8XFhkhLQEzBQdBAyEPZD0NPWEHPzYyGC8fPxFmYgIsNRhzSiEgDhcWITQUACEKNhMbHwROMy4LCDM/AwoiHRMSMiQTARgPCwUdLkBTNgI5CSIgMjc9LzkzNRNWHDI6H1Y2AjERLw0DNBtUJRcaOh8NMhM6HSAePkoxLxMnG1QlFxgpIkM1EyoJIC4EEjYZHwchL1ocABs0BywyPSYAHjg2VjoOGCE+RT4XGVdGPTIQBBkVLEgXIQ4XDT0/DBQbCx84MhMhGQE7IQAwAhc2KjQ9HyJWGAcySCVEBDsiADUObyJBHSU5FhdKARUBFDAjATBVGhU5NyscZQ
54.230.111.99200 OK 1.2 kB URL HTTP/2 d24yj1kykxwq2x.cloudfront.net/Vnhnd1Y3GgQaaTdFBVEjJBRaUmQQXVUxMmcCDQVvNRtVDS5hGwBZNToXEhMwJBcJA3g4HRNSZBBLBjEMERsiPhoZKwAgMAQPQkUQHxNWQAERLkJFFAcgITgGEi0BOxQ+CiIjG2E/HzIsHA8XFhkhLQEzBQdBAyEPZD0NPWEHPzYyGC8fPxFmYgIsNRhzSiEgDhcWITQUACEKNhMbHwROMy4LCDM/AwoiHRMSMiQTARgPCwUdLkBTNgI5CSIgMjc9LzkzNRNWHDI6H1Y2AjERLw0DNBtUJRcaOh8NMhM6HSAePkoxLxMnG1QlFxgpIkM1EyoJIC4EEjYZHwchL1ocABs0BywyPSYAHjg2VjoOGCE+RT4XGVdGPTIQBBkVLEgXIQ4XDT0/DBQbCx84MhMhGQE7IQAwAhc2KjQ9HyJWGAcySCVEBDsiADUObyJBHSU5FhdKARUBFDAjATBVGhU5NyscZQ
IP 54.230.111.99:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3051), with no line terminators
Hash ba4b616258608bd87c1eec88b11ba3d3
759873b2e8e81fcd535190d04c0fae936e7b8ca3
69238d185c6621c05fc9ed9585ac6b6b71bcc615329d23c2aa1aeeaf668b1bd4
GET /Vnhnd1Y3GgQaaTdFBVEjJBRaUmQQXVUxMmcCDQVvNRtVDS5hGwBZNToXEhMwJBcJA3g4HRNSZBBLBjEMERsiPhoZKwAgMAQPQkUQHxNWQAERLkJFFAcgITgGEi0BOxQ+CiIjG2E/HzIsHA8XFhkhLQEzBQdBAyEPZD0NPWEHPzYyGC8fPxFmYgIsNRhzSiEgDhcWITQUACEKNhMbHwROMy4LCDM/AwoiHRMSMiQTARgPCwUdLkBTNgI5CSIgMjc9LzkzNRNWHDI6H1Y2AjERLw0DNBtUJRcaOh8NMhM6HSAePkoxLxMnG1QlFxgpIkM1EyoJIC4EEjYZHwchL1ocABs0BywyPSYAHjg2VjoOGCE+RT4XGVdGPTIQBBkVLEgXIQ4XDT0/DBQbCx84MhMhGQE7IQAwAhc2KjQ9HyJWGAcySCVEBDsiADUObyJBHSU5FhdKARUBFDAjATBVGhU5NyscZQ HTTP/1.1
Host: d24yj1kykxwq2x.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1202
date: Sun, 20 Nov 2022 05:23:18 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q4sMk1vfTu-Jfa_o1X7omR2E6eoNc1IzXmjEUSgHoue5uUgTcBoEWw==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fbd51d9480ce6d7ab34861ff4042fd8
6f4a3075da8db0c6e549b33ac52c602805af6f1f
561daba4988a51003df30edc542c7e2fa1817c9d5547d2bc53cc9b4b3b048cfb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "561DABA4988A51003DF30EDC542C7E2FA1817C9D5547D2BC53CC9B4B3B048CFB"
Last-Modified: Thu, 17 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=51
Expires: Sun, 20 Nov 2022 05:24:09 GMT
Date: Sun, 20 Nov 2022 05:23:18 GMT
Connection: keep-alive
d24yj1kykxwq2x.cloudfront.net/utx?cb=GKjx5yKQga3T&top=send.cm&tid=903813
54.230.111.99204 No Content 0 B URL HTTP/2 d24yj1kykxwq2x.cloudfront.net/utx?cb=GKjx5yKQga3T&top=send.cm&tid=903813
IP 54.230.111.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=GKjx5yKQga3T&top=send.cm&tid=903813 HTTP/1.1
Host: d24yj1kykxwq2x.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 20 Nov 2022 05:23:18 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://send.cm
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 20 Nov 2022 05:24:18 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lqjyiiEVg17kIPRANHvLpRIh1imS6i9tjaWaUBzf-ZNtFEdpdfJcVg==
X-Firefox-Spdy: h2
particinepartm.com/d1N1NHRYbBZHSTkLBUYQITwyYDIPFRdTEDQLRX4HNgZMUiYgOFNAHRNuTARHT2JGEgQeN0gFUgQnFEABBG5EEh0ZNRoJUgFuRBpHQ31GBFpBdQAJRVEnBVUTSmJTRAADP0gFQkFrTAZFQGpNDEdE
104.21.20.40204 No Content 23 kB URL HTTP/2 particinepartm.com/d1N1NHRYbBZHSTkLBUYQITwyYDIPFRdTEDQLRX4HNgZMUiYgOFNAHRNuTARHT2JGEgQeN0gFUgQnFEABBG5EEh0ZNRoJUgFuRBpHQ31GBFpBdQAJRVEnBVUTSmJTRAADP0gFQkFrTAZFQGpNDEdE
IP 104.21.20.40:0
Hash ea7c8cba7488a6313066aad127dab2ea
35ca69d9376ba48b02b41d0de1fb3a0e712d4e50
93a0ce831aefb72f367462ab3de06f6ba7b6d8f5723543ec8e91d80f5382c4ec
GET /d1N1NHRYbBZHSTkLBUYQITwyYDIPFRdTEDQLRX4HNgZMUiYgOFNAHRNuTARHT2JGEgQeN0gFUgQnFEABBG5EEh0ZNRoJUgFuRBpHQ31GBFpBdQAJRVEnBVUTSmJTRAADP0gFQkFrTAZFQGpNDEdE HTTP/1.1
Host: particinepartm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 20 Nov 2022 05:23:18 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLdl%2Bg5XypY18HFn2VaESHBRsx63tGJRkkW%2FxnF85pcq034zN9eDVXnAYXMACQrxpnerLSJ3jRlU6b9a53jiW9KXAI1xG5satCTlYjKFYfdB8zbYgkdtQ1gaVdCFB2sYm0J%2BWXA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cec0bae857b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.215.56.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.56.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EZQyv2XW6mfSRwgUMuguBw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tuuNna9Ymv5by8l2fA7bMyFcVWI=
waufooke.com/tag.min.js
139.45.197.238200 OK 23 kB IP 139.45.197.238:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7584eaab9dbc93a394095eab33d35815
63ae612824aa6193c0f8f41d1f04f5338231018e
a972db07d70ed4ff7690cd4019b428f085107be4737d0204728647c298014d96
Analyzer Verdict Alert quad9 Sinkholed
GET /tag.min.js HTTP/1.1
Host: waufooke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 05:23:18 GMT
content-type: text/javascript; charset=utf-8
content-length: 23258
content-encoding: br
x-trace-id: df4959edde2a8e9b064127ce9948e817
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 18 Nov 2022 12:17:27 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 12ca2e720a82396fcf40ba1dc736b34e
779ef0de12877a3c5b76fe7b5122a791529e3dc7
b3d96c8278046da99182729cf142d320edcc61b4fd38aac8f5a6e874c49443f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3126
Cache-Control: max-age=128491
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:19 GMT
Etag: "6379007c-117"
Expires: Mon, 21 Nov 2022 17:04:50 GMT
Last-Modified: Sat, 19 Nov 2022 16:12:44 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 0f162707471b694d9472aaa730586029
8e772c5ff60be51dbae5fb8e630f1f832f5138a6
8dbe631994a2b21d73969d226fc7cc6a17961a9fd4cc0c2656bd858761441ddc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117744
Date: Sun, 20 Nov 2022 05:23:18 GMT
Etag: "6378da9a-1d7"
Expires: Mon, 21 Nov 2022 14:05:42 GMT
Last-Modified: Sat, 19 Nov 2022 13:31:06 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0xltr6WZS8YryQb7HLumlfpjLo-Sagdi6acmEEvsUdqxuo28MDebvQ==
Age: 2076
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9feb1280b2d260b910473104d410874f
52ca80e7cffda3569fcad9edf69d2a32c5de508e
df9f622c6d4e27f5d2c7e5a18db5743ca2ee93aa57862767925b85a6b2e51863
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DF9F622C6D4E27F5D2C7E5A18DB5743CA2EE93AA57862767925B85A6B2E51863"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4381
Expires: Sun, 20 Nov 2022 06:36:20 GMT
Date: Sun, 20 Nov 2022 05:23:19 GMT
Connection: keep-alive
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 2aed58f362dca3d7a97c1ded32602ee2
32039d254d75016adc56f72e1646de86226b9f01
ff5e6407ba12412b8321614a373e394cc21a31cd8a41602cc77b324a136ab26e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:23:19 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
set-cookie: uid_id2=616da7c4-a92d-49fa-8be4-ec2c793d170c:3:1; expires=Wed, 17 Nov 2032 05:23:19 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 27cc14af57168508a1c5014ec169823d
d6c4a70bc67feb98fe4630aa9b9446fcee7a79c2
9ad4dd4d714d50db816d54c5a8750d804305a89f6041eddee771f6bee865ae12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3691
Cache-Control: max-age=160408
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:19 GMT
Etag: "63797af4-118"
Expires: Tue, 22 Nov 2022 01:56:47 GMT
Last-Modified: Sun, 20 Nov 2022 00:55:16 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/s/gts1p5/XXnBTMRkp_8
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XXnBTMRkp_8
IP 142.250.74.35:0
Hash af66a419451375aa5ed007982ec8452d
ac079008ae0f2e65a61d54722c85948e8c07d27c
83060c182bb931c9a3a50c43647aa658a848aa6ee349345fa56b0488dbd1fca1
POST /s/gts1p5/XXnBTMRkp_8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1763bb9f6433bdb95b7de8ec3118bb1c
dcf4842d857e90546495e90a2ed83bfaa322954a
2b278d901b21cd2aa2e9563a40813721f4c31cf94710665928add580f834ace9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6445
Cache-Control: max-age=110194
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:19 GMT
Etag: "6378ac0c-1d7"
Expires: Mon, 21 Nov 2022 11:59:53 GMT
Last-Modified: Sat, 19 Nov 2022 10:12:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 65b6382722e890c64ed9b9771b16b16f
864eff411d3e0cb6fff8c13b6b8ba973be69b7d1
a92698c9ca01797748e2b1722ea068d8a0497594b765373bc385164d501144a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pogothere.xyz/
172.64.107.19200 OK 499 B IP 172.64.107.19:0
File type ASCII text, with no line terminators
Hash cd9933c1f764dda08d8726bdc8cac1ab
2cba97917a126e965652d8b62b8c740eb5771486
50a792accb62dfb6bae1efa1758fd3df65d9628fd9cd0d803c27ae1a35e11977
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:23:19 GMT
content-type: text/plain
set-cookie: csu=577926496282436@1@1668921799; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCfN%2BkLsNcBgqQwUSukdc0NxTAojcyyM2mlZdrPpiOj%2FHPyeSIuy7j%2BQBVT6YY9auNbx5oKeoXy9vVRZZj8qSGamq%2Bcvd55NIVDPF%2FL1z79qAJ9EhgqnjKgbciWy3ah8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cec0bb6b1d0091-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash e882797b6842585c55e23ff2a4e4dd85
726373b195cfc04af1073dda1d4522b4741e5ba9
1b2b237c78a0aed56c206fbe2edb904c2fc6842316846f84a22008405c5fbd6c
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 20 Nov 2022 05:23:19 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-2113653624%3A1668921799278232&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAuoJtCz0s92xS8HvKJfkfjsR7sDDCV4JPXwbPKf7eeeHE758BO8N_uWZe6togSmNjo13eToNQ
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-D9zwC0XZhJ7Wo-eh6RD0JA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:vvzGlGHHqxAB2-GoIMkzkCaUWGu6OQ:_8LpMyZGb2CzOr1h;Path=/;Expires=Tue, 19-Nov-2024 05:23:19 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 801bfa5219b8edbae22ab4be73ea5f1b
6795d174c6af1841ff34a78c0723c8fd9a69bdce
5288c50ab4af870e03058d86bbf4fca0cb0cbb10136580858cb7c05e91605805
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8e39b5cdf05d5afcb9ede3c074e43421
1c31286e2bb9cc7e7650f4ec25f48d70dc42d2e0
f53c408ad09a340b7d9b0f432fd0faddcb06157d45be382345beb079c7061aab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5081
Cache-Control: max-age=102019
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:19 GMT
Etag: "63789171-118"
Expires: Mon, 21 Nov 2022 09:43:38 GMT
Last-Modified: Sat, 19 Nov 2022 08:18:57 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 11 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 343fee52b31627640f4456e1f7766972
977af365be36dc33c4d5b3ce7dc2c6882177b362
c72de4f0b3efe8853894c4004cc4cd123cd0ae2a1ba49e5dee17c43750635758
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DF78E62A92A3201958FD8CBB01A84361C27168C160B3A74770127C3966A4678"
Last-Modified: Fri, 18 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11278
Expires: Sun, 20 Nov 2022 08:31:17 GMT
Date: Sun, 20 Nov 2022 05:23:19 GMT
Connection: keep-alive
increaserev.com/ads/ob/tagf/send.js
172.67.74.114200 OK 24 kB URL HTTP/2 increaserev.com/ads/ob/tagf/send.js
IP 172.67.74.114:0
File type ASCII text, with very long lines (4245), with CRLF line terminators
Hash 6ad42bc26c8d8f4e5932d9c1f1cd4d2a
03ca8a76439cb93f30f7a19e3fbf6dfc36f901aa
559cfab26369b012612895467c7e744304da5f2ce267c4b6fdc02350947704cb
GET /ads/ob/tagf/send.js HTTP/1.1
Host: increaserev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:23:19 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 12:43:53 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dO2%2BWhhHrtP9RzG7M2ngxOc4XrK0k%2Fp12Vgj025%2FE6wVn1pMAJbCiuJVrxfZGufYN1uC7MIEMlkBYgaBfP72W%2FATY9j%2Bz5iAwNAu%2BSR2XQqRqOka1OWk20q6la7oRmXRJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cec0ba5d26b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b650cac24745d68aefab750ee1995c3f
2512541d0dc2acc3edfcde6e8f4b14084927b256
7c179ca2d59cbe5ee724423adfd9e2860c39c8e1c67ca1ac254ce93d89eb092d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3449
Cache-Control: max-age=103655
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:19 GMT
Etag: "63789e35-118"
Expires: Mon, 21 Nov 2022 10:10:54 GMT
Last-Modified: Sat, 19 Nov 2022 09:13:25 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8e39b5cdf05d5afcb9ede3c074e43421
1c31286e2bb9cc7e7650f4ec25f48d70dc42d2e0
f53c408ad09a340b7d9b0f432fd0faddcb06157d45be382345beb079c7061aab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5081
Cache-Control: max-age=102019
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:19 GMT
Etag: "63789171-118"
Expires: Mon, 21 Nov 2022 09:43:38 GMT
Last-Modified: Sat, 19 Nov 2022 08:18:57 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 419e11329b40f6d11706372a1618331f
f6846a20afbbe22c8ad5be20cc711014bc314a27
91f7516f31fec4ded19345ceda5e923324666f5d20c75c47bc36d95a31c43cf3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:23:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 18:25:19 GMT
Expires: Thu, 24 Nov 2022 18:25:18 GMT
Etag: "f6846a20afbbe22c8ad5be20cc711014bc314a27"
Cache-Control: max-age=391918,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cec0be0fc9b4ff-OSL
my.rtmark.net/gid.js?userId=b752e9a4d4e94ddca6abfd463fac0d7c
139.45.195.8200 OK 71 B URL HTTP/2 my.rtmark.net/gid.js?userId=b752e9a4d4e94ddca6abfd463fac0d7c
IP 139.45.195.8:0
Hash 312c5d7953112f898a7ee4e7753f059d
ed473632f57cb830b2d3a5a97e3f64c0b5906f4a
abdbd296cb063940dffcf8445cf22896fe446abd96b26a01f3d115005b62ae8f
GET /gid.js?userId=b752e9a4d4e94ddca6abfd463fac0d7c HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 05:23:19 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://send.cm
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b752e9a4d4e94ddca6abfd463fac0d7c; expires=Mon, 20 Nov 2023 05:23:19 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
pl15995674.highperformancecpmgate.com/9c/ed/24/9ced2453f41586bc39632e754938332a.json
173.233.137.36200 OK 419 B URL HTTP/1.1 pl15995674.highperformancecpmgate.com/9c/ed/24/9ced2453f41586bc39632e754938332a.json
IP 173.233.137.36:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash a35cdc9f15f424ac1e7dc1dd362f932b
47e6aa99c5cd4618621cb2faa87bca413749ee44
d4dca44b4c21ee71c3f790c9d36cfbb843f898deeadc3bda00ff54e43fa2f3aa
Analyzer Verdict Alert quad9 Sinkholed
GET /9c/ed/24/9ced2453f41586bc39632e754938332a.json HTTP/1.1
Host: pl15995674.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 05:23:19 GMT
Content-Type: application/json
Content-Length: 419
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cf1cb17844f52fcb0d60e9044db59a9a
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 539342595b9286f3bbbe36590aba604c
ecb56df48b861b441763404e9a4e7de5d1a12c15
49fe520866e0b136d16dfa619a8a41a5faf4bcbca533dde8510966dfa0cf2e96
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:23:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 13:33:19 GMT
Expires: Fri, 25 Nov 2022 13:33:18 GMT
Etag: "ecb56df48b861b441763404e9a4e7de5d1a12c15"
Cache-Control: max-age=460798,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76cec0beb815b4ff-OSL
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1199
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 20 Nov 2022 05:23:19 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://send.cm
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.200.35200 OK 28 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.200.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30500)
Hash 40804a4152e6a5526722df84c4820e30
ca4608b7b04f1e32db2a19fe9b7d2e0011484aa8
b026fb26b2438a7ee65e7813c045b6472b72fe1988ea687f4ccd4f9e6e84e0fe
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: WuJZBfWL96nU+dFVAnXREGZiTzDse6JBIxR+tPHxE279WpOLbymvwUHvBD6runwcxNLtTObOZlfA/WSM9MUa7w==
date: Sun, 20 Nov 2022 05:23:19 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
glizauvo.net/500/4856335?excludes=&oaid=b752e9a4d4e94ddca6abfd463fac0d7c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fsend.cm%2Fcl28s52uvf04&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.236200 OK 0 B URL HTTP/2 glizauvo.net/500/4856335?excludes=&oaid=b752e9a4d4e94ddca6abfd463fac0d7c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fsend.cm%2Fcl28s52uvf04&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/4856335?excludes=&oaid=b752e9a4d4e94ddca6abfd463fac0d7c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fsend.cm%2Fcl28s52uvf04&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: glizauvo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://send.cm/
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 05:23:19 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://send.cm
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6f55af84273367bff49a0350599a73b0
274390069d417d3bc0c1a66a744e865896d5ca09
32449bfa425d75f881565211e29bb02d04c6ab575636d0c209ff04becad71b2c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5289
Cache-Control: max-age=162702
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:19 GMT
Etag: "63797dac-117"
Expires: Tue, 22 Nov 2022 02:35:01 GMT
Last-Modified: Sun, 20 Nov 2022 01:06:52 GMT
Server: ECS (amb/6B89)
X-Cache: HIT
Content-Length: 279
waufooke.com/?rb=1NcLzz1FCZmLaSnOQu-tlRNg4BZsMrtXQCsAHXudVhoh0wCPGHuCmuspCHpmBiojCeKCFJnapRzoVkkXNo7sFdyL3ZYvCj4Y4PFvRbMf4_6hIAXTTgF7C7fv_o_ivkVstC0RwohabPXhP1fwWoJCB-hxi0VXzE3zNrYnXOfNr60TUdz8-q2a3GhM2lBoqrGsqJmWh-QRJD4xT36zFa46oTV4Emb3N0FN&request_ab2=0&zoneid=4277204&js_build=iclick-v1.450.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fsend.cm%2Fcl28s52uvf04&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.450.0&bs=5956f328-18f5-48c6-b4e6-d245b5cb1013&userId=b752e9a4d4e94ddca6abfd463fac0d7c&m=link
139.45.197.238200 OK 14 kB URL HTTP/2 waufooke.com/?rb=1NcLzz1FCZmLaSnOQu-tlRNg4BZsMrtXQCsAHXudVhoh0wCPGHuCmuspCHpmBiojCeKCFJnapRzoVkkXNo7sFdyL3ZYvCj4Y4PFvRbMf4_6hIAXTTgF7C7fv_o_ivkVstC0RwohabPXhP1fwWoJCB-hxi0VXzE3zNrYnXOfNr60TUdz8-q2a3GhM2lBoqrGsqJmWh-QRJD4xT36zFa46oTV4Emb3N0FN&request_ab2=0&zoneid=4277204&js_build=iclick-v1.450.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fsend.cm%2Fcl28s52uvf04&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.450.0&bs=5956f328-18f5-48c6-b4e6-d245b5cb1013&userId=b752e9a4d4e94ddca6abfd463fac0d7c&m=link
IP 139.45.197.238:0
Hash aa5ab2b7f3a0eb7b5e7e8183a4cc6635
b39341f033adf28aca6c632f72deb76b313731bb
3e55030359dd45bbab23eb8419100bf1d1283981b51419862d07c7292d2eb559
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=1NcLzz1FCZmLaSnOQu-tlRNg4BZsMrtXQCsAHXudVhoh0wCPGHuCmuspCHpmBiojCeKCFJnapRzoVkkXNo7sFdyL3ZYvCj4Y4PFvRbMf4_6hIAXTTgF7C7fv_o_ivkVstC0RwohabPXhP1fwWoJCB-hxi0VXzE3zNrYnXOfNr60TUdz8-q2a3GhM2lBoqrGsqJmWh-QRJD4xT36zFa46oTV4Emb3N0FN&request_ab2=0&zoneid=4277204&js_build=iclick-v1.450.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fsend.cm%2Fcl28s52uvf04&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.450.0&bs=5956f328-18f5-48c6-b4e6-d245b5cb1013&userId=b752e9a4d4e94ddca6abfd463fac0d7c&m=link HTTP/1.1
Host: waufooke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Origin: https://send.cm
Connection: keep-alive
Cookie: OAID=b752e9a4d4e94ddca6abfd463fac0d7c; oaidts=1668921798
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 05:23:19 GMT
content-type: application/json
x-trace-id: 547afd602393193abb51ccc1083ecda1
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=b752e9a4d4e94ddca6abfd463fac0d7c; expires=Mon, 20 Nov 2023 05:23:19 GMT; path=/; secure; SameSite=None
oaidts=1668921799; expires=Mon, 20 Nov 2023 05:23:19 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 27 Nov 2022 05:23:19 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 20 Nov 2022 04:41:09 GMT
expires: Sun, 20 Nov 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 2530
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d5ccc6ed714b650846fefb0a8e24ca22
30521fa613dcb97b95ad3baab58c4446482d5061
ef46e9367b670662ae596685c5f27da1bf065e714ef2e86c65d5267a188d08d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/tag/js/gpt.js
216.58.207.194200 OK 27 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (40310)
Hash c33528918caf443c4e63cdd06a65a919
b43feffb0e131fed2f9203277dbcb25ac0402c81
ed9b82268014ffe2c0b2ce882b1aa261afebc6c312876327d0e0a802b61bbfd8
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27247
date: Sun, 20 Nov 2022 05:23:19 GMT
expires: Sun, 20 Nov 2022 05:23:19 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1397 / 314 of 1000 / last-modified: 1668812924"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d5ccc6ed714b650846fefb0a8e24ca22
30521fa613dcb97b95ad3baab58c4446482d5061
ef46e9367b670662ae596685c5f27da1bf065e714ef2e86c65d5267a188d08d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secureads.increaserev.com/InvalidAds/getcookietime.php?domain=send.cm
104.26.1.126200 OK 1.0 kB URL HTTP/2 secureads.increaserev.com/InvalidAds/getcookietime.php?domain=send.cm
IP 104.26.1.126:0
File type JSON data\012- , ASCII text, with very long lines (366), with no line terminators
Hash 8af9043884ae309c1b1bfa17601976aa
cc5308137d11f44107856c9bda8c139ea2e76635
e204e84bb8f2845d521c764bf8dca17d192436a22ca0ae2cedb70489fa4d6caf
GET /InvalidAds/getcookietime.php?domain=send.cm HTTP/1.1
Host: secureads.increaserev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:23:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: *
x-varnish: 350298406 343484972
age: 1
x-cache: HIT
x-cache-hits: 4
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzT%2BYNs3dwrrcw4%2FieER4sWC2nPcUv2BhSb6WDBo356N2MwLEBJTkY7tYyFLkhggbBy75h98vDaAJk%2FmgI9PYOqPYQVp%2FsABfLw4RqLSCkUODx4kBtIry2tSTMYVUlYgpxI5NPzlVv4LE54%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cec0bdfb041bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2371
Expires: Sun, 20 Nov 2022 06:02:51 GMT
Date: Sun, 20 Nov 2022 05:23:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2371
Expires: Sun, 20 Nov 2022 06:02:51 GMT
Date: Sun, 20 Nov 2022 05:23:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2371
Expires: Sun, 20 Nov 2022 06:02:51 GMT
Date: Sun, 20 Nov 2022 05:23:20 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 0221df1d0f7ec47514a03758ce83f18f
59aaf8e97c727c44933ad992e2d7202f9aee236e
3497027e232c118c1a2484226c8f0eda34db55fa03728990c43bdf7f418acae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 801bfa5219b8edbae22ab4be73ea5f1b
6795d174c6af1841ff34a78c0723c8fd9a69bdce
5288c50ab4af870e03058d86bbf4fca0cb0cbb10136580858cb7c05e91605805
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc7bd20d-d931-4bf4-b779-4d11f018d81f.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc7bd20d-d931-4bf4-b779-4d11f018d81f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 623ee888c7c89b3b1fbc7454032403e9
6c237808a186c2ac0d7084fb386b0862d188dabb
a7e8212bb8c2c738a61f1f7ecf730ee09e751334f3cdb5ed447913b69561f5b8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc7bd20d-d931-4bf4-b779-4d11f018d81f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8756
x-amzn-requestid: c80806cc-6125-4e82-971e-1c93d7bb5ce9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3izgHavoAMFicA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b49-51a4c2ba1d646c1c7633d99a;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:31:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bsukMDSn70wVNA0iIBkOUGae0uTFHvOowG90XsuEqTUVoYg8IReLzQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:54:26 GMT
age: 26934
etag: "6c237808a186c2ac0d7084fb386b0862d188dabb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ngJvyUydpRDSiYy9kfeh8JmydmR_K8mjfZtGLgT0qeE2JaABbDMSaQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:36:28 GMT
age: 28012
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79ccaf63b8e37223509518f540b26f54
fd48bd3737d35bc53a0ec4593c8769ea9fe1cc71
950ae082472515d39c9e3440cee399376e99840651ff04c4d2581951e44163de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9653
x-amzn-requestid: 06932e2b-59fa-4e05-aad3-65d7e2045e13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i5fHJEoAMF8Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b6f-0062640e7868cf664bcf26d2;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:32:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6eFgEWflu3zqDd4J838DeZiPxNafliBVrce95D_29-oviwINWR2bkw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:31 GMT
etag: "fd48bd3737d35bc53a0ec4593c8769ea9fe1cc71"
content-type: image/jpeg
age: 27709
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51792f65-6e89-49e5-9135-0a8a2de2ab9c.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51792f65-6e89-49e5-9135-0a8a2de2ab9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3c8c476db4c44614c4ba79f584acf65
35318fa392a72f49f293bfd582960d195065403a
61af67d251bb0523cbf938ed497f540a7529d8130b1950bde9ce2bf8cef3dcfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51792f65-6e89-49e5-9135-0a8a2de2ab9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6953
x-amzn-requestid: b224cf31-9132-4af2-b4ad-0fde224e7222
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jZmEXoIAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c3d-3b19e98831138506588e2229;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2ef6C4hpAZo72BfD46AxHqw-Pd4ywBJxE9FkQRGu31ymPd0zRuz4PA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:31 GMT
age: 27709
etag: "35318fa392a72f49f293bfd582960d195065403a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2640ea-cb67-4da2-9989-09bf608bd138.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2640ea-cb67-4da2-9989-09bf608bd138.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2dcdeb5df10dd86dbc155dbefc4fd72b
b0a20213cdedc7fa472dbdad4e1152152009433e
ba98ae058e591f010056de61cdc58e09b5a2742be08421e0ba57ac2a0de36422
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2640ea-cb67-4da2-9989-09bf608bd138.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11915
x-amzn-requestid: 93e2bad9-148f-4b10-9c07-8ab77bcaafcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jW6F0BoAMFU3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c2c-19e415980648396973718d73;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O0vFQbc7MZW0FFNbD5rHHhF6RHpC4ITkNGQV12MhOKHqB7mqrrFqKw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:47:22 GMT
age: 27358
etag: "b0a20213cdedc7fa472dbdad4e1152152009433e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4454f87c40e9b7c5de9853c1ec6f0671
119aac07a88e7c358bf353335f3a81039ca9943b
e909f823611609282c643c58ccc7b267dcfc09970e58b66742dc8baf7cda5bf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5699
x-amzn-requestid: ea538aed-2b5a-4940-b49f-b4703a556956
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i6KHnQoAMFu3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b74-2f756f9a27ddc4b001cdaff2;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:32:36 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: w4JqPNmzHlUl4EMM2osU4Z5dtroFWOB0DL5ylePs6XBbIdxpsPItnQ==
via: 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:31 GMT
etag: "119aac07a88e7c358bf353335f3a81039ca9943b"
content-type: image/jpeg
age: 27709
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=send.cm
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=send.cm
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=send.cm HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 20 Nov 2022 05:23:20 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=send.cm
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=send.cm
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=send.cm HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 20 Nov 2022 05:23:20 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 0221df1d0f7ec47514a03758ce83f18f
59aaf8e97c727c44933ad992e2d7202f9aee236e
3497027e232c118c1a2484226c8f0eda34db55fa03728990c43bdf7f418acae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
142.250.74.130200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
IP 142.250.74.130:0
File type JSON data\012- , ASCII text, with very long lines (14642), with no line terminators
Hash 49f941d308e183a6a148a95300994ef6
4185e1a5798a463bdab9c5577b1cf817e8762bd0
21df31b3ccd9a84df89f5a739f127230bfe663b4d61088b5d8c83d5c535c6ec1
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 20 Nov 2022 05:23:20 GMT
server: cafe
content-length: 11052
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
6a0653ada25b688b983eae035e23c5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.65200 OK 2.7 kB URL HTTP/2 6a0653ada25b688b983eae035e23c5cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 6a0653ada25b688b983eae035e23c5cd.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Sun, 20 Nov 2022 05:23:20 GMT
expires: Mon, 20 Nov 2023 05:23:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 0942172c82c4c1b215b79d300d5aaa8e
6b00ecfacf81621b792a2bc7d2d5632d381d011a
aece9d2a25bfc53614c9f08e69e1e67919334fbbe5465188eaa228a9679944ba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.65200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.65:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 20 Nov 2022 05:23:20 GMT
expires: Sun, 20 Nov 2022 05:23:20 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ecf20bb738504255b997d0f8d32f84da
4083bb312c0263ccdbccdd6e157060d3f85996c7
65a66ce857bb2fd22d467c16a4f405faf4a50700a8fd1a4b8c5b903df10c4aaf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 02cdbc0d0a014ced21655e91df26d05c
74d1b1a42bfabf713469ba7f1adddf344ead4e88
1fed1dbe55cc19ed4edf824e3dda3cd42634ff5219658ea55c318897d00b2222
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 20 Nov 2022 05:23:20 GMT
date: Sun, 20 Nov 2022 05:23:20 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-wL0_XzSzJGYt5ETLacmKMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ads.rubiconproject.com/ad/22554.js
2.21.206.244200 OK 8.9 kB URL HTTP/2 ads.rubiconproject.com/ad/22554.js
IP 2.21.206.244:0
File type C source, ASCII text, with very long lines (30726), with no line terminators
Hash abb4df63bf35fe81584cd15359171598
a5b443f07e887235f32abbad2ce7dd44eeeb826b
8afd374f4919a723157e940363b07b39bc5131c533424d3976d99d52de29bfdd
GET /ad/22554.js HTTP/1.1
Host: ads.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
x-powered-by: PHP/5.3.3
content-encoding: gzip
content-length: 8916
content-type: text/javascript
cache-control: max-age=13688
expires: Sun, 20 Nov 2022 09:11:28 GMT
date: Sun, 20 Nov 2022 05:23:20 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
216.58.211.2200 OK 48 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 216.58.211.2:0
File type ASCII text, with very long lines (3502)
Hash 297e24828abaf97fb29460fd75369140
e9e02d737f1bcf9874a55562edff5f795a1c170c
cdbe4e689ca060e94f00f0aa4c45a89efacddac90df42929ff42a3bff44a9d3e
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 48265
date: Sun, 20 Nov 2022 05:23:20 GMT
expires: Sun, 20 Nov 2022 05:23:20 GMT
cache-control: private, max-age=3000
etag: "1668095300071091"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash feccbd2ef60f05c7e36ec8465b44f65c
226420c672d48e98f4a4c0832db2b31d9163df09
0cd6ff678ff7efbab09293c1ff1c12c72743a27b70df0a20b708de952ea04737
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4162
Cache-Control: max-age=161576
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:20 GMT
Etag: "63797daf-1d7"
Expires: Tue, 22 Nov 2022 02:16:16 GMT
Last-Modified: Sun, 20 Nov 2022 01:06:55 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
smarttag.rubiconproject.com/a/22554/435054/2490514-16.js?&cb=0.25970236964603544&tk_st=1&rf=https%3A//send.cm/cl28s52uvf04&rp_s=c&p_pos=atf&p_screen_res=1280x1024&ad_slot=435054_16&rp_secure=1
213.19.162.41200 OK 147 B URL HTTP/2 smarttag.rubiconproject.com/a/22554/435054/2490514-16.js?&cb=0.25970236964603544&tk_st=1&rf=https%3A//send.cm/cl28s52uvf04&rp_s=c&p_pos=atf&p_screen_res=1280x1024&ad_slot=435054_16&rp_secure=1
IP 213.19.162.41:0
Hash 1bc9cd1cdabf4c93c1d381745329f160
576ac67a760a4edee4d3e46aa85777b0736ff52f
0e3c899ebdaf5b195762425593850487108f4bb5e29fcbc664bf5fab2fcc3a21
GET /a/22554/435054/2490514-16.js?&cb=0.25970236964603544&tk_st=1&rf=https%3A//send.cm/cl28s52uvf04&rp_s=c&p_pos=atf&p_screen_res=1280x1024&ad_slot=435054_16&rp_secure=1 HTTP/1.1
Host: smarttag.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 20 Nov 2022 05:23:21 GMT
content-type: text/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LAOWY77D-14-21UD; Domain=.rubiconproject.com; Path=/; Expires=Mon, 20-Nov-2023 05:23:20 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrhFuvJPyvpsO9DtVM30fCgnj+jX/vsGdbrG4TxTyvzaSuPIgtGy9lhisoFuMQke95E2z9RTX3XvA==; Domain=.rubiconproject.com; Path=/; Expires=Mon, 20-Nov-2023 05:23:20 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 147
X-Firefox-Spdy: h2
secure-assets.rubiconproject.com/static/psa/blank/1x1.png
2.21.206.244200 OK 155 B URL HTTP/2 secure-assets.rubiconproject.com/static/psa/blank/1x1.png
IP 2.21.206.244:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fed6b76619acefb38a43867d5fbbd65
b4881fe00376089907ce39fb43398fe2b9d55b8a
172f8ce100094feaee2d292f56c5a847b0a89852a43e79ef7743d28d06dec7d7
GET /static/psa/blank/1x1.png HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 01 Oct 2019 16:53:58 GMT
accept-ranges: bytes
content-type: image/png
content-encoding: gzip
unused62: 8096267
content-length: 155
date: Sun, 20 Nov 2022 05:23:21 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuW_jDU_3ILCjCw7pnBKFZe0ueqdfCUsgdX4fuIcuGLLFboGkIcqd9huuxPmOGRUwp2bGyb4lxVeujlQS8WnhZsCHrdGb0rYGpQYHz9mMxzHvXSspqN&sig=Cg0ArKJSzOprFfGinmd4EAE&id=lidar2&mcvt=1001&p=152,472,432,808&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1280,939&mc=1&vu=1&app=0&itpl=19&adk=3686083070&rs=4&la=0&cr=0&vs=4&r=v&rst=1668921800808&rpt=346&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
142.250.74.130200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuW_jDU_3ILCjCw7pnBKFZe0ueqdfCUsgdX4fuIcuGLLFboGkIcqd9huuxPmOGRUwp2bGyb4lxVeujlQS8WnhZsCHrdGb0rYGpQYHz9mMxzHvXSspqN&sig=Cg0ArKJSzOprFfGinmd4EAE&id=lidar2&mcvt=1001&p=152,472,432,808&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1280,939&mc=1&vu=1&app=0&itpl=19&adk=3686083070&rs=4&la=0&cr=0&vs=4&r=v&rst=1668921800808&rpt=346&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
IP 142.250.74.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsuW_jDU_3ILCjCw7pnBKFZe0ueqdfCUsgdX4fuIcuGLLFboGkIcqd9huuxPmOGRUwp2bGyb4lxVeujlQS8WnhZsCHrdGb0rYGpQYHz9mMxzHvXSspqN&sig=Cg0ArKJSzOprFfGinmd4EAE&id=lidar2&mcvt=1001&p=152,472,432,808&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1280,939&mc=1&vu=1&app=0&itpl=19&adk=3686083070&rs=4&la=0&cr=0&vs=4&r=v&rst=1668921800808&rpt=346&isd=0&lsd=0&met=ie&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Sun, 20 Nov 2022 05:23:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
glizauvo.net/impression/KAhxOPqglHgHsWOm6DP9RNuM6I-n12tUIHLQHmBbYAcIiHMCYT7by_APRelJUwplWRF43_wKxn_eeUvz7boT9Tm3yZEKJPiVOawfbHVZQ53gEwzTWPYMiuumhasBPkokubGR61ml9lmtys2PwyLrCHVWSLjmhh_l--qxlJUJr0OnyI8YfiBSyNpZrsdIQx-NWC1CCnsq43zzwfTVNkd_9hnRoJVBGs8eqV5h2wLBgAHQGKhhd3GyHkTA5gcthN1TTAUH84f-ySixnuq0HMk3zBAE2xqa2fJ6bxBneUV7KqmFU0c2IzERSqaNniUcs_OJ7YnCR00zroBVGBZx7GCJIOaHRhJ6xizsnV7ahCy-PG2wUuoUA09LMljRET3p2AdIAiYKCLNtHfpf91HFskS0IpqovIVACX2_p-UU-syRLN_B4jnoTBtLEvr9IUvddf314XCYVu2YRXURGaM0kg7UptH50wHLbLR50FyxUAxHpGbdUU9xPB0z_WsT65wjRsQJitHXOoVku8U06jZh23CdYL21s-obHS6RwpR9mE8q_n5MeqiK4lZIThYdbaKXcIytpTQzr88_yCGIb0DaWXdVKA==?_z=4856335&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fsend.cm%2Fcl28s52uvf04&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.236200 OK 43 B URL HTTP/2 glizauvo.net/impression/KAhxOPqglHgHsWOm6DP9RNuM6I-n12tUIHLQHmBbYAcIiHMCYT7by_APRelJUwplWRF43_wKxn_eeUvz7boT9Tm3yZEKJPiVOawfbHVZQ53gEwzTWPYMiuumhasBPkokubGR61ml9lmtys2PwyLrCHVWSLjmhh_l--qxlJUJr0OnyI8YfiBSyNpZrsdIQx-NWC1CCnsq43zzwfTVNkd_9hnRoJVBGs8eqV5h2wLBgAHQGKhhd3GyHkTA5gcthN1TTAUH84f-ySixnuq0HMk3zBAE2xqa2fJ6bxBneUV7KqmFU0c2IzERSqaNniUcs_OJ7YnCR00zroBVGBZx7GCJIOaHRhJ6xizsnV7ahCy-PG2wUuoUA09LMljRET3p2AdIAiYKCLNtHfpf91HFskS0IpqovIVACX2_p-UU-syRLN_B4jnoTBtLEvr9IUvddf314XCYVu2YRXURGaM0kg7UptH50wHLbLR50FyxUAxHpGbdUU9xPB0z_WsT65wjRsQJitHXOoVku8U06jZh23CdYL21s-obHS6RwpR9mE8q_n5MeqiK4lZIThYdbaKXcIytpTQzr88_yCGIb0DaWXdVKA==?_z=4856335&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fsend.cm%2Fcl28s52uvf04&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.236:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/KAhxOPqglHgHsWOm6DP9RNuM6I-n12tUIHLQHmBbYAcIiHMCYT7by_APRelJUwplWRF43_wKxn_eeUvz7boT9Tm3yZEKJPiVOawfbHVZQ53gEwzTWPYMiuumhasBPkokubGR61ml9lmtys2PwyLrCHVWSLjmhh_l--qxlJUJr0OnyI8YfiBSyNpZrsdIQx-NWC1CCnsq43zzwfTVNkd_9hnRoJVBGs8eqV5h2wLBgAHQGKhhd3GyHkTA5gcthN1TTAUH84f-ySixnuq0HMk3zBAE2xqa2fJ6bxBneUV7KqmFU0c2IzERSqaNniUcs_OJ7YnCR00zroBVGBZx7GCJIOaHRhJ6xizsnV7ahCy-PG2wUuoUA09LMljRET3p2AdIAiYKCLNtHfpf91HFskS0IpqovIVACX2_p-UU-syRLN_B4jnoTBtLEvr9IUvddf314XCYVu2YRXURGaM0kg7UptH50wHLbLR50FyxUAxHpGbdUU9xPB0z_WsT65wjRsQJitHXOoVku8U06jZh23CdYL21s-obHS6RwpR9mE8q_n5MeqiK4lZIThYdbaKXcIytpTQzr88_yCGIb0DaWXdVKA==?_z=4856335&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fsend.cm%2Fcl28s52uvf04&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: glizauvo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Cookie: OAID=b752e9a4d4e94ddca6abfd463fac0d7c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 05:23:24 GMT
content-type: image/gif
content-length: 43
x-trace-id: 56a1a46f9590265e2b34986e4769bdcc
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c28dcab32cb68e75be2f9d541e417a3c
7e94e4d48e4004090b100451a37752a7ae691550
fe2434a22cb390d054adcb47b67cbc3d1141a753f87839723554dd1bced75e45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP 142.250.74.10:0
Hash 0ec06507afa05332351620aee31a89d3
8b10356c1a1cea62746a8ebf6a96cf954e77ac19
ac0713ec3fe2955d1eaa7e717059f4339d16110916c4c05f7ab502eaf68f48cd
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 20 Nov 2022 05:23:24 GMT
date: Sun, 20 Nov 2022 05:23:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d561fb4c2606ae6f3e27b550aac78eb1
08fab66de067ec1b26229eb8ca8025228b1e77df
696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d561fb4c2606ae6f3e27b550aac78eb1
08fab66de067ec1b26229eb8ca8025228b1e77df
696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://send.cm
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:53:49 GMT
expires: Thu, 16 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 296975
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://send.cm
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 294556
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d561fb4c2606ae6f3e27b550aac78eb1
08fab66de067ec1b26229eb8ca8025228b1e77df
696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:23:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pogothere.xyz/asd100.bin
172.64.107.19200 OK 0 B IP 172.64.107.19:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Origin: https://send.cm
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:23:18 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5338
last-modified: Sun, 20 Nov 2022 03:54:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZU3shjbWrAliy3HiGUvCkIJcghQIDa1kKRFD9OIdr8aCy0%2BGUizzYH9rgU2sRJgqOfwP7%2F4tUT2upy2kdp70Cirwel33%2BeY9lHTEiMGogGi1oAz0%2FwNRGwK8W5ZuOz7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cec0bb6b1c0091-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.84.149200 OK 0 B IP 104.21.84.149:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:23:19 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:58 GMT
etag: W/"634eb2c6-32d9"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6365
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxNlGGb4xiWewLXqsG%2FwXho0bcqm1vz9a1WwZwnZ4pb253txot8DUSkFTcF1YowkPJx7djta8GXuxBhtuLmPDPH99AcMweD%2BhrCO%2B9Ms1b6%2BVaHQAGm2v%2B4%2BzmGi3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cec0bdbedb1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
send.cm/cl28s52uvf04
104.26.3.171200 OK 0 B IP 104.26.3.171:0
GET /cl28s52uvf04 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:23:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=0;includeSubDomains;
expires: Sat, 19 Nov 2022 05:23:18 GMT
set-cookie: lang=english; domain=.send.cm; path=/
c_7hyj5tegwm4sd1=cl28s52uvf04; domain=.send.cm; path=/
aff=83576; domain=.send.cm; path=/; expires=Sun, 04-Dec-2022 05:23:18 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5hStvhmw1ZSIrFTC%2FEviQDW45ZhOI%2BZ8pzmGyT5Wf4Qg%2BUqPSacdV%2BGLB7noBtKPQXK5MlFk9yi1Hyilg3k7%2Bdmb0p%2B%2B0Bjft4i%2FpkwEEVYXHLHZe1Hr54%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cec0b63a8bb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.hostip.info/get_json.php
104.21.7.251200 OK 0 B URL HTTP/2 api.hostip.info/get_json.php
IP 104.21.7.251:0
GET /get_json.php HTTP/1.1
Host: api.hostip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:23:19 GMT
content-type: application/json; charset=iso-8859-1
expires: Mon, 21 Nov 2022 05:23:18 GMT
last-modified: Sun, 20 Nov 2022 05:23:18 GMT
cache-control: public, max-age=86400
pragma: !invalid
access-control-allow-origin: *
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FjFupCZxH4w%2FhD9Eev4OvYvZnAcSEWXOKKrbc%2BsJ6SSopmbqXtZi8alS%2FxrrTYzY%2BVFid04G%2FH9T2A6sDdrXafn89EryNZ5vVy%2Fy6QvfC9hZ30IbFOzX8vPAE8LEQMPXBg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cec0baffebb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
waufooke.com/5/4277204/?oo=1&aab=1
139.45.197.238200 OK 0 B URL HTTP/2 waufooke.com/5/4277204/?oo=1&aab=1
IP 139.45.197.238:0
Analyzer Verdict Alert quad9 Sinkholed
GET /5/4277204/?oo=1&aab=1 HTTP/1.1
Host: waufooke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 05:23:18 GMT
content-type: application/json
x-trace-id: b342b8a0f873a45dbf3f8681e70cd4fb
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=b752e9a4d4e94ddca6abfd463fac0d7c; expires=Mon, 20 Nov 2023 05:23:18 GMT; path=/; secure; SameSite=None
oaidts=1668921798; expires=Mon, 20 Nov 2023 05:23:18 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
glizauvo.net/500/4856335?excludes=&oaid=b752e9a4d4e94ddca6abfd463fac0d7c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fsend.cm%2Fcl28s52uvf04&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.236200 OK 0 B URL HTTP/2 glizauvo.net/500/4856335?excludes=&oaid=b752e9a4d4e94ddca6abfd463fac0d7c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fsend.cm%2Fcl28s52uvf04&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.236:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/4856335?excludes=&oaid=b752e9a4d4e94ddca6abfd463fac0d7c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fsend.cm%2Fcl28s52uvf04&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: glizauvo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Cookie: OAID=0bc6d4adca3442cfb5a3d7f12d092a02
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 05:23:19 GMT
content-type: application/javascript
x-trace-id: 2218fbef5975dbfb736ef590be83e509
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://send.cm
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=b752e9a4d4e94ddca6abfd463fac0d7c; expires=Mon, 20 Nov 2023 05:23:19 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
secureads.increaserev.com/InvalidAds/addRequest.php?ip=91.90.42.154&domain=send.cm&os=Windows%2010&adstype={%22_336x280%22:1}
104.26.1.126200 OK 0 B URL HTTP/2 secureads.increaserev.com/InvalidAds/addRequest.php?ip=91.90.42.154&domain=send.cm&os=Windows%2010&adstype={%22_336x280%22:1}
IP 104.26.1.126:0
GET /InvalidAds/addRequest.php?ip=91.90.42.154&domain=send.cm&os=Windows%2010&adstype={%22_336x280%22:1} HTTP/1.1
Host: secureads.increaserev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:23:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: *
x-varnish: 345416154
age: 0
x-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0kPmk8Zqk%2Fp%2F45iLVxA6v5HjNM8V4ZnxuHkUDjyDESqP1vtOQvCNYvporq2sAcncOHElJoAQF0nPlEzcIyd7dHOv7yTMxu8fP7IlXgRv9nI5RrXhvSX%2FhPlcBIcqXLzJ%2B2QDOtfYT54rTw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cec0dd1c511bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
secureads.increaserev.com/InvalidAds/checkblock.php?ip=91.90.42.154&domain=send.cm
104.26.1.126200 OK 0 B URL HTTP/2 secureads.increaserev.com/InvalidAds/checkblock.php?ip=91.90.42.154&domain=send.cm
IP 104.26.1.126:0
GET /InvalidAds/checkblock.php?ip=91.90.42.154&domain=send.cm HTTP/1.1
Host: secureads.increaserev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:23:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: *
x-varnish: 329496267
age: 0
x-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwDaniXjRuRTeMBgwjLVKWJbepGmPmtGGmoQHCY6Lw70ew8CI%2BAAUSnx6wieKCdRf%2FwaB0CwZx4KgynrBGIg0VQ3bpgyikBxr7a3JLjfsJyN3%2Bo%2Bjrog3MIQd%2Bb6kOzd66rV7k3TmOOrKEs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cec0be3b181bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
glizauvo.net/401/4856335
139.45.197.236200 OK 0 B IP 139.45.197.236:0
Analyzer Verdict Alert quad9 Sinkholed
GET /401/4856335 HTTP/1.1
Host: glizauvo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 05:23:18 GMT
content-type: application/javascript
x-trace-id: 997e1db4447c5a85848caa8338514488
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=0bc6d4adca3442cfb5a3d7f12d092a02; expires=Mon, 20 Nov 2023 05:23:18 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2