Report - send.cm/d/LHUG

Report Overview

Submitted URL
send.cm/d/LHUG
IP
172.67.70.55
ASN
#13335 CLOUDFLARENET
Submitted
2023-05-27 12:09:34
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
d2dkurdav21mkk.cloudfront.net	unknown	2008-04-25	2023-04-15	2023-05-25	411 B	54 kB	54.230.245.115
onetag-sys.com	1840	2015-04-05	2015-04-08	2023-05-27	467 B	492 B	51.89.9.253
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2023-05-27	471 B	2.7 kB	104.16.89.20
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-05-27	1.3 kB	159 kB	142.250.74.72
pogothere.xyz	unknown	2022-08-22	2022-09-04	2023-05-27	818 B	104 kB	104.21.0.182
dismantlepenantiterrorist.com	17847	2021-11-01	2021-11-01	2023-05-26	1.5 kB	0 B	0.0.0.0
simplewebanalysis.com	unknown	2022-02-15	2022-02-25	2023-05-26	418 B	416 B	52.28.214.225
api.hostip.info	206644	2003-10-09	2012-06-20	2023-05-24	419 B	904 B	172.67.129.45
etheappyrincea.info	unknown	2023-04-02	2023-05-05	2023-05-27	2.8 kB	5.1 kB	52.85.242.80
s.seedtag.com	4563	2013-09-04	2018-07-02	2023-05-26	459 B	1.2 kB	34.149.50.64
d1ugiptma3cglb.cloudfront.net	unknown	2008-04-25	2023-05-24	2023-05-26	671 B	873 B	54.230.245.7
addresseepaper.com	18169	2021-11-01	2021-11-01	2023-05-26	790 B	0 B	0.0.0.0
increaserev.com	83829	2016-10-13	2016-10-14	2023-05-26	411 B	548 kB	104.26.0.126
ib.adnxs.com	241	2008-05-27	2012-05-20	2023-05-27	468 B	661 B	185.89.210.212
cat2.hbwrapper.com	unknown	2020-01-30	2023-01-11	2023-05-25	456 B	250 B	68.183.18.251
id.hadron.ad.gt	unknown	unknown	2022-06-07	2023-05-27	471 B	481 B	104.22.5.69
godpvqnszo.com	unknown	2022-09-06	2022-09-19	2023-05-26	3.3 kB	214 kB	62.122.171.6
gforanythingamgl.info	unknown	2023-04-02	2023-05-05	2023-05-27	1.6 kB	1.8 kB	104.21.93.237
prebid.a-mo.net	1148	2017-09-08	2020-07-14	2023-05-27	1.0 kB	512 B	147.75.84.158
pl15995674.highrevenuegate.com	unknown	2023-03-02	2023-04-06	2023-05-24	466 B	514 B	192.243.59.13
send.cm	338619	2019-03-18	2019-08-16	2023-05-26	19 kB	1.1 MB	172.67.70.55
limurol.com	unknown	2022-07-12	2022-07-12	2023-05-26	9.3 kB	5.3 kB	62.122.171.6
accounts.google.com	81	1997-09-15	2016-03-20	2023-05-27	7.3 kB	22 kB	216.58.207.237
c3.a-mo.net	unknown	2017-09-08	2023-03-31	2023-05-27	498 B	395 B	104.19.158.19
id.a-mx.com	7152	2021-07-01	2021-07-16	2023-05-27	1.1 kB	1.6 kB	104.21.41.253
my.rtmark.net	9054	2014-10-29	2015-02-04	2023-05-27	449 B	736 B	139.45.195.8
cloudflare.com	342	2009-02-17	2012-05-22	2023-05-26	445 B	587 B	104.16.133.229
barnes.send.cm	unknown	2019-03-18	2023-05-19	2023-05-25	1.3 kB	67 kB	172.67.70.55
chalaips.com	unknown	2023-03-21	2023-03-21	2023-05-26	1.8 kB	31 kB	139.45.197.242
p.gcprivacy.com	127313	2021-01-18	2021-05-02	2023-05-26	401 B	345 B	54.230.111.59

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-05-27	medium	addresseepaper.com
2023-05-27	medium	dismantlepenantiterrorist.com
2023-05-27	medium	addresseepaper.com
2023-05-27	medium	dismantlepenantiterrorist.com

ThreatFox

No alerts detected

JavaScript (42)

	URL	Size	First Seen	Last Seen
	godpvqnszo.com/aas/r45d/vki/1951167/a6cdd247.js	85 kB	2023-05-14	2023-06-05
Pretty URL godpvqnszo.com/aas/r45d/vki/1951167/a6cdd247.js IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-14 09:51:37 Last Seen2023-06-05 03:17:44 Times Seen41 Hash 0812a8bf5c1c1e239ff337a622c7a89b 50eebe8ff4820f3553c38ef1f63dcf94bb8e9bfb 8f3aea3e305a912052f8c54fce21ca754f095ded9d35a9c1684b846376dc5e65 Loading...

	unknown	361 B	2023-05-27	2023-05-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-27 14:09:36 Last Seen2023-05-27 14:09:36 Times Seen1 Hash 80830b0b868446c0df0aafc0466d23fc 7ed8fda350df08b65427fbbbf09ee02edeeee8ab 8ca0ea5f37530aa24afc491b79baefa7b20b5b325cfc1738793525f245aa1e28 Loading...

	send.cm/d/LHUG	647 B	2023-05-24	2023-06-05
Pretty URL send.cm/d/LHUG IP 172.67.70.55 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-24 05:58:21 Last Seen2023-06-05 03:17:43 Times Seen13 Hash fc4219e6fe4078862aba87e564036b77 f73469b9597f8ea4d5c29ccc9cf5451ce381e83e 92b28a2c6e19cd5819d47afe71aa816898a7ba6a5d1525b8b103271aee38e7ad Loading...

	godpvqnszo.com/get/1951167?zoneid=1951167&jp=_cl3y3ervbn4bj3x92x2rox&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&cid=110440569560815	3.7 kB	2023-05-27	2023-05-27
Pretty URL godpvqnszo.com/get/1951167?zoneid=1951167&jp=_cl3y3ervbn4bj3x92x2rox&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&cid=110440569560815 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-27 14:09:36 Last Seen2023-05-27 14:09:36 Times Seen1 Hash 3e83a7b35fd444868e80a958d425731b 9f9880dd6930fb1aac87bac1fde084288d3caacd cfdfce064f98aa5ee14c4b53294f81aeb8d44d589e650636d5bfe23c48dcee9e Loading...

	unknown	277 kB	2023-05-27	2023-05-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-27 14:09:36 Last Seen2023-05-27 14:09:36 Times Seen1 Hash 16fd06abb564b53c42ab28bf5ca1f010 7e8f89fd99d201614ef92cc07838b27381cc18e6 146237f015206b1be67c3ce7042c0222b16bfec9245592160763a7de986c5e02 Loading...

	unknown	361 B	2023-05-27	2023-05-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-27 14:09:36 Last Seen2023-05-27 21:25:32 Times Seen2 Hash ca797e21c29647d053ec5ed7bbdac186 566fdae6e4fcafc7417d7bdeed4b637f9bad531b 3e7994717399e32783312c8d024a146f68e7255711220c03fae6ead80a611cd8 Loading...

	send.cm/d/LHUG	7.8 kB	2023-03-14	2023-07-23
Pretty URL send.cm/d/LHUG IP 172.67.70.55 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 09:20:00 Last Seen2023-07-23 06:38:18 Times Seen62 Hash 66cb87387e84d63348b5d90f02df7478 79d00c83d1acdb25ac811a6f6ecf380ae29982bf 68ea1dfbc95659eab2b8d4d10341eaea5e7d5d300c43ef410ef27fb84ee41ec3 Loading...

	limurol.com/ssp/req/1951167/?pb=ae04d9ba99e332c8081a351625c7965c1685196555&psp=K0E7nlalelkKvhgszt03XF8KdTk47sC6YOn-w4NUCxxIAMDRxfqTTSRuF2mGbvsuLX9LOh8t2DnCZQF7-A3m-4hrxUp54Rk3wcYuLHe2dbfCalldLvoIMlKRPSxU6aab6NYOWETsORW59G4h3FI7iwba9Xju8WogxwGScTCXH1NJvdcwku_k9nBs3qNbEOMR2f_k4jhykE797uqI5sb7HgVAoJNw53POQA_VpVPTJeHxr2Ozo71JKD2-Y1PYlgDHcpbFFq2kqp5wkzyWNgjfyCLJs0wESYmy94fENYvtsSKehdihATnKrmN4cz5-1OTum8Wy5gOtdHE4F2oewXnLuyVzo_B3UO5PW84jr6iCuDzmpkM8vlLYzFuaDRj7ybMxZ5jgMfN1WzF6p0HdMgjHFkAwuzIgov9SYYND8GKJ3Pj6HP0db31qsQTTOmD1WAdeBD8aeJ1niul5D5CAfRCERtOxUZXw4BfmKRDKP6OgwrttI-qRVzbEevSMtO9fPfG179DuSAvuaj6P5Orry-24Iu2ZZGG0wrgyBEPizqUnErvU60jBMs5hdhsFJnZW_X-1jo97wqOfeGfzpmuPo5VfHY-x3MLkd-fNVhT1_tfxf9dJHOdTrmPYQYWBizSis54MOdA3l6ON44qxL7SAh6kVJx_A30Et46t_31ncUoVRaISXSEREy6Z7xBhPawQqyI287wIXp2vQbQQFg56B_mgr6uH1lcLyh5ig3D4fnRh8QPG3YKpvskaBqms3atNuqPTDrKph-pW336g=&sp=1&cb=_clkk8xw46mwbdsj7yx10t4&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24	7 B	2023-03-07	2024-04-17
Pretty URL limurol.com/ssp/req/1951167/?pb=ae04d9ba99e332c8081a351625c7965c1685196555&psp=K0E7nlalelkKvhgszt03XF8KdTk47sC6YOn-w4NUCxxIAMDRxfqTTSRuF2mGbvsuLX9LOh8t2DnCZQF7-A3m-4hrxUp54Rk3wcYuLHe2dbfCalldLvoIMlKRPSxU6aab6NYOWETsORW59G4h3FI7iwba9Xju8WogxwGScTCXH1NJvdcwku_k9nBs3qNbEOMR2f_k4jhykE797uqI5sb7HgVAoJNw53POQA_VpVPTJeHxr2Ozo71JKD2-Y1PYlgDHcpbFFq2kqp5wkzyWNgjfyCLJs0wESYmy94fENYvtsSKehdihATnKrmN4cz5-1OTum8Wy5gOtdHE4F2oewXnLuyVzo_B3UO5PW84jr6iCuDzmpkM8vlLYzFuaDRj7ybMxZ5jgMfN1WzF6p0HdMgjHFkAwuzIgov9SYYND8GKJ3Pj6HP0db31qsQTTOmD1WAdeBD8aeJ1niul5D5CAfRCERtOxUZXw4BfmKRDKP6OgwrttI-qRVzbEevSMtO9fPfG179DuSAvuaj6P5Orry-24Iu2ZZGG0wrgyBEPizqUnErvU60jBMs5hdhsFJnZW_X-1jo97wqOfeGfzpmuPo5VfHY-x3MLkd-fNVhT1_tfxf9dJHOdTrmPYQYWBizSis54MOdA3l6ON44qxL7SAh6kVJx_A30Et46t_31ncUoVRaISXSEREy6Z7xBhPawQqyI287wIXp2vQbQQFg56B_mgr6uH1lcLyh5ig3D4fnRh8QPG3YKpvskaBqms3atNuqPTDrKph-pW336g=&sp=1&cb=_clkk8xw46mwbdsj7yx10t4&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2024-04-17 16:44:22 Times Seen16320 Hash a97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821 Loading...

	godpvqnszo.com/get/1951167?zoneid=1951167&jp=_cl0m5gc4k53p6ozmm9wdi5&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&cid=8836164847534176	3.7 kB	2023-05-27	2023-05-27
Pretty URL godpvqnszo.com/get/1951167?zoneid=1951167&jp=_cl0m5gc4k53p6ozmm9wdi5&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&cid=8836164847534176 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-27 14:09:36 Last Seen2023-05-27 14:09:36 Times Seen1 Hash 6e1d3bd7f59b1b3b3c38ec501ed76b0f 8d04e3e539617d2f15433bf48db77f7fe15f8510 53d168a148549abda2eaeaa06c55de1da41c666dd34df0c353198336360fd878 Loading...

	increaserev.com/ads/ob/tage/aaw.sendcm.js	547 kB	2023-05-24	2023-05-31
Pretty URL increaserev.com/ads/ob/tage/aaw.sendcm.js IP 104.26.0.126 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-24 23:11:53 Last Seen2023-05-31 03:48:36 Times Seen10 Hash 859f61380c9aba8320be99e8b3382f28 a8924f80e908ec7fc47ad4907061156da1af5741 52cdf9ce958b0d728d79e7c2fedc99b78ecab9f520d1fcafe544214fe3dc6994 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KXJCD57	205 kB	2023-05-27	2023-05-27
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KXJCD57 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-27 14:09:36 Last Seen2023-05-27 14:09:36 Times Seen2 Hash 7b26a5914f008d079406e0c44718e8f0 722c4918895f5752873ae0618707a65c906286bf 3e24c661ccff842ede593c7ed0854dab0e5a279feee742daef7e926f9ffef330 Loading...

	unknown	70 kB	2023-05-24	2023-06-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-24 05:58:21 Last Seen2023-06-10 11:06:06 Times Seen13 Hash c77b7e485e69dca88846eb0c31880b34 8747bee6f3c969d31c3458ce37be43d8c815563d e84d83a127b19337fe86ce5aa25454fcc536d46c8881dbfc0a93740f1098e07c Loading...

	unknown	446 B	2023-05-27	2023-05-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-27 14:09:36 Last Seen2023-05-27 21:25:32 Times Seen2 Hash 03192d74a286fdfce3645e1025b57527 de2172a63887abf00067656b598a496d761e8b10 30294df44f560cb938327f57440de38ac057b45aa480024b21ca368e257accb3 Loading...

	unknown	1.2 kB	2023-05-27	2023-05-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-27 14:09:36 Last Seen2023-05-27 21:25:32 Times Seen2 Hash a622a2118601c2dd281d30a17d946983 62680d9feab14419f21967edb934a7f0465aef2e eb7789e4a8ab38e3f73512c5a30e24dc4c926712da6be8f8ba6cfb584562a70c Loading...

	send.cm/d/LHUG	59 kB	2023-05-27	2023-05-27
Pretty URL send.cm/d/LHUG IP 172.67.70.55 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-27 14:09:36 Last Seen2023-05-27 21:25:32 Times Seen2 Hash d0c09393b714974810adb9d94017af38 99c00678f92d6feabca5c41ff85b56a58e0617fd 4a6a631a5b344058808ed5cb6080897d3b683c1186fc123400aa89c2e5e355db Loading...

	unknown	798 B	2023-04-14	2023-09-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-14 00:25:31 Last Seen2023-09-30 21:26:28 Times Seen53 Hash 07c459a26e30a6149a6d37256ca88407 6fe02a51449a7f70344b90a0d0f6ba3fbf1dd09f 021eaf1609e8363a4e5536c9ccac2889be2d562c1442cb9527eaae69017bce3b Loading...

	send.cm/js/share.js	329 B	2023-03-07	2024-05-04
Pretty URL send.cm/js/share.js IP 172.67.70.55 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:51 Last Seen2024-05-04 04:37:12 Times Seen526 Hash e38522ef9b2fe6940894f9f35a29f407 d5227e21fbae55e23bd87bf084a4049e797d0775 59b3cd5e8d2207976f8f687c84eba22d83cf960318fa8f7a6f31022ef4e69208 Loading...

	www.googletagmanager.com/gtag/js?id=UA-3400026-25	120 kB	2023-05-27	2023-05-27
Pretty URL www.googletagmanager.com/gtag/js?id=UA-3400026-25 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-27 14:09:36 Last Seen2023-05-27 14:09:36 Times Seen2 Hash facc7e5770e0ef387a71d1b7172411dd 2c663e30d1eb4b330e959dbb222c37d193b37b20 7facd3b189610da3974d21020221994856642751e23c398e2b20f56edb8862ce Loading...

	www.googletagmanager.com/gtag/js?id=UA-3400026-25&l=dataLayer&cx=c	120 kB	2023-05-27	2023-05-27
Pretty URL www.googletagmanager.com/gtag/js?id=UA-3400026-25&l=dataLayer&cx=c IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-27 14:09:36 Last Seen2023-05-27 14:09:37 Times Seen2 Hash 9a25b1e3a3fd1195e19e262ba2e54c27 3db1fe4c623765010665d0971a600e21fb057d44 ee7829b8ad54b34dce5cf5c08ca0c7ca44f7b40be74f22aa84de1851b17831b0 Loading...

	send.cm/lib/perfect-scrollbar/perfect-scrollbar.min.js	18 kB	2023-03-07	2024-05-04
Pretty URL send.cm/lib/perfect-scrollbar/perfect-scrollbar.min.js IP 172.67.70.55 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:24 Last Seen2024-05-04 22:55:47 Times Seen2249 Hash 4a10bcfa0a9c9fa9d503b5a498cac31e c4f6c403e99fb37cb496c3844b332823db7c5837 a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634 Loading...

	send.cm/cdn-cgi/challenge-platform/scripts/invisible.js	25 kB	2023-05-27	2023-05-27
Pretty URL send.cm/cdn-cgi/challenge-platform/scripts/invisible.js IP 172.67.70.55 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-27 14:09:36 Last Seen2023-05-27 14:09:37 Times Seen2 Hash f20edfa6723f3b21c647a04ddb3fcc01 a327217c7f219a53ba7f30d96b452c1e7a190670 b409cc589dd9a4c36acfe4f8f21efc5560ca773ddd9078a1374402ba479a4477 Loading...

	unknown	258 B	2023-03-09	2023-12-13
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:17:08 Last Seen2023-12-13 04:39:26 Times Seen121 Hash 142706d0b3bdf389d89ca29074552cf4 30eb7f76871c57befd3689498c3786aa35bc0729 8dfddd06ce7e1a1eb0cc9c570c85b6f73a734e01e25e756d4625e69fcf98dd02 Loading...

	send.cm/lib/bootstrap/js/bootstrap.bundle.min.js	79 kB	2023-03-07	2024-05-05
Pretty URL send.cm/lib/bootstrap/js/bootstrap.bundle.min.js IP 172.67.70.55 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2024-05-05 04:40:24 Times Seen15709 Hash a454220fc07088bf1fdd19313b6bfd50 265a733cb7fbc481fd2510a659a85ad55c93c895 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-05
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-05 07:18:38 Times Seen344364 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	send.cm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-05-05
Pretty URL send.cm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 172.67.70.55 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-05 08:27:24 Times Seen43661 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	unknown	154 B	2023-05-24	2023-06-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-24 05:58:21 Last Seen2023-06-18 17:22:02 Times Seen15 Hash fd5f42e3a295c9ead3ec2cdfd9d8065e 6e6d26342b2c20d4b4213861f166e9737074e49b 89cdd934c68807295fca66f7b2cfe5050427c5631dcd5e2241e88a4b94344f0f Loading...

	send.cm/cdn-cgi/challenge-platform/scripts/invisible.js	26 kB	2023-05-27	2023-05-27
Pretty URL send.cm/cdn-cgi/challenge-platform/scripts/invisible.js IP 172.67.70.55 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-27 13:31:26 Last Seen2023-05-27 14:09:54 Times Seen5 Hash a2b3858a82e11ae4d9ac83a9e9a9516a ec87119778a83db00035d1323fb064d2158b4e10 ac8f25aeb83031c1b75e0617dee3ad4c9474ed76cb674b51f1f8a9d02165899e Loading...

	chalaips.com/tag.min.js	73 kB	2023-05-26	2023-05-29
Pretty URL chalaips.com/tag.min.js IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-26 16:50:36 Last Seen2023-05-29 10:30:43 Times Seen192 Hash 55eb2b95f376a652d73458bd05dcbc47 eb793a2eeb526273561e5de40ccbff250f51fdfe 9ce2c4733b4fe317690836ca1f904d17f33d0ac87e18c59db554586274ed7997 Loading...

	send.cm/static/js/jquery.min.js	93 kB	2023-03-07	2024-05-03
Pretty URL send.cm/static/js/jquery.min.js IP 172.67.70.55 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:49 Last Seen2024-05-03 20:36:44 Times Seen1832 Hash bdce12c949e78d570c8d44e9c2b23508 9afdc4fec954646bd6270caf82f107fdef605bc5 c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc Loading...

	send.cm/assets/js/dashforge.js	2.3 kB	2023-03-07	2024-04-28
Pretty URL send.cm/assets/js/dashforge.js IP 172.67.70.55 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:15:58 Last Seen2024-04-28 20:31:06 Times Seen206 Hash 6ede26a7d7238a4ed67bcbdb67b30bb6 581c80a8cfec9844478e3b99b7774221c78d2be9 ccc7d942a1cfa3c238044a4885889799d7b215b5b29b2c48f5db28bececc2040 Loading...

	send.cm/static/js/clipboard.min.js	9.0 kB	2023-03-07	2024-05-05
Pretty URL send.cm/static/js/clipboard.min.js IP 172.67.70.55 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:35 Last Seen2024-05-05 00:45:14 Times Seen649 Hash ad98572d415d2f2452845a6068a913c0 6674f81dd01c76be986cf0a8172d1073e56d7ef4 baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1 Loading...

	d2dkurdav21mkk.cloudfront.net/?rukdd=984022	165 kB	2023-05-27	2023-05-27
Pretty URL d2dkurdav21mkk.cloudfront.net/?rukdd=984022 IP 54.230.245.115 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-27 14:09:36 Last Seen2023-05-27 14:09:36 Times Seen2 Hash 505071c60f48c49ff96d896d3ea96b0a b9c3729a58890a00857babda5221500adaec225c 507a298c31f69bbd18b28aa4e2988fd03edaac3aeafc03f3a923b8e6ad696a6b Loading...

	barnes.send.cm/s.js	66 kB	2023-03-08	2024-05-01
Pretty URL barnes.send.cm/s.js IP 172.67.70.55 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:25:57 Last Seen2024-05-01 19:11:47 Times Seen564 Hash e5461eb0cef4256771e360d6306c3033 f31a23f1e2d15a7a03992010c359833efba3e6b8 78c25da6082dd620e0fe7f12d7ef6e3c6015304575d9ced465b4e84e15a7d82a Loading...

	send.cm/d/sandbox%20eval%20code	147 B	2023-04-11	2024-05-05
Pretty URL send.cm/d/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-05 07:18:38 Times Seen344870 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	send.cm/static/js/lwcnCookieNotice.js	53 kB	2023-03-07	2023-09-30
Pretty URL send.cm/static/js/lwcnCookieNotice.js IP 172.67.70.55 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:15:58 Last Seen2023-09-30 21:26:28 Times Seen123 Hash 80ac9c6d6785b91485916869cade2107 181b8192bfad99ae60bfd12d7912301d526e5a25 dca3e0c9cbb4489fc71e12ab3020c2ee13e53c647eb50ce597813969732b570a Loading...

	send.cm/d/LHUG	1.2 kB	2023-05-27	2023-05-27
Pretty URL send.cm/d/LHUG IP 172.67.70.55 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-27 14:09:36 Last Seen2023-05-27 14:09:36 Times Seen1 Hash 35e85f1010f925613a86414719a4fc48 112d993f1083dbd34b115fe7e76d789fff1b9d9b b861e5670c1d928d89240d634f09ad9cfd59754dfa6ef8356c7c8c8c481e61fb Loading...

	securepubads.g.doubleclick.net/tag/js/gpt.js	13 kB	2023-04-05	2024-05-05
Pretty URL securepubads.g.doubleclick.net/tag/js/gpt.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 04:46:03 Last Seen2024-05-05 05:00:38 Times Seen31145 Hash 0c9ed134ae3d5ffe972da2a3e59dc428 620df222551395592e46e4c5f425cf23dcdad891 5f9efa604bfe2aee8c1a90376125a098306ba390530a6f9b2ecb0a67cdac178d Loading...

	send.cm/d/sandbox%20eval%20code	136 B	2023-04-11	2024-05-05
Pretty URL send.cm/d/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:23:25 Last Seen2024-05-05 05:00:38 Times Seen31712 Hash fb4eb094524daea58bf7f82331598541 f5ca39eb98fa1685f8647514a627d3d7f216f7ef 7cbf1e77bb9277bac7030ded2087246adf5c59564a5a1f28ce8c09be6ef48683 Loading...

	send.cm/lib/feather-icons/feather.min.js	66 kB	2023-03-07	2024-04-28
Pretty URL send.cm/lib/feather-icons/feather.min.js IP 172.67.70.55 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:44 Last Seen2024-04-28 20:31:05 Times Seen223 Hash 44dee7fbafd7dc2404fa62713a8398c2 34f8691360e3548d1c9c18534cb0ec38b5c63154 a90582369e8cfed7b41dca4758e2fbe09fccf55b89f0cd0b7d46efd0745db831 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 8cd0bfdcba5c481a8e60f3be32914f3f	26 B	2023-03-13	2024-01-31
Pretty Observations First Seen2023-03-13 10:09:53 Last Seen2024-01-31 09:02:32 Times Seen65 Hash 8cd0bfdcba5c481a8e60f3be32914f3f c490065d3e738744d8260b7c1baf473c6a0a619a 20d097ea7d67c1eaf3661836af0c7f2f6fba1a582cdce9e14bf06399c9fb924c Loading...

	#2 Eval - b45e95fea3b5e5dbd7c26831c213e0a3	12 B	2023-03-07	2024-05-04
Pretty Observations First Seen2023-03-07 13:23:11 Last Seen2024-05-04 02:03:08 Times Seen602 Hash b45e95fea3b5e5dbd7c26831c213e0a3 1c0e809426288719377d38c15904c4af42696fa3 d289508d3517d334034de9a39dec16581aec0d5c06c75bc9cece09aa7a837e80 Loading...

	#3 Eval - 56ce0d6f6004ab8666c22c39fe30415a	10 B	2023-03-13	2024-04-05
Pretty Observations First Seen2023-03-13 10:09:53 Last Seen2024-04-05 09:29:19 Times Seen75 Hash 56ce0d6f6004ab8666c22c39fe30415a 437e919e85ff3eee86348091bb267d2d663a627f 830512cb3931a985111a34be9c834ac0d7f78b479b5afc28d5bfe3ed03fef680 Loading...

HTTP Transactions (92)

URL IP Response Size

send.cm/qr/30PO0

172.67.70.55

200 OK

346 B

URL GET HTTP/3
send.cm/qr/30PO0
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
PNG image data, 135 x 135, 1-bit grayscale, non-interlaced\012- data
Size
346 B (346 bytes)
Hash
f8ee5a6681d233021f555a3315c5b476
5d51f719827038fdc8d08406e9336ca1cffa02ef
59ba215327e562fb9359de819c5eae8cdcc4d37cb55dc22847d9b1feba8c1b59

HTTP Headers

GET /qr/30PO0 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:14 GMT
content-type: image/png
content-length: 346
content-transfer-encoding: binary
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xULhsSXJYL9I%2FzQv%2ByJ2cOR2wJ6Xe9nsdAhA2wnoCuPTG6e14E8t2%2BRJIuMEoAMYEeA%2F8GNAvjWnnBYrkOva3F9Rr6jXubrZTt6pmkhu6AI5FHPDi3luoCw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25d9e8acb4f7-OSL
alt-svc: h3=":443"; ma=86400

d2dkurdav21mkk.cloudfront.net/?rukdd=984022

54.230.245.115

200 OK

54 kB

URL GET HTTP/2
d2dkurdav21mkk.cloudfront.net/?rukdd=984022
IP
54.230.245.115:443
ASN
#16509 AMAZON-02

Requested by
https://send.cm/d/LHUG
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (15948)
Size
54 kB (53896 bytes)
Hash
505071c60f48c49ff96d896d3ea96b0a
b9c3729a58890a00857babda5221500adaec225c
507a298c31f69bbd18b28aa4e2988fd03edaac3aeafc03f3a923b8e6ad696a6b

HTTP Headers

GET /?rukdd=984022 HTTP/1.1
Host: d2dkurdav21mkk.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 53896
date: Sat, 27 May 2023 12:09:14 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: A394XDY8143Qgsi1SLA7oe3gHjotdSNDBPaCIvv956W_yZjPVN3Y1Q==
X-Firefox-Spdy: h2

send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff

172.67.70.55

200 OK

82 kB

URL GET HTTP/3
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
Web Open Font Format, TrueType, length 82076, version 1.1\012- data
Size
82 kB (82076 bytes)
Hash
dac78b0f1626eb1aa95d41b488e699c1
a377d0df34945fc45bdc030dc63139bd9cf28a2d
ee6d9467e82f91146b9f71f3ac572d66f4aeed0f261b30ef4765550edc11119d

HTTP Headers

GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:14 GMT
content-type: font/woff
content-length: 82076
last-modified: Thu, 17 Sep 2020 12:29:20 GMT
vary: Accept-Encoding
etag: "5f6356a0-1409c"
expires: Fri, 26 May 2023 04:19:48 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 882844
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sXsl89o%2Bys2FfzUJBsAfeV9B%2BUZlZvY3my0CDiBRrNdQvmt%2Ft7wffJK9tkp%2FWbPsMyn0ocawgsQsLn7CXWYnf%2BJeNmXPxf6Q%2FvZKSnBYXd970k%2BZeLol%2FE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25db6a99b4f7-OSL
alt-svc: h3=":443"; ma=86400

send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff

172.67.70.55

200 OK

77 kB

URL GET HTTP/3
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
Web Open Font Format, TrueType, length 77420, version 1.1\012- data
Size
77 kB (77420 bytes)
Hash
2afba28a9ce96315436db858db163c47
550d4374a60527b4f68d4700019aaac11a9140a2
b51d665d9cfebb31a2b61491bf408a172a5791166a0eb99a57ae4a7acbcba0d4

HTTP Headers

GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:14 GMT
content-type: font/woff
content-length: 77420
last-modified: Thu, 17 Sep 2020 12:29:21 GMT
etag: "5f6356a1-12e6c"
expires: Tue, 09 May 2023 15:47:58 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1079739
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w35swCPXEh%2B1wcxqjJAYqVD8X8sWYDA6ogJdalcsIgM1sHS8sAyngs0K1w8ZY7qYA%2BmJbE7PZIOXHNkxtFqteslRXradL09%2BerpYcqTyo%2FjD0DNNiFkINfc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cde25db6a9bb4f7-OSL
alt-svc: h3=":443"; ma=86400

send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff

172.67.70.55

200 OK

82 kB

URL GET HTTP/3
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
Web Open Font Format, TrueType, length 81760, version 1.1\012- data
Size
82 kB (81760 bytes)
Hash
220843e2f1927e726e78ca63f426ce50
d86801f8452cda25025530f406773162decd1458
ae9310191397b69cd6dd015ba0c6f9d674f493d35384f29c9c7d23e3c7df0d24

HTTP Headers

GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:14 GMT
content-type: font/woff
content-length: 81760
last-modified: Thu, 17 Sep 2020 12:29:20 GMT
etag: "5f6356a0-13f60"
expires: Fri, 28 Apr 2023 10:10:49 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1079739
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOub2hTQ5opAM0E26CXq2f%2F5cApQN9HBGdtOOOGYI1nfIO0oEoprJwjSDHyZy3x%2Fd6MrFYrgXBZ7N%2FiKCCVPIEzScbqMTedxzC7hq4%2BsgtBLuO3yrwuQbiQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cde25db6a9db4f7-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtm.js?id=GTM-KXJCD57

142.250.74.72

200 OK

63 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with very long lines (39856)
Size
63 kB (63402 bytes)
Hash
7b26a5914f008d079406e0c44718e8f0
722c4918895f5752873ae0618707a65c906286bf
3e24c661ccff842ede593c7ed0854dab0e5a279feee742daef7e926f9ffef330

HTTP Headers

GET /gtm.js?id=GTM-KXJCD57 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 27 May 2023 12:09:15 GMT
expires: Sat, 27 May 2023 12:09:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 63402
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

godpvqnszo.com/solid.gif?z=1951167&abvar=0

62.122.171.6

200 OK

43 B

URL POST HTTP/2
godpvqnszo.com/solid.gif?z=1951167&abvar=0
IP
62.122.171.6:443
ASN
#50245 Serverel Inc.

Requested by
https://send.cm/d/LHUG
Certificate
IssuerBuypass AS-983163327
Subject
FingerprintA3:18:81:46:21:23:25:D9:B2:A0:C9:DF:CC:95:3B:39:2C:75:77:82
ValiditySun, 05 Feb 2023 10:50:47 GMT - Thu, 03 Aug 2023 21:59:00 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

POST /solid.gif?z=1951167&abvar=0 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:09:15 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

gforanythingamgl.info/elJ0bWdVbRceWhkVLgYyLSoxOFYgPyMoLRwERjsBKz42Oj48A1IZDh5vTVVTSmBGSxcTNklcQQkmFRkSCW9FSw4UNBtQQQxvRUNUTnxHX0lIdAFQVlwmBAwAR2NSHRMOPklcUUJnRVVeSWdAW1VN

104.21.93.237

204 No Content

0 B

URL GET HTTP/2
gforanythingamgl.info/elJ0bWdVbRceWhkVLgYyLSoxOFYgPyMoLRwERjsBKz42Oj48A1IZDh5vTVVTSmBGSxcTNklcQQkmFRkSCW9FSw4UNBtQQQxvRUNUTnxHX0lIdAFQVlwmBAwAR2NSHRMOPklcUUJnRVVeSWdAW1VN
IP
104.21.93.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /elJ0bWdVbRceWhkVLgYyLSoxOFYgPyMoLRwERjsBKz42Oj48A1IZDh5vTVVTSmBGSxcTNklcQQkmFRkSCW9FSw4UNBtQQQxvRUNUTnxHX0lIdAFQVlwmBAwAR2NSHRMOPklcUUJnRVVeSWdAW1VN HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 27 May 2023 12:09:15 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sijUcLVIQl%2Fq0skDWfEOmwX4GzCel27SgAkTAnOnaVA5q8nVFX2xof8njud77KxCEkNVXno8OfsXkzP%2FRQ%2F7tq3ZB3hDIPJsQrjI0%2BwUIJYpQoiFdkaNpWcsMul5fR1fC63RMJYHimk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25dcce6db515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

etheappyrincea.info/QmZJMzcjBCpeCCNbKxVCMAp0FgUEQ3t1U3ACIkZFJgc/AQYvDSIdVC4JPFdRMAknRxksAz0WBQQlH2V9Mj97BwUSNyp1YhEjfndhdz4rZG0YMx9LTQ0kJn52ATA/fHQHAQNJcSEnCGZ5Clc+AXEoHnl7ZSktKHR9EiI+CwAMMBt1dDgVMWVxCC8Hd24OPiVDTQgOIn51FQE7dFATPhlgVCQlPn5dJiQ+cGI4AXB2QC0lBmd5DzMaW1AkICV0bwUwf3ZhCAAqdHIwNCVLWxIBCH1wO1d6ZAYPMStkZnAwH0NAGzU9dG8FMy57BxgCD3R5GDEicVsnVmRLZRoMAAB0JQELUHADEBxlAik/JV9kGgsbAGBzKwBjdAMrC2JyNgJ4QFsaVBtZZXMoAHpwez9vWUQtCDkOZgAoO1ACIQ0RfgIXHiA

52.85.242.80

200 OK

1.2 kB

URL GET HTTP/2
etheappyrincea.info/QmZJMzcjBCpeCCNbKxVCMAp0FgUEQ3t1U3ACIkZFJgc/AQYvDSIdVC4JPFdRMAknRxksAz0WBQQlH2V9Mj97BwUSNyp1YhEjfndhdz4rZG0YMx9LTQ0kJn52ATA/fHQHAQNJcSEnCGZ5Clc+AXEoHnl7ZSktKHR9EiI+CwAMMBt1dDgVMWVxCC8Hd24OPiVDTQgOIn51FQE7dFATPhlgVCQlPn5dJiQ+cGI4AXB2QC0lBmd5DzMaW1AkICV0bwUwf3ZhCAAqdHIwNCVLWxIBCH1wO1d6ZAYPMStkZnAwH0NAGzU9dG8FMy57BxgCD3R5GDEicVsnVmRLZRoMAAB0JQELUHADEBxlAik/JV9kGgsbAGBzKwBjdAMrC2JyNgJ4QFsaVBtZZXMoAHpwez9vWUQtCDkOZgAoO1ACIQ0RfgIXHiA
IP
52.85.242.80:443
ASN
#16509 AMAZON-02

Requested by
https://send.cm/d/LHUG
Certificate
IssuerAmazon
Subjectetheappyrincea.info
FingerprintCA:17:98:7B:06:0A:D6:B9:7E:AA:96:FD:C8:F2:25:18:71:71:A8:4E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3025), with no line terminators
Size
1.2 kB (1181 bytes)
Hash
2189f26576d9bd5ebeb7eecb6d60e497
f8078b8f6292d8dcf66d791140120bc137c7ac46
520d6e41237f7bb075c9c973b08bdc5e36ace6a6cfb322f00bbcf0bead9ffdc4

HTTP Headers

GET /QmZJMzcjBCpeCCNbKxVCMAp0FgUEQ3t1U3ACIkZFJgc/AQYvDSIdVC4JPFdRMAknRxksAz0WBQQlH2V9Mj97BwUSNyp1YhEjfndhdz4rZG0YMx9LTQ0kJn52ATA/fHQHAQNJcSEnCGZ5Clc+AXEoHnl7ZSktKHR9EiI+CwAMMBt1dDgVMWVxCC8Hd24OPiVDTQgOIn51FQE7dFATPhlgVCQlPn5dJiQ+cGI4AXB2QC0lBmd5DzMaW1AkICV0bwUwf3ZhCAAqdHIwNCVLWxIBCH1wO1d6ZAYPMStkZnAwH0NAGzU9dG8FMy57BxgCD3R5GDEicVsnVmRLZRoMAAB0JQELUHADEBxlAik/JV9kGgsbAGBzKwBjdAMrC2JyNgJ4QFsaVBtZZXMoAHpwez9vWUQtCDkOZgAoO1ACIQ0RfgIXHiA HTTP/1.1
Host: etheappyrincea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1181
date: Sat, 27 May 2023 12:09:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 fb13343f41a549822047f18ba839fd5a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: C_HxGvBdREpnfaOFjtgPe-HytNZgEAon78zyNxhszQJ-GsCQmcQY2A==
X-Firefox-Spdy: h2

cat2.hbwrapper.com/

68.183.18.251

200 OK

15 B

URL POST HTTP/1.1
cat2.hbwrapper.com/
IP
68.183.18.251:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://send.cm/d/LHUG
Certificate
IssuerLet's Encrypt
Subjectcat2.hbwrapper.com
Fingerprint53:88:66:D9:C0:4B:23:EB:64:DA:62:13:BF:CD:E9:93:F8:9F:28:ED
ValidityFri, 05 May 2023 13:23:27 GMT - Thu, 03 Aug 2023 13:23:26 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
0f0479874bf6f4a7281099b15df27c27
55a490e280d48996e564d00492437eb17faadd28
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

HTTP Headers

POST / HTTP/1.1
Host: cat2.hbwrapper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 127
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 27 May 2023 12:09:15 GMT
Server: Apache
Access-Control-Allow-Origin: https://send.cm
Access-Control-Allow-Credentials: true
Content-Length: 15
Connection: close
Content-Type: text/html; charset=UTF-8

barnes.send.cm/s.php?action_name=send.cm%2Flpbgegsvzsz6&idsite=1&rec=1&r=634744&h=12&m=9&s=14&url=https%3A%2F%2Fsend.cm%2Fd%2FLHUG&_id=c6f6a9f10f28066c&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=jMT2AW&pf_net=28&pf_srv=163&pf_tfr=77&uadata=%7B%7D

172.67.70.55

204 No Content

0 B

URL POST HTTP/3
barnes.send.cm/s.php?action_name=send.cm%2Flpbgegsvzsz6&idsite=1&rec=1&r=634744&h=12&m=9&s=14&url=https%3A%2F%2Fsend.cm%2Fd%2FLHUG&_id=c6f6a9f10f28066c&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=jMT2AW&pf_net=28&pf_srv=163&pf_tfr=77&uadata=%7B%7D
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /s.php?action_name=send.cm%2Flpbgegsvzsz6&idsite=1&rec=1&r=634744&h=12&m=9&s=14&url=https%3A%2F%2Fsend.cm%2Fd%2FLHUG&_id=c6f6a9f10f28066c&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=jMT2AW&pf_net=28&pf_srv=163&pf_tfr=77&uadata=%7B%7D HTTP/1.1
Host: barnes.send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/3 204 No Content
date: Sat, 27 May 2023 12:09:15 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.6
content-encoding: none
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
strict-transport-security: max-age=15768000; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmeMUcSN%2FzauVOEy0Tor6K9%2FMCmmJAN6Yu4tRmjs1JV3T4nzWi2jl%2FdFu5YP7Z5rhG0Mj39b%2FVj%2FNyVcFHNnCG%2F1scHnRUDKSC4KW4KvBiIz1RqrG%2FnYmMmrEm%2BjA03d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25dd4d89b4f7-OSL
alt-svc: h3=":443"; ma=86400

send.cm/d/LHUG

172.67.70.55

200 OK

0 B

URL User Request GET HTTP/2
send.cm/d/LHUG
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /d/LHUG HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c6f6a9f10f28066c.1685189355.; _pk_ses.1.43ee=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:15 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=0;includeSubDomains;
expires: Fri, 26 May 2023 12:09:15 GMT
set-cookie: aff=1731; domain=.send.cm; path=/; expires=Sat, 10-Jun-2023 12:09:15 GMT
c_7hyj5tegwm4sd2=lpbgegsvzsz6; domain=.send.cm; path=/
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tILu%2BKKI46Q3fNq%2FGR9TdW13ftjxiojCsIarxZ9avQOU1TtZ2Jr09O1gBHAV%2BpTUlpjxgSTDtnKKSeZFRRkb3%2Bko75XxZQMkS%2FYXPEg4OYMLz7G7M0bMlw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25dd6db5b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

limurol.com/ssp/req/1951167/?pb=ae04d9ba99e332c8081a351625c7965c1685196555&psp=K0E7nlalelkKvhgszt03XF8KdTk47sC6YOn-w4NUCxxIAMDRxfqTTSRuF2mGbvsuLX9LOh8t2DnCZQF7-A3m-4hrxUp54Rk3wcYuLHe2dbfCalldLvoIMlKRPSxU6aab6NYOWETsORW59G4h3FI7iwba9Xju8WogxwGScTCXH1NJvdcwku_k9nBs3qNbEOMR2f_k4jhykE797uqI5sb7HgVAoJNw53POQA_VpVPTJeHxr2Ozo71JKD2-Y1PYlgDHcpbFFq2kqp5wkzyWNgjfyCLJs0wESYmy94fENYvtsSKehdihATnKrmN4cz5-1OTum8Wy5gOtdHE4F2oewXnLuyVzo_B3UO5PW84jr6iCuDzmpkM8vlLYzFuaDRj7ybMxZ5jgMfN1WzF6p0HdMgjHFkAwuzIgov9SYYND8GKJ3Pj6HP0db31qsQTTOmD1WAdeBD8aeJ1niul5D5CAfRCERtOxUZXw4BfmKRDKP6OgwrttI-qRVzbEevSMtO9fPfG179DuSAvuaj6P5Orry-24Iu2ZZGG0wrgyBEPizqUnErvU60jBMs5hdhsFJnZW_X-1jo97wqOfeGfzpmuPo5VfHY-x3MLkd-fNVhT1_tfxf9dJHOdTrmPYQYWBizSis54MOdA3l6ON44qxL7SAh6kVJx_A30Et46t_31ncUoVRaISXSEREy6Z7xBhPawQqyI287wIXp2vQbQQFg56B_mgr6uH1lcLyh5ig3D4fnRh8QPG3YKpvskaBqms3atNuqPTDrKph-pW336g=&sp=1&cb=_clkk8xw46mwbdsj7yx10t4&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24

62.122.171.6

200 OK

7 B

URL GET HTTP/2
limurol.com/ssp/req/1951167/?pb=ae04d9ba99e332c8081a351625c7965c1685196555&psp=K0E7nlalelkKvhgszt03XF8KdTk47sC6YOn-w4NUCxxIAMDRxfqTTSRuF2mGbvsuLX9LOh8t2DnCZQF7-A3m-4hrxUp54Rk3wcYuLHe2dbfCalldLvoIMlKRPSxU6aab6NYOWETsORW59G4h3FI7iwba9Xju8WogxwGScTCXH1NJvdcwku_k9nBs3qNbEOMR2f_k4jhykE797uqI5sb7HgVAoJNw53POQA_VpVPTJeHxr2Ozo71JKD2-Y1PYlgDHcpbFFq2kqp5wkzyWNgjfyCLJs0wESYmy94fENYvtsSKehdihATnKrmN4cz5-1OTum8Wy5gOtdHE4F2oewXnLuyVzo_B3UO5PW84jr6iCuDzmpkM8vlLYzFuaDRj7ybMxZ5jgMfN1WzF6p0HdMgjHFkAwuzIgov9SYYND8GKJ3Pj6HP0db31qsQTTOmD1WAdeBD8aeJ1niul5D5CAfRCERtOxUZXw4BfmKRDKP6OgwrttI-qRVzbEevSMtO9fPfG179DuSAvuaj6P5Orry-24Iu2ZZGG0wrgyBEPizqUnErvU60jBMs5hdhsFJnZW_X-1jo97wqOfeGfzpmuPo5VfHY-x3MLkd-fNVhT1_tfxf9dJHOdTrmPYQYWBizSis54MOdA3l6ON44qxL7SAh6kVJx_A30Et46t_31ncUoVRaISXSEREy6Z7xBhPawQqyI287wIXp2vQbQQFg56B_mgr6uH1lcLyh5ig3D4fnRh8QPG3YKpvskaBqms3atNuqPTDrKph-pW336g=&sp=1&cb=_clkk8xw46mwbdsj7yx10t4&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:443
ASN
#50245 Serverel Inc.

Requested by
https://send.cm/d/LHUG
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint72:B0:71:AA:BB:77:16:4F:5D:2B:24:A5:E4:E7:B9:A5:80:81:2D:D0
ValiditySun, 05 Feb 2023 11:13:42 GMT - Thu, 03 Aug 2023 21:59:00 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

HTTP Headers

GET /ssp/req/1951167/?pb=ae04d9ba99e332c8081a351625c7965c1685196555&psp=K0E7nlalelkKvhgszt03XF8KdTk47sC6YOn-w4NUCxxIAMDRxfqTTSRuF2mGbvsuLX9LOh8t2DnCZQF7-A3m-4hrxUp54Rk3wcYuLHe2dbfCalldLvoIMlKRPSxU6aab6NYOWETsORW59G4h3FI7iwba9Xju8WogxwGScTCXH1NJvdcwku_k9nBs3qNbEOMR2f_k4jhykE797uqI5sb7HgVAoJNw53POQA_VpVPTJeHxr2Ozo71JKD2-Y1PYlgDHcpbFFq2kqp5wkzyWNgjfyCLJs0wESYmy94fENYvtsSKehdihATnKrmN4cz5-1OTum8Wy5gOtdHE4F2oewXnLuyVzo_B3UO5PW84jr6iCuDzmpkM8vlLYzFuaDRj7ybMxZ5jgMfN1WzF6p0HdMgjHFkAwuzIgov9SYYND8GKJ3Pj6HP0db31qsQTTOmD1WAdeBD8aeJ1niul5D5CAfRCERtOxUZXw4BfmKRDKP6OgwrttI-qRVzbEevSMtO9fPfG179DuSAvuaj6P5Orry-24Iu2ZZGG0wrgyBEPizqUnErvU60jBMs5hdhsFJnZW_X-1jo97wqOfeGfzpmuPo5VfHY-x3MLkd-fNVhT1_tfxf9dJHOdTrmPYQYWBizSis54MOdA3l6ON44qxL7SAh6kVJx_A30Et46t_31ncUoVRaISXSEREy6Z7xBhPawQqyI287wIXp2vQbQQFg56B_mgr6uH1lcLyh5ig3D4fnRh8QPG3YKpvskaBqms3atNuqPTDrKph-pW336g=&sp=1&cb=_clkk8xw46mwbdsj7yx10t4&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:09:15 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2305270709fda1a39f966a4ea1a5e620780f; Path=/; Expires=Sun, 26 May 2024 12:09:15 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

62.122.171.6

200 OK

7 B

URL GET HTTP/2
limurol.com/ssp/req/1951167/?pb=ae04d9ba99e332c8081a351625c7965c1685196555&psp=K0E7nlalelkKvhgszt03XF8KdTk47sC6YOn-w4NUCxxIAMDRxfqTTSRuF2mGbvsuLX9LOh8t2DnCZQF7-A3m-4hrxUp54Rk3wcYuLHe2dbfCalldLvoIMlKRPSxU6aab6NYOWETsORW59G4h3FI7iwba9Xju8WogxwGScTCXH1NJvdcwku_k9nBs3qNbEOMR2f_k4jhykE797uqI5sb7HgVAoJNw53POQA_VpVPTJeHxr2Ozo71JKD2-Y1PYlgDHcpbFFq2kqp5wkzyWNgjfyCLJs0wESYmy94fENYvtsSKehdihATnKrmN4cz5-1OTum8Wy5gOtdHE4F2oewXnLuyVzo_B3UO5PW84jr6iCuDzmpkM8vlLYzFuaDRj7ybMxZ5jgMfN1WzF6p0HdMgjHFkAwuzIgov9SYYND8GKJ3Pj6HP0db31qsQTTOmD1WAdeBD8aeJ1niul5D5CAfRCERtOxUZXw4BfmKRDKP6OgwrttI-qRVzbEevSMtO9fPfG179DuSAvuaj6P5Orry-24Iu2ZZGG0wrgyBEPizqUnErvU60jBMs5hdhsFJnZW_X-1jo97wqOfeGfzpmuPo5VfHY-x3MLkd-fNVhT1_tfxf9dJHOdTrmPYQYWBizSis54MOdA3l6ON44qxL7SAh6kVJx_A30Et46t_31ncUoVRaISXSEREy6Z7xBhPawQqyI287wIXp2vQbQQFg56B_mgr6uH1lcLyh5ig3D4fnRh8QPG3YKpvskaBqms3atNuqPTDrKph-pW336g=&sp=1&cb=_clkk8xw46mwbdsj7yx10t4&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:443
ASN
#50245 Serverel Inc.

Requested by
https://send.cm/d/LHUG
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint72:B0:71:AA:BB:77:16:4F:5D:2B:24:A5:E4:E7:B9:A5:80:81:2D:D0
ValiditySun, 05 Feb 2023 11:13:42 GMT - Thu, 03 Aug 2023 21:59:00 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

HTTP Headers

GET /ssp/req/1951167/?pb=ae04d9ba99e332c8081a351625c7965c1685196555&psp=K0E7nlalelkKvhgszt03XF8KdTk47sC6YOn-w4NUCxxIAMDRxfqTTSRuF2mGbvsuLX9LOh8t2DnCZQF7-A3m-4hrxUp54Rk3wcYuLHe2dbfCalldLvoIMlKRPSxU6aab6NYOWETsORW59G4h3FI7iwba9Xju8WogxwGScTCXH1NJvdcwku_k9nBs3qNbEOMR2f_k4jhykE797uqI5sb7HgVAoJNw53POQA_VpVPTJeHxr2Ozo71JKD2-Y1PYlgDHcpbFFq2kqp5wkzyWNgjfyCLJs0wESYmy94fENYvtsSKehdihATnKrmN4cz5-1OTum8Wy5gOtdHE4F2oewXnLuyVzo_B3UO5PW84jr6iCuDzmpkM8vlLYzFuaDRj7ybMxZ5jgMfN1WzF6p0HdMgjHFkAwuzIgov9SYYND8GKJ3Pj6HP0db31qsQTTOmD1WAdeBD8aeJ1niul5D5CAfRCERtOxUZXw4BfmKRDKP6OgwrttI-qRVzbEevSMtO9fPfG179DuSAvuaj6P5Orry-24Iu2ZZGG0wrgyBEPizqUnErvU60jBMs5hdhsFJnZW_X-1jo97wqOfeGfzpmuPo5VfHY-x3MLkd-fNVhT1_tfxf9dJHOdTrmPYQYWBizSis54MOdA3l6ON44qxL7SAh6kVJx_A30Et46t_31ncUoVRaISXSEREy6Z7xBhPawQqyI287wIXp2vQbQQFg56B_mgr6uH1lcLyh5ig3D4fnRh8QPG3YKpvskaBqms3atNuqPTDrKph-pW336g=&sp=1&cb=_clkk8xw46mwbdsj7yx10t4&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:09:15 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2305270709c6c7ba55dc0b4335abcda68c58; Path=/; Expires=Sun, 26 May 2024 12:09:15 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

godpvqnszo.com/solid.gif?z=1951167&abvar=0

62.122.171.6

200 OK

43 B

URL POST HTTP/2
godpvqnszo.com/solid.gif?z=1951167&abvar=0
IP
62.122.171.6:443
ASN
#50245 Serverel Inc.

Requested by
https://send.cm/d/LHUG
Certificate
IssuerBuypass AS-983163327
Subject
FingerprintA3:18:81:46:21:23:25:D9:B2:A0:C9:DF:CC:95:3B:39:2C:75:77:82
ValiditySun, 05 Feb 2023 10:50:47 GMT - Thu, 03 Aug 2023 21:59:00 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

POST /solid.gif?z=1951167&abvar=0 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: UID=230527070950542e6d31944d4bbd4e4f739e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:09:15 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

send.cm/lib/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2

172.67.70.55

200 OK

74 kB

URL GET HTTP/3
send.cm/lib/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
Web Open Font Format (Version 2), TrueType, length 74256, version 329.-17761\012- data
Size
74 kB (74256 bytes)
Hash
418dad87601f9c8abd0e5798c0dc1feb
a6b003ef506e92d05cde73adf67487d7fd7ec6df
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

HTTP Headers

GET /lib/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/lib/@fortawesome/fontawesome-free/css/fa.min.css
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c6f6a9f10f28066c.1685189355.; _pk_ses.1.43ee=1; c_7hyj5tegwm4sd2=lpbgegsvzsz6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:15 GMT
content-length: 74256
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
etag: "12210-5ae64b14b0680"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cache-control: max-age=259200
cf-cache-status: HIT
age: 621
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VED3KbYrBaZwPGG3dTrMR5FHku2WJczQ%2B2owAlPEoNC%2BrkpExzG0znvfbkwbxlUP8SIHeNZtmRXfB5sGEYbi8e4fkCYoK7izUPOQU9RpOBFTfo5BlpkkqkM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cde25deffefb4f7-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=UA-3400026-25

142.250.74.72

200 OK

47 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-3400026-25
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with very long lines (2271)
Size
47 kB (46848 bytes)
Hash
facc7e5770e0ef387a71d1b7172411dd
2c663e30d1eb4b330e959dbb222c37d193b37b20
7facd3b189610da3974d21020221994856642751e23c398e2b20f56edb8862ce

HTTP Headers

GET /gtag/js?id=UA-3400026-25 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 27 May 2023 12:09:15 GMT
expires: Sat, 27 May 2023 12:09:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

limurol.com/ssp/req/1951167/?pb=ae04d9ba99e332c8081a351625c7965c1685196555&psp=VR0_W99OOqLmYBg1Pb2GgmRazHLbjPc7XHkNwYPQp23WL_WHQuIgrV5kPxnbZGnIov7o0MTS2uD0OXsVoNZdBvIYs4PWPUNDhichAOUJOiRysTHVAp8GW4V7byUr5XIdT19Jn7Ir464WO7OAUI9BOayGoHl-C91UiWn8Gc6VxAXGR77d9Ve0FEBSgtx_ibsHxZFLx-N4PCWgjxpTsEJ-l57_VaIn11-1mZujo02LEAsTH9QPAdsbHXc4Ssu4waPdxR3oHOzhUbVxgoe37aKWWZORSv0nz1E9GIcGlyGaE_ezl2Xc5DieBTKLa4BzNfPmGhrGhvexMQcmX9QuonYJY8c-dJJsMsS2ZpCrflssEfRTp0UmrX4VhfhmiTzzqnkuy977ivOi1LIYuK6cJKJrG07fHPwQar_OdZKcer2-dehJEJtnxCjQBQmfzv7JmHK4oHDeHij_5DBv2L9wPHoG7Cl7tFr27wAnyVUPmazU8whGVvXZ__FKl1-8KfYxMar2r_MIkQoxY3wyDXfyfIpO7bH_4KubzoBO0Orh290cZRy_mlBBT_PLoQSDXy5VkCbp0W_Nch2KMxDWmvhjNqLJ7vtQEkH3zGQ4fdQnZuJoE3K1Yw95-8t9fucbwU7b-Jlh7B5-yxIsaC_P6j7c4XmvPddKYwrocDimrueSzHGbcsdNI4g80fKDNZs2hKsfH0lmTtZz0LkaxraL9SHZsUqPt4G9_FbAn5qE-s7wwJWfMZd7zRVFOgDYYYIgv7yzkmBnLum57N_BwTc=&sp=1&cb=_clee4cwacvaoxw992j4jvz&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24

62.122.171.6

200 OK

7 B

URL GET HTTP/2
limurol.com/ssp/req/1951167/?pb=ae04d9ba99e332c8081a351625c7965c1685196555&psp=VR0_W99OOqLmYBg1Pb2GgmRazHLbjPc7XHkNwYPQp23WL_WHQuIgrV5kPxnbZGnIov7o0MTS2uD0OXsVoNZdBvIYs4PWPUNDhichAOUJOiRysTHVAp8GW4V7byUr5XIdT19Jn7Ir464WO7OAUI9BOayGoHl-C91UiWn8Gc6VxAXGR77d9Ve0FEBSgtx_ibsHxZFLx-N4PCWgjxpTsEJ-l57_VaIn11-1mZujo02LEAsTH9QPAdsbHXc4Ssu4waPdxR3oHOzhUbVxgoe37aKWWZORSv0nz1E9GIcGlyGaE_ezl2Xc5DieBTKLa4BzNfPmGhrGhvexMQcmX9QuonYJY8c-dJJsMsS2ZpCrflssEfRTp0UmrX4VhfhmiTzzqnkuy977ivOi1LIYuK6cJKJrG07fHPwQar_OdZKcer2-dehJEJtnxCjQBQmfzv7JmHK4oHDeHij_5DBv2L9wPHoG7Cl7tFr27wAnyVUPmazU8whGVvXZ__FKl1-8KfYxMar2r_MIkQoxY3wyDXfyfIpO7bH_4KubzoBO0Orh290cZRy_mlBBT_PLoQSDXy5VkCbp0W_Nch2KMxDWmvhjNqLJ7vtQEkH3zGQ4fdQnZuJoE3K1Yw95-8t9fucbwU7b-Jlh7B5-yxIsaC_P6j7c4XmvPddKYwrocDimrueSzHGbcsdNI4g80fKDNZs2hKsfH0lmTtZz0LkaxraL9SHZsUqPt4G9_FbAn5qE-s7wwJWfMZd7zRVFOgDYYYIgv7yzkmBnLum57N_BwTc=&sp=1&cb=_clee4cwacvaoxw992j4jvz&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:443
ASN
#50245 Serverel Inc.

Requested by
https://send.cm/d/LHUG
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint72:B0:71:AA:BB:77:16:4F:5D:2B:24:A5:E4:E7:B9:A5:80:81:2D:D0
ValiditySun, 05 Feb 2023 11:13:42 GMT - Thu, 03 Aug 2023 21:59:00 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

HTTP Headers

GET /ssp/req/1951167/?pb=ae04d9ba99e332c8081a351625c7965c1685196555&psp=VR0_W99OOqLmYBg1Pb2GgmRazHLbjPc7XHkNwYPQp23WL_WHQuIgrV5kPxnbZGnIov7o0MTS2uD0OXsVoNZdBvIYs4PWPUNDhichAOUJOiRysTHVAp8GW4V7byUr5XIdT19Jn7Ir464WO7OAUI9BOayGoHl-C91UiWn8Gc6VxAXGR77d9Ve0FEBSgtx_ibsHxZFLx-N4PCWgjxpTsEJ-l57_VaIn11-1mZujo02LEAsTH9QPAdsbHXc4Ssu4waPdxR3oHOzhUbVxgoe37aKWWZORSv0nz1E9GIcGlyGaE_ezl2Xc5DieBTKLa4BzNfPmGhrGhvexMQcmX9QuonYJY8c-dJJsMsS2ZpCrflssEfRTp0UmrX4VhfhmiTzzqnkuy977ivOi1LIYuK6cJKJrG07fHPwQar_OdZKcer2-dehJEJtnxCjQBQmfzv7JmHK4oHDeHij_5DBv2L9wPHoG7Cl7tFr27wAnyVUPmazU8whGVvXZ__FKl1-8KfYxMar2r_MIkQoxY3wyDXfyfIpO7bH_4KubzoBO0Orh290cZRy_mlBBT_PLoQSDXy5VkCbp0W_Nch2KMxDWmvhjNqLJ7vtQEkH3zGQ4fdQnZuJoE3K1Yw95-8t9fucbwU7b-Jlh7B5-yxIsaC_P6j7c4XmvPddKYwrocDimrueSzHGbcsdNI4g80fKDNZs2hKsfH0lmTtZz0LkaxraL9SHZsUqPt4G9_FbAn5qE-s7wwJWfMZd7zRVFOgDYYYIgv7yzkmBnLum57N_BwTc=&sp=1&cb=_clee4cwacvaoxw992j4jvz&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: UID=2305270709c6c7ba55dc0b4335abcda68c58
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:09:15 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

62.122.171.6

200 OK

7 B

URL GET HTTP/2
limurol.com/ssp/req/1951167/?pb=ae04d9ba99e332c8081a351625c7965c1685196555&psp=K0E7nlalelkKvhgszt03XF8KdTk47sC6YOn-w4NUCxxIAMDRxfqTTSRuF2mGbvsuLX9LOh8t2DnCZQF7-A3m-4hrxUp54Rk3wcYuLHe2dbfCalldLvoIMlKRPSxU6aab6NYOWETsORW59G4h3FI7iwba9Xju8WogxwGScTCXH1NJvdcwku_k9nBs3qNbEOMR2f_k4jhykE797uqI5sb7HgVAoJNw53POQA_VpVPTJeHxr2Ozo71JKD2-Y1PYlgDHcpbFFq2kqp5wkzyWNgjfyCLJs0wESYmy94fENYvtsSKehdihATnKrmN4cz5-1OTum8Wy5gOtdHE4F2oewXnLuyVzo_B3UO5PW84jr6iCuDzmpkM8vlLYzFuaDRj7ybMxZ5jgMfN1WzF6p0HdMgjHFkAwuzIgov9SYYND8GKJ3Pj6HP0db31qsQTTOmD1WAdeBD8aeJ1niul5D5CAfRCERtOxUZXw4BfmKRDKP6OgwrttI-qRVzbEevSMtO9fPfG179DuSAvuaj6P5Orry-24Iu2ZZGG0wrgyBEPizqUnErvU60jBMs5hdhsFJnZW_X-1jo97wqOfeGfzpmuPo5VfHY-x3MLkd-fNVhT1_tfxf9dJHOdTrmPYQYWBizSis54MOdA3l6ON44qxL7SAh6kVJx_A30Et46t_31ncUoVRaISXSEREy6Z7xBhPawQqyI287wIXp2vQbQQFg56B_mgr6uH1lcLyh5ig3D4fnRh8QPG3YKpvskaBqms3atNuqPTDrKph-pW336g=&sp=1&cb=_clkk8xw46mwbdsj7yx10t4&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:443
ASN
#50245 Serverel Inc.

Requested by
https://send.cm/d/LHUG
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint72:B0:71:AA:BB:77:16:4F:5D:2B:24:A5:E4:E7:B9:A5:80:81:2D:D0
ValiditySun, 05 Feb 2023 11:13:42 GMT - Thu, 03 Aug 2023 21:59:00 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

HTTP Headers

GET /ssp/req/1951167/?pb=ae04d9ba99e332c8081a351625c7965c1685196555&psp=K0E7nlalelkKvhgszt03XF8KdTk47sC6YOn-w4NUCxxIAMDRxfqTTSRuF2mGbvsuLX9LOh8t2DnCZQF7-A3m-4hrxUp54Rk3wcYuLHe2dbfCalldLvoIMlKRPSxU6aab6NYOWETsORW59G4h3FI7iwba9Xju8WogxwGScTCXH1NJvdcwku_k9nBs3qNbEOMR2f_k4jhykE797uqI5sb7HgVAoJNw53POQA_VpVPTJeHxr2Ozo71JKD2-Y1PYlgDHcpbFFq2kqp5wkzyWNgjfyCLJs0wESYmy94fENYvtsSKehdihATnKrmN4cz5-1OTum8Wy5gOtdHE4F2oewXnLuyVzo_B3UO5PW84jr6iCuDzmpkM8vlLYzFuaDRj7ybMxZ5jgMfN1WzF6p0HdMgjHFkAwuzIgov9SYYND8GKJ3Pj6HP0db31qsQTTOmD1WAdeBD8aeJ1niul5D5CAfRCERtOxUZXw4BfmKRDKP6OgwrttI-qRVzbEevSMtO9fPfG179DuSAvuaj6P5Orry-24Iu2ZZGG0wrgyBEPizqUnErvU60jBMs5hdhsFJnZW_X-1jo97wqOfeGfzpmuPo5VfHY-x3MLkd-fNVhT1_tfxf9dJHOdTrmPYQYWBizSis54MOdA3l6ON44qxL7SAh6kVJx_A30Et46t_31ncUoVRaISXSEREy6Z7xBhPawQqyI287wIXp2vQbQQFg56B_mgr6uH1lcLyh5ig3D4fnRh8QPG3YKpvskaBqms3atNuqPTDrKph-pW336g=&sp=1&cb=_clkk8xw46mwbdsj7yx10t4&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: UID=2305270709c6c7ba55dc0b4335abcda68c58
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:09:15 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

godpvqnszo.com/get/1951167?zoneid=1951167&jp=_cl3y3ervbn4bj3x92x2rox&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&cid=110440569560815

62.122.171.6

200 OK

35 kB

URL GET HTTP/2
godpvqnszo.com/get/1951167?zoneid=1951167&jp=_cl3y3ervbn4bj3x92x2rox&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&cid=110440569560815
IP
62.122.171.6:443
ASN
#50245 Serverel Inc.

Requested by
https://send.cm/d/LHUG
Certificate
IssuerBuypass AS-983163327
Subject
FingerprintA3:18:81:46:21:23:25:D9:B2:A0:C9:DF:CC:95:3B:39:2C:75:77:82
ValiditySun, 05 Feb 2023 10:50:47 GMT - Thu, 03 Aug 2023 21:59:00 GMT

File type
ASCII text, with very long lines (61227)
Size
35 kB (35035 bytes)
Hash
8b6be16b20beec8e764234656e8d3569
dbfdf82571c4cff30c76a748bb9b967507243ac9
d379dc590a3a46f73ec154489db5c558237e21dc84a6ecaeb54b94346ba5fce9

HTTP Headers

GET /get/1951167?zoneid=1951167&jp=_cl3y3ervbn4bj3x92x2rox&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&cid=110440569560815 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:09:15 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=230527070950542e6d31944d4bbd4e4f739e; Path=/; Expires=Sun, 26 May 2024 12:09:15 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

etheappyrincea.info/utx?cb=4cVQzroDvz9q&top=send.cm&tid=984022

52.85.242.80

204 No Content

0 B

URL GET HTTP/2
etheappyrincea.info/utx?cb=4cVQzroDvz9q&top=send.cm&tid=984022
IP
52.85.242.80:443
ASN
#16509 AMAZON-02

Requested by
https://send.cm/d/LHUG
Certificate
IssuerAmazon
Subjectetheappyrincea.info
FingerprintCA:17:98:7B:06:0A:D6:B9:7E:AA:96:FD:C8:F2:25:18:71:71:A8:4E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=4cVQzroDvz9q&top=send.cm&tid=984022 HTTP/1.1
Host: etheappyrincea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 27 May 2023 12:09:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://send.cm
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 27 May 2023 12:10:15 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 fb13343f41a549822047f18ba839fd5a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 0X_GPLYN-kVhzKQKPq-25c_HDoBR_3VYH0twzX0EEGu6dO__0s1F9w==
X-Firefox-Spdy: h2

send.cm/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js

172.67.70.55

200 OK

12 kB

URL GET HTTP/3
send.cm/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
ASCII text, with very long lines (25040), with no line terminators
Size
12 kB (12248 bytes)
Hash
f20edfa6723f3b21c647a04ddb3fcc01
a327217c7f219a53ba7f30d96b452c1e7a190670
b409cc589dd9a4c36acfe4f8f21efc5560ca773ddd9078a1374402ba479a4477

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c6f6a9f10f28066c.1685189355.; _pk_ses.1.43ee=1; c_7hyj5tegwm4sd2=lpbgegsvzsz6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9kwDyfccm7Jq314ufvyDzgNFdWoZKbqg30Zs3dz6iIpFI0HUHLzvQ%2FWZ4rvEOqD7L9TFhATanJ9YpA6LGcXOZYJ4COOz7PBXMqB2t65IhTYFvpDDSsD0ZE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25df78a9b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

62.122.171.6

200 OK

7 B

URL GET HTTP/2
limurol.com/ssp/req/1951167/?pb=ae04d9ba99e332c8081a351625c7965c1685196555&psp=VR0_W99OOqLmYBg1Pb2GgmRazHLbjPc7XHkNwYPQp23WL_WHQuIgrV5kPxnbZGnIov7o0MTS2uD0OXsVoNZdBvIYs4PWPUNDhichAOUJOiRysTHVAp8GW4V7byUr5XIdT19Jn7Ir464WO7OAUI9BOayGoHl-C91UiWn8Gc6VxAXGR77d9Ve0FEBSgtx_ibsHxZFLx-N4PCWgjxpTsEJ-l57_VaIn11-1mZujo02LEAsTH9QPAdsbHXc4Ssu4waPdxR3oHOzhUbVxgoe37aKWWZORSv0nz1E9GIcGlyGaE_ezl2Xc5DieBTKLa4BzNfPmGhrGhvexMQcmX9QuonYJY8c-dJJsMsS2ZpCrflssEfRTp0UmrX4VhfhmiTzzqnkuy977ivOi1LIYuK6cJKJrG07fHPwQar_OdZKcer2-dehJEJtnxCjQBQmfzv7JmHK4oHDeHij_5DBv2L9wPHoG7Cl7tFr27wAnyVUPmazU8whGVvXZ__FKl1-8KfYxMar2r_MIkQoxY3wyDXfyfIpO7bH_4KubzoBO0Orh290cZRy_mlBBT_PLoQSDXy5VkCbp0W_Nch2KMxDWmvhjNqLJ7vtQEkH3zGQ4fdQnZuJoE3K1Yw95-8t9fucbwU7b-Jlh7B5-yxIsaC_P6j7c4XmvPddKYwrocDimrueSzHGbcsdNI4g80fKDNZs2hKsfH0lmTtZz0LkaxraL9SHZsUqPt4G9_FbAn5qE-s7wwJWfMZd7zRVFOgDYYYIgv7yzkmBnLum57N_BwTc=&sp=1&cb=_clee4cwacvaoxw992j4jvz&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:443
ASN
#50245 Serverel Inc.

Requested by
https://send.cm/d/LHUG
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint72:B0:71:AA:BB:77:16:4F:5D:2B:24:A5:E4:E7:B9:A5:80:81:2D:D0
ValiditySun, 05 Feb 2023 11:13:42 GMT - Thu, 03 Aug 2023 21:59:00 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

HTTP Headers

GET /ssp/req/1951167/?pb=ae04d9ba99e332c8081a351625c7965c1685196555&psp=VR0_W99OOqLmYBg1Pb2GgmRazHLbjPc7XHkNwYPQp23WL_WHQuIgrV5kPxnbZGnIov7o0MTS2uD0OXsVoNZdBvIYs4PWPUNDhichAOUJOiRysTHVAp8GW4V7byUr5XIdT19Jn7Ir464WO7OAUI9BOayGoHl-C91UiWn8Gc6VxAXGR77d9Ve0FEBSgtx_ibsHxZFLx-N4PCWgjxpTsEJ-l57_VaIn11-1mZujo02LEAsTH9QPAdsbHXc4Ssu4waPdxR3oHOzhUbVxgoe37aKWWZORSv0nz1E9GIcGlyGaE_ezl2Xc5DieBTKLa4BzNfPmGhrGhvexMQcmX9QuonYJY8c-dJJsMsS2ZpCrflssEfRTp0UmrX4VhfhmiTzzqnkuy977ivOi1LIYuK6cJKJrG07fHPwQar_OdZKcer2-dehJEJtnxCjQBQmfzv7JmHK4oHDeHij_5DBv2L9wPHoG7Cl7tFr27wAnyVUPmazU8whGVvXZ__FKl1-8KfYxMar2r_MIkQoxY3wyDXfyfIpO7bH_4KubzoBO0Orh290cZRy_mlBBT_PLoQSDXy5VkCbp0W_Nch2KMxDWmvhjNqLJ7vtQEkH3zGQ4fdQnZuJoE3K1Yw95-8t9fucbwU7b-Jlh7B5-yxIsaC_P6j7c4XmvPddKYwrocDimrueSzHGbcsdNI4g80fKDNZs2hKsfH0lmTtZz0LkaxraL9SHZsUqPt4G9_FbAn5qE-s7wwJWfMZd7zRVFOgDYYYIgv7yzkmBnLum57N_BwTc=&sp=1&cb=_clee4cwacvaoxw992j4jvz&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: UID=2305270709c6c7ba55dc0b4335abcda68c58
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:09:15 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

prebid.a-mo.net/a/c

147.75.84.158

204 No Content

0 B

URL POST HTTP/2
prebid.a-mo.net/a/c
IP
147.75.84.158:443
ASN
#54825 PACKET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
Fingerprint86:27:A6:73:5B:D6:49:31:AD:38:AE:5D:D8:43:D7:59:83:60:76:B4
ValidityThu, 13 Apr 2023 07:33:05 GMT - Wed, 12 Jul 2023 07:33:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1984
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://send.cm
cache-control: max-age=0, private, must-revalidate
date: Sat, 27 May 2023 12:09:15 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2

pogothere.xyz/

104.21.0.182

200 OK

28 B

URL GET HTTP/2
pogothere.xyz/
IP
104.21.0.182:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
28 B (28 bytes)
Hash
9b508a8bbb297ccaacf6475e03f9a022
bd6472892d2e01d1a1a4adb2043309225e8eefc0
d644fdc9bca96054f213bdbd54b739e8ed8229318f828314f58be1004379c3f1

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 12:09:15 GMT
content-type: text/plain
set-cookie: csu=1815545238345519@1@1685189355; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ar1GhEqIwq%2Fij3qQdfwaH3R%2BIVY1QTlCszQFqW9Z37v54fzdZT80SFAGtJTow%2BCfDG7bBptiZsQURV7nAojP53a9uVR3DRqET86Ac7Mhs9ka41mQ6d6xDZqCgjEgM4Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25dfb83c0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

onetag-sys.com/prebid-request

51.89.9.253

200 OK

41 B

URL POST HTTP/2
onetag-sys.com/prebid-request
IP
51.89.9.253:443
ASN
#16276 OVH SAS

Requested by
https://send.cm/d/LHUG
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint1B:3E:A7:6D:D6:26:C6:9E:AB:38:DE:9E:22:71:64:8C:9F:91:0B:7B
ValidityWed, 28 Dec 2022 00:00:00 GMT - Sun, 28 Jan 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
41 B (41 bytes)
Hash
c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

HTTP Headers

POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2200
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://send.cm
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2

62.122.171.6

200 OK

7 B

URL GET HTTP/2
limurol.com/ssp/req/1951167/?pb=ae04d9ba99e332c8081a351625c7965c1685196555&psp=VR0_W99OOqLmYBg1Pb2GgmRazHLbjPc7XHkNwYPQp23WL_WHQuIgrV5kPxnbZGnIov7o0MTS2uD0OXsVoNZdBvIYs4PWPUNDhichAOUJOiRysTHVAp8GW4V7byUr5XIdT19Jn7Ir464WO7OAUI9BOayGoHl-C91UiWn8Gc6VxAXGR77d9Ve0FEBSgtx_ibsHxZFLx-N4PCWgjxpTsEJ-l57_VaIn11-1mZujo02LEAsTH9QPAdsbHXc4Ssu4waPdxR3oHOzhUbVxgoe37aKWWZORSv0nz1E9GIcGlyGaE_ezl2Xc5DieBTKLa4BzNfPmGhrGhvexMQcmX9QuonYJY8c-dJJsMsS2ZpCrflssEfRTp0UmrX4VhfhmiTzzqnkuy977ivOi1LIYuK6cJKJrG07fHPwQar_OdZKcer2-dehJEJtnxCjQBQmfzv7JmHK4oHDeHij_5DBv2L9wPHoG7Cl7tFr27wAnyVUPmazU8whGVvXZ__FKl1-8KfYxMar2r_MIkQoxY3wyDXfyfIpO7bH_4KubzoBO0Orh290cZRy_mlBBT_PLoQSDXy5VkCbp0W_Nch2KMxDWmvhjNqLJ7vtQEkH3zGQ4fdQnZuJoE3K1Yw95-8t9fucbwU7b-Jlh7B5-yxIsaC_P6j7c4XmvPddKYwrocDimrueSzHGbcsdNI4g80fKDNZs2hKsfH0lmTtZz0LkaxraL9SHZsUqPt4G9_FbAn5qE-s7wwJWfMZd7zRVFOgDYYYIgv7yzkmBnLum57N_BwTc=&sp=1&cb=_clee4cwacvaoxw992j4jvz&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:443
ASN
#50245 Serverel Inc.

Requested by
https://send.cm/d/LHUG
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint72:B0:71:AA:BB:77:16:4F:5D:2B:24:A5:E4:E7:B9:A5:80:81:2D:D0
ValiditySun, 05 Feb 2023 11:13:42 GMT - Thu, 03 Aug 2023 21:59:00 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

HTTP Headers

GET /ssp/req/1951167/?pb=ae04d9ba99e332c8081a351625c7965c1685196555&psp=VR0_W99OOqLmYBg1Pb2GgmRazHLbjPc7XHkNwYPQp23WL_WHQuIgrV5kPxnbZGnIov7o0MTS2uD0OXsVoNZdBvIYs4PWPUNDhichAOUJOiRysTHVAp8GW4V7byUr5XIdT19Jn7Ir464WO7OAUI9BOayGoHl-C91UiWn8Gc6VxAXGR77d9Ve0FEBSgtx_ibsHxZFLx-N4PCWgjxpTsEJ-l57_VaIn11-1mZujo02LEAsTH9QPAdsbHXc4Ssu4waPdxR3oHOzhUbVxgoe37aKWWZORSv0nz1E9GIcGlyGaE_ezl2Xc5DieBTKLa4BzNfPmGhrGhvexMQcmX9QuonYJY8c-dJJsMsS2ZpCrflssEfRTp0UmrX4VhfhmiTzzqnkuy977ivOi1LIYuK6cJKJrG07fHPwQar_OdZKcer2-dehJEJtnxCjQBQmfzv7JmHK4oHDeHij_5DBv2L9wPHoG7Cl7tFr27wAnyVUPmazU8whGVvXZ__FKl1-8KfYxMar2r_MIkQoxY3wyDXfyfIpO7bH_4KubzoBO0Orh290cZRy_mlBBT_PLoQSDXy5VkCbp0W_Nch2KMxDWmvhjNqLJ7vtQEkH3zGQ4fdQnZuJoE3K1Yw95-8t9fucbwU7b-Jlh7B5-yxIsaC_P6j7c4XmvPddKYwrocDimrueSzHGbcsdNI4g80fKDNZs2hKsfH0lmTtZz0LkaxraL9SHZsUqPt4G9_FbAn5qE-s7wwJWfMZd7zRVFOgDYYYIgv7yzkmBnLum57N_BwTc=&sp=1&cb=_clee4cwacvaoxw992j4jvz&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: UID=2305270709c6c7ba55dc0b4335abcda68c58
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:09:15 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff

172.67.70.55

200 OK

77 kB

URL GET HTTP/3
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
Web Open Font Format, TrueType, length 77420, version 1.1\012- data
Size
77 kB (77420 bytes)
Hash
2afba28a9ce96315436db858db163c47
550d4374a60527b4f68d4700019aaac11a9140a2
b51d665d9cfebb31a2b61491bf408a172a5791166a0eb99a57ae4a7acbcba0d4

HTTP Headers

GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c6f6a9f10f28066c.1685189355.; _pk_ses.1.43ee=1; c_7hyj5tegwm4sd2=lpbgegsvzsz6; __cf_bm=XDM8D.duvVmHDQGbq8td7COCFSuZE84gTv6GhNZn6.Q-1685189355-0-ARot0JUpI71QIWeTzudRTLfc5Pe6RVHEjxa46cWvG2AHls3MHF4ybzdMmcCP98dftzce8TMN2SONmik2KG734X+F6HBDEJW9tuGrywyOFBnp
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:15 GMT
content-type: font/woff
content-length: 77420
last-modified: Thu, 17 Sep 2020 12:29:21 GMT
etag: "5f6356a1-12e6c"
expires: Tue, 09 May 2023 15:47:58 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1079740
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znthU59yE6u8gV5TDan5Z04wB6fJrQ6pzvvPQCpD8xhzJcbvH7ri%2FdFaqhtXuWeJm2xqRBStXOzHQ%2Bt9zAdA%2BwnVhYv5Gjib112NYFenSBWr68RXlXn1s18%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cde25e27dedb4f7-OSL
alt-svc: h3=":443"; ma=86400

send.cm/lib/bootstrap/js/bootstrap.bundle.min.js

172.67.70.55

200 OK

105 kB

URL GET HTTP/3
send.cm/lib/bootstrap/js/bootstrap.bundle.min.js
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
ASCII text, with very long lines (65297)
Size
105 kB (104635 bytes)
Hash
a454220fc07088bf1fdd19313b6bfd50
265a733cb7fbc481fd2510a659a85ad55c93c895
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

HTTP Headers

GET /lib/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c6f6a9f10f28066c.1685189355.; _pk_ses.1.43ee=1; c_7hyj5tegwm4sd2=lpbgegsvzsz6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:15 GMT
content-type: application/javascript; charset=utf8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
etag: W/"1332b-5ae64b14b0680-gzip"
vary: Accept-Encoding
expires: Sat, 27 May 2023 12:01:21 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmJHeX9RTebJ4%2BaFwZiUypZU85lIHtxd%2BTF4aCS66KWtFWxCjwAs4kaECRt9GrIX4lPK5HbEwuObEzRwt0jqZ2iHqmADLHKuPsIloTSJ3lRIRRJKmTPrdaQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25deffe0b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff

172.67.70.55

200 OK

82 kB

URL GET HTTP/3
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
Web Open Font Format, TrueType, length 82076, version 1.1\012- data
Size
82 kB (82076 bytes)
Hash
dac78b0f1626eb1aa95d41b488e699c1
a377d0df34945fc45bdc030dc63139bd9cf28a2d
ee6d9467e82f91146b9f71f3ac572d66f4aeed0f261b30ef4765550edc11119d

HTTP Headers

GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c6f6a9f10f28066c.1685189355.; _pk_ses.1.43ee=1; c_7hyj5tegwm4sd2=lpbgegsvzsz6; __cf_bm=XDM8D.duvVmHDQGbq8td7COCFSuZE84gTv6GhNZn6.Q-1685189355-0-ARot0JUpI71QIWeTzudRTLfc5Pe6RVHEjxa46cWvG2AHls3MHF4ybzdMmcCP98dftzce8TMN2SONmik2KG734X+F6HBDEJW9tuGrywyOFBnp
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:15 GMT
content-type: font/woff
content-length: 82076
last-modified: Thu, 17 Sep 2020 12:29:20 GMT
vary: Accept-Encoding
etag: "5f6356a0-1409c"
expires: Fri, 26 May 2023 04:19:48 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 882845
accept-ranges: bytes
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdEcWNDvOBQ2tjcyvVuyuSUTl60mTnTo6KSiRo3Lo%2BfM7qJexC9madlbUguwvIwBn0uea5FkuPpCdvn5%2B1UEzO89iBMjNk%2FWIwYbBUC3E7NYkTHbCIh5mSw%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=O.nZsZASJU3wMqq.i2p0IRGcBCFcnWmW9NPVnDehn2s-1685189355-0-ASdDakb8iKTdDgRRrkZD8xQhr7t7YlBel2mHbfh7FcDwCbd-2RfMfGgSCafB8ChsLtHLB81Lfn176aSbI8TGRdrd_T1ehvGNvAZ9jrObMAMoljLon_1jdQ-B8gvtm8pvOKVI3hSfqtFixcC9ugEs6KE"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=O.nZsZASJU3wMqq.i2p0IRGcBCFcnWmW9NPVnDehn2s-1685189355-0-ASdDakb8iKTdDgRRrkZD8xQhr7t7YlBel2mHbfh7FcDwCbd-2RfMfGgSCafB8ChsLtHLB81Lfn176aSbI8TGRdrd_T1ehvGNvAZ9jrObMAMoljLon_1jdQ-B8gvtm8pvOKVI3hSfqtFixcC9ugEs6KE; report-to cf-csp-endpoint
server: cloudflare
cf-ray: 7cde25e27deeb4f7-OSL
alt-svc: h3=":443"; ma=86400

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneErq4lAdg3pfAvS4cFPSYWzwD3mDvAbmS3iTP9rjRQfBfJUYqD8Ku5OyQMFGjp6HjYKGFreSg

216.58.207.237

302 Found

399 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneErq4lAdg3pfAvS4cFPSYWzwD3mDvAbmS3iTP9rjRQfBfJUYqD8Ku5OyQMFGjp6HjYKGFreSg
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (382)
Size
399 B (399 bytes)
Hash
e3453ac89070b2587f7357f88cbf8a82
6a82dab387521582bbf0f9a501e394779bd5fd5d
6a23bf0da02d66093004e1791961d1416cee710f7585465cd1c111fbca51aa4c

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneErq4lAdg3pfAvS4cFPSYWzwD3mDvAbmS3iTP9rjRQfBfJUYqD8Ku5OyQMFGjp6HjYKGFreSg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:p2WU2_bfB3H9WoGFrn89rRrY67pdkA:8B6gwlRXtGp7OhXW;Path=/;Expires=Mon, 26-May-2025 12:09:16 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 12:09:16 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-788054214%3A1685189356075418&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneG6b5AVnkRdDJkbyYTwj2rGJJP4Pq6T77g95cwTvuQFrYhM848FJO9JI157PLnntx6LKkVx&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-nqFSje218WItXqFZ_atmSQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 399
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneHfDprjj6aIN-d-ISsMSBJDAS4cJFaied4qAeHUx-cjUcpz2P0sWQeSYsthCTL9cdlKiz-vtw

216.58.207.237

302 Found

393 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneHfDprjj6aIN-d-ISsMSBJDAS4cJFaied4qAeHUx-cjUcpz2P0sWQeSYsthCTL9cdlKiz-vtw
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Size
393 B (393 bytes)
Hash
d88423add89be00c59e0ae6c31ee18cc
a33dbbf618f53961f8a0c9197c4b285085dc0f5c
8d43c0c9f24d78f5d2408b2d95269f492ce6a51e02c269855da7cca06ebd0544

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneHfDprjj6aIN-d-ISsMSBJDAS4cJFaied4qAeHUx-cjUcpz2P0sWQeSYsthCTL9cdlKiz-vtw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:THxM47u8z2Jt2fE2vbI4QsgwTgomYQ:W5VTPAkGKX5fpQuE;Path=/;Expires=Mon, 26-May-2025 12:09:16 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 12:09:16 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1509873484%3A1685189356092106&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneE0aqLsfNif9mWN04jWqiFwf_B80KE5PZfFE_Jfues2HOqph6jbfKL4zgze-BJVtskq7u0D&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-0ry1CMlE2rJXigFl_I_S_g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 393
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

id.a-mx.com/sync/?tagId=&ref=null&u=https://send.cm/d/LHUG&tl=https://send.cm/d/LHUG&nf=0&rt=true&v=7.47.0&av=2.0&vg=aaw&us_privacy=null&am=null&gdpr=0&gdpr_consent=

104.21.41.253

302 Found

0 B

URL GET HTTP/2
id.a-mx.com/sync/?tagId=&ref=null&u=https://send.cm/d/LHUG&tl=https://send.cm/d/LHUG&nf=0&rt=true&v=7.47.0&av=2.0&vg=aaw&us_privacy=null&am=null&gdpr=0&gdpr_consent=
IP
104.21.41.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerLet's Encrypt
Subjecta-mx.com
Fingerprint93:1B:3E:6F:0C:42:D4:9E:E2:06:0B:31:BD:11:83:9D:CF:0D:0C:67
ValidityMon, 01 May 2023 03:57:58 GMT - Sun, 30 Jul 2023 03:57:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/?tagId=&ref=null&u=https://send.cm/d/LHUG&tl=https://send.cm/d/LHUG&nf=0&rt=true&v=7.47.0&av=2.0&vg=aaw&us_privacy=null&am=null&gdpr=0&gdpr_consent= HTTP/1.1
Host: id.a-mx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 27 May 2023 12:09:16 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
location: https://c3.a-mo.net/b?gdpr=0&gdpr_consent=&us_privacy=null&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IN098SETZdlQm6uCy7a6POAQTJqQgEl3N%2B8yxUpRay0xBI4dLCRoV%2F%2FTUV9tNLoC54y%2BceeEAgOVeY3CyuDlP7XiGUudD6duqJ%2Fzm%2F4yZlV5Ix%2Bh%2FPX%2F6W%2F1%2Fu6r8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cde25e64f0f067b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-3400026-25&l=dataLayer&cx=c

142.250.74.72

200 OK

47 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-3400026-25&l=dataLayer&cx=c
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with very long lines (2271)
Size
47 kB (46851 bytes)
Hash
9a25b1e3a3fd1195e19e262ba2e54c27
3db1fe4c623765010665d0971a600e21fb057d44
ee7829b8ad54b34dce5cf5c08ca0c7ca44f7b40be74f22aa84de1851b17831b0

HTTP Headers

GET /gtag/js?id=UA-3400026-25&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 27 May 2023 12:09:16 GMT
expires: Sat, 27 May 2023 12:09:16 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46851
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

s.seedtag.com/c/hb/bid

34.149.50.64

200 OK

136 B

URL POST HTTP/2
s.seedtag.com/c/hb/bid
IP
34.149.50.64:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/LHUG
Certificate
IssuerSectigo Limited
Subject*.seedtag.com
FingerprintD7:38:7D:87:90:5E:88:AC:D9:97:58:89:77:52:22:2C:08:05:47:92
ValidityWed, 29 Mar 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
136 B (136 bytes)
Hash
30228d99905dd8a17339460b1942aa4e
a8e662e41451cbbe3d2e21e0e3850ab3b107bd5e
4d8af0179a8b3575c092f021ba311acc577d0b625061554e1034bfff0c082b85

HTTP Headers

POST /c/hb/bid HTTP/1.1
Host: s.seedtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 536
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 27 May 2023 12:09:16 GMT
content-type: application/json; charset=utf-8
vary: X-HTTP-Method-Override
set-cookie: st_uid=224984e1-fd85-41d5-a7e3-0fa75d8f6444; Max-Age=31536000; Domain=.seedtag.com; Path=/; Expires=Sun, 26 May 2024 12:09:16 GMT; Secure; SameSite=None
st_ssp=Y291bnRyeV9uYW1lPU5vcndheSZjb3VudHJ5X2lzbzI9Tk8mY291bnRyeV9pc28zPU5PUiZyZWdpb25fbmFtZT1Pc2xvIENvdW50eSZyZWdpb25faXNvMj0wMyZjaXR5X25hbWU9T3NsbyZsb25naXR1ZGU9MTAuODU5JmxhdGl0dWRlPTU5Ljk1NSZ6aXA9MTI5NA==; Max-Age=2592000; Domain=.seedtag.com; Path=/; Expires=Mon, 26 Jun 2023 12:09:16 GMT; HttpOnly; Secure; SameSite=None
etag: W/"4f-WpE6i1mrTXmcfM0IZv2NorsvqAo"
access-control-allow-origin: https://send.cm
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

c3.a-mo.net/b?gdpr=0&gdpr_consent=&us_privacy=null&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D

104.19.158.19

302 Found

0 B

URL GET HTTP/2
c3.a-mo.net/b?gdpr=0&gdpr_consent=&us_privacy=null&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D
IP
104.19.158.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:9A:A5:22:8B:F5:F4:56:F1:AD:3B:51:E0:FC:76:DF:3C:9F:C4:26
ValidityFri, 31 Mar 2023 00:00:00 GMT - Fri, 29 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b?gdpr=0&gdpr_consent=&us_privacy=null&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D HTTP/1.1
Host: c3.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Content-Type: text/plain
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 27 May 2023 12:09:16 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
location: https://id.a-mx.com/set?uid=e5e96f32-e44a-415b-8be7-7191d27078bf&gdpr=0&gdpr_consent=&us_privacy=null
access-control-allow-origin: null
access-control-allow-credentials: true
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cde25e76f5db50c-OSL
X-Firefox-Spdy: h2

gforanythingamgl.info/emViWUpVWgEqdykOODUYFwEbOiYwEjcBAEg9KmASHy0kASxLUUQtIx5YW2l5QlRRfzoTAV9obAkRAy0/CVhTfyMUAw1kbAxYU3d5TktRa2RIQxdke0JUV2x+T1dRYXlOUFdoc1wREjgtR1REKT4OCV9ofEJQU2FzSVBUa3NM

104.21.93.237

204 No Content

0 B

URL GET HTTP/3
gforanythingamgl.info/emViWUpVWgEqdykOODUYFwEbOiYwEjcBAEg9KmASHy0kASxLUUQtIx5YW2l5QlRRfzoTAV9obAkRAy0/CVhTfyMUAw1kbAxYU3d5TktRa2RIQxdke0JUV2x+T1dRYXlOUFdoc1wREjgtR1REKT4OCV9ofEJQU2FzSVBUa3NM
IP
104.21.93.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /emViWUpVWgEqdykOODUYFwEbOiYwEjcBAEg9KmASHy0kASxLUUQtIx5YW2l5QlRRfzoTAV9obAkRAy0/CVhTfyMUAw1kbAxYU3d5TktRa2RIQxdke0JUV2x+T1dRYXlOUFdoc1wREjgtR1REKT4OCV9ofEJQU2FzSVBUa3NM HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Sat, 27 May 2023 12:09:16 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYPCnmT41YeDllJaGsjQdlP74yPAnZTQiVEpYX8miIz%2FxIo9GVkYAfyZXXvih1tDgrTOWkTUgC%2BLFvX1aYvgDq4WOUypr3i%2FUdXH4eqynzswSItvXBavcCfs1IprsyUg%2BCZoj8GRAtU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25e6dccbfac0-OSL
alt-svc: h3=":443"; ma=86400

etheappyrincea.info/utx?cb=lGZExfDzPqlC&top=send.cm&tid=903813

52.85.242.80

204 No Content

0 B

URL GET HTTP/2
etheappyrincea.info/utx?cb=lGZExfDzPqlC&top=send.cm&tid=903813
IP
52.85.242.80:443
ASN
#16509 AMAZON-02

Requested by
https://send.cm/d/LHUG
Certificate
IssuerAmazon
Subjectetheappyrincea.info
FingerprintCA:17:98:7B:06:0A:D6:B9:7E:AA:96:FD:C8:F2:25:18:71:71:A8:4E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=lGZExfDzPqlC&top=send.cm&tid=903813 HTTP/1.1
Host: etheappyrincea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 27 May 2023 12:09:16 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://send.cm
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 27 May 2023 12:10:16 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 fb13343f41a549822047f18ba839fd5a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: rT0RwrLoRZzAgtBTncGOcsJvCq9EJte7SC65p1bLwTePYOlzL3GOSA==
X-Firefox-Spdy: h2

etheappyrincea.info/OXNkYlNYEQcPbFhOBkQmSx9ZR2F/VlYkNwgGAwsjTR4FUTBeHwZMMFUcEQY1SxwKFn1XFhBHYX8jPiQ/YxYhKxt3GQcHNWsyEzIGb0QyJSNRIDwkEHQKCzofeyEPJAdKAicFI0s/Dg0/YCtcLxx4MQ8DBQ0GJjYwHEEmMARoMSoYI38QVCtnaSEUR2F/JixaJ3owVDIJfSYoLCtoACoKMEo3IBp2CzUgMR1jPSA7EHIEA1Mcf0ITKz5BQDclN24SPCcSWkIyWjJTAwo0PlJCITEkazo8GhhaGxwKMUAXVDcbQQIrDzduEjcRHGNCBzsyfBtTMT5VBDw6EWwjDk8kWzg1FmtYCVEVBX4bFDEbdyYFKityEAMrJHILVAkQQDVcMTRrJQUlO24QDysgYzYIVAVuCxc2G10kBQ8VdRcIJCBYNiFEOUocChJudTAMDAALJRwjaw

52.85.242.80

200 OK

1.2 kB

URL GET HTTP/2
etheappyrincea.info/OXNkYlNYEQcPbFhOBkQmSx9ZR2F/VlYkNwgGAwsjTR4FUTBeHwZMMFUcEQY1SxwKFn1XFhBHYX8jPiQ/YxYhKxt3GQcHNWsyEzIGb0QyJSNRIDwkEHQKCzofeyEPJAdKAicFI0s/Dg0/YCtcLxx4MQ8DBQ0GJjYwHEEmMARoMSoYI38QVCtnaSEUR2F/JixaJ3owVDIJfSYoLCtoACoKMEo3IBp2CzUgMR1jPSA7EHIEA1Mcf0ITKz5BQDclN24SPCcSWkIyWjJTAwo0PlJCITEkazo8GhhaGxwKMUAXVDcbQQIrDzduEjcRHGNCBzsyfBtTMT5VBDw6EWwjDk8kWzg1FmtYCVEVBX4bFDEbdyYFKityEAMrJHILVAkQQDVcMTRrJQUlO24QDysgYzYIVAVuCxc2G10kBQ8VdRcIJCBYNiFEOUocChJudTAMDAALJRwjaw
IP
52.85.242.80:443
ASN
#16509 AMAZON-02

Requested by
https://send.cm/d/LHUG
Certificate
IssuerAmazon
Subjectetheappyrincea.info
FingerprintCA:17:98:7B:06:0A:D6:B9:7E:AA:96:FD:C8:F2:25:18:71:71:A8:4E
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3036), with no line terminators
Size
1.2 kB (1189 bytes)
Hash
6df4656d6caf75ef5c0f06296ed37bd4
bbfcf776aa9049d4e685008d633e9e5aff518289
ec745659ef755b9f5b56dc03a803c515eb69eb4ad5380993476518572768aee3

HTTP Headers

GET /OXNkYlNYEQcPbFhOBkQmSx9ZR2F/VlYkNwgGAwsjTR4FUTBeHwZMMFUcEQY1SxwKFn1XFhBHYX8jPiQ/YxYhKxt3GQcHNWsyEzIGb0QyJSNRIDwkEHQKCzofeyEPJAdKAicFI0s/Dg0/YCtcLxx4MQ8DBQ0GJjYwHEEmMARoMSoYI38QVCtnaSEUR2F/JixaJ3owVDIJfSYoLCtoACoKMEo3IBp2CzUgMR1jPSA7EHIEA1Mcf0ITKz5BQDclN24SPCcSWkIyWjJTAwo0PlJCITEkazo8GhhaGxwKMUAXVDcbQQIrDzduEjcRHGNCBzsyfBtTMT5VBDw6EWwjDk8kWzg1FmtYCVEVBX4bFDEbdyYFKityEAMrJHILVAkQQDVcMTRrJQUlO24QDysgYzYIVAVuCxc2G10kBQ8VdRcIJCBYNiFEOUocChJudTAMDAALJRwjaw HTTP/1.1
Host: etheappyrincea.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 1189
date: Sat, 27 May 2023 12:09:16 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 fb13343f41a549822047f18ba839fd5a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: QSTthiLHTIuaEMm8X7HAaoSJuv8-Z50YvaeMHMOffjYyHPiVccGW1A==
X-Firefox-Spdy: h2

chalaips.com/tag.min.js

139.45.197.242

200 OK

24 kB

URL GET HTTP/2
chalaips.com/tag.min.js
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://send.cm/d/LHUG
Certificate
IssuerLet's Encrypt
Subjectchalaips.com
Fingerprint28:94:6E:5D:AE:BB:B3:9F:3B:95:34:54:7C:9C:4E:C9:58:2F:F3:00
ValidityTue, 21 Mar 2023 11:43:54 GMT - Mon, 19 Jun 2023 11:43:53 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
24 kB (23519 bytes)
Hash
55eb2b95f376a652d73458bd05dcbc47
eb793a2eeb526273561e5de40ccbff250f51fdfe
9ce2c4733b4fe317690836ca1f904d17f33d0ac87e18c59db554586274ed7997

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: chalaips.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:09:16 GMT
content-type: text/javascript; charset=utf-8
content-length: 23519
content-encoding: br
x-trace-id: bf308fb63cc6e08474646945a13635ae
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 26 May 2023 13:26:23 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

d1ugiptma3cglb.cloudfront.net/PZFlZeEIHNjcefRAwPUV7VGphSXFCMyoXLBRkFTsqCgprLjolYX8MOABkaV4uBTc+RWQBNzpFc0I4PRp/UH8tCC0PZDULNxQsNhcsDDx/DSNZNDYCKwg1OF1wImx3SGdWaXEAc1V8ajpnVmk1ESwRIXxKchxhbyd0UHxqOmdWaSsOZ1cYaEh7SmlwXXBUPj-wbKQt8az5wVGhpSHNUaHxKcgIwKx0kCyF8SgRVaGhWckIsZEl6VWxsTHdWamFLdlFsaEE

54.230.245.7

494 B

URL
d1ugiptma3cglb.cloudfront.net/PZFlZeEIHNjcefRAwPUV7VGphSXFCMyoXLBRkFTsqCgprLjolYX8MOABkaV4uBTc+RWQBNzpFc0I4PRp/UH8tCC0PZDULNxQsNhcsDDx/DSNZNDYCKwg1OF1wImx3SGdWaXEAc1V8ajpnVmk1ESwRIXxKchxhbyd0UHxqOmdWaSsOZ1cYaEh7SmlwXXBUPj-wbKQt8az5wVGhpSHNUaHxKcgIwKx0kCyF8SgRVaGhWckIsZEl6VWxsTHdWamFLdlFsaEE
IP
54.230.245.7:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (674), with no line terminators
Size
494 B (494 bytes)
Hash
6951386bd35fd9ce7f4cdd6054f2e7b5
6dfcda5ee4f98885759638d6d4e890a34c98a837
1d08ab9619050dfc73a9ca0961d0a8189538aa0dfcbe0c94ceb7921206643680

HTTP Headers

GET /PZFlZeEIHNjcefRAwPUV7VGphSXFCMyoXLBRkFTsqCgprLjolYX8MOABkaV4uBTc+RWQBNzpFc0I4PRp/UH8tCC0PZDULNxQsNhcsDDx/DSNZNDYCKwg1OF1wImx3SGdWaXEAc1V8ajpnVmk1ESwRIXxKchxhbyd0UHxqOmdWaSsOZ1cYaEh7SmlwXXBUPj-wbKQt8az5wVGhpSHNUaHxKcgIwKx0kCyF8SgRVaGhWckIsZEl6VWxsTHdWamFLdlFsaEE HTTP/1.1
Host: d1ugiptma3cglb.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etheappyrincea.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 494
date: Sat, 27 May 2023 12:09:17 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zFdcsQj4LA04CqoWAzVM5rOmymz_l_0Np08X_6ZiJrNFbaLPLBa_Ig==
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=4545a7d8854644faa878bb79f947f731

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=4545a7d8854644faa878bb79f947f731
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://send.cm/d/LHUG
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
cf7435e2704f75c08dd498067a807ab0
affa594628e14d4c5dd603d9146b69238247b330
3bf77078ca5ad0fc276516067008dad65989a9f75450a6f93cff1fa673ca60d0

HTTP Headers

GET /gid.js?userId=4545a7d8854644faa878bb79f947f731 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:09:17 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://send.cm
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4545a7d8854644faa878bb79f947f731; expires=Sun, 26 May 2024 12:09:17 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

pl15995674.highrevenuegate.com/9c/ed/24/9ced2453f41586bc39632e754938332a.json

192.243.59.13

403 Forbidden

0 B

URL GET HTTP/1.1
pl15995674.highrevenuegate.com/9c/ed/24/9ced2453f41586bc39632e754938332a.json
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://send.cm/d/LHUG
Certificate
IssuerLet's Encrypt
Subjecthighrevenuegate.com
FingerprintE3:83:9C:63:64:A5:46:F7:CE:7B:E1:4D:12:0F:29:C3:22:23:C0:14
ValidityTue, 02 May 2023 09:41:55 GMT - Mon, 31 Jul 2023 09:41:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /9c/ed/24/9ced2453f41586bc39632e754938332a.json HTTP/1.1
Host: pl15995674.highrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 27 May 2023 12:09:17 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGpg4u5gB9rYAzhrZ40k_kP3eVVCMvFRbt8wccxGbeASJh4oiLtgWkBVZGPejoq78d0hgjO

216.58.207.237

302 Found

397 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGpg4u5gB9rYAzhrZ40k_kP3eVVCMvFRbt8wccxGbeASJh4oiLtgWkBVZGPejoq78d0hgjO
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Size
397 B (397 bytes)
Hash
1e943a5c13cb6d45b5cad69a6fa6ddfa
46d923f370e30fcb1a4e9429b907bb52bddcf113
6e53b6ed8f60119f302f147c0d13b5daf24e0949fe1b73dfda3f3c070e0db75e

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGpg4u5gB9rYAzhrZ40k_kP3eVVCMvFRbt8wccxGbeASJh4oiLtgWkBVZGPejoq78d0hgjO HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:jh23SUpihVjY2bYUjuEq5YXiGjdsYQ:pgU8J8TBOhwSE8mD;Path=/;Expires=Mon, 26-May-2025 12:09:17 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 12:09:17 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-905270983%3A1685189357295043&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFFXqkryp2HVAWZKAI8bATmxWBQ7iMTOYUjm3jBbOYxb35-FRIWRVjcwwhqIPowaR99lYaG_w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-ih2WcTAav95dVwlNkK2-oA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneG23YqYho1w640wPMcuHMYR42Chaqg96GpOr4G03pMmPCVNeSe4kyxQPH6QPTnLOeXVPNfb

216.58.207.237

302 Found

399 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneG23YqYho1w640wPMcuHMYR42Chaqg96GpOr4G03pMmPCVNeSe4kyxQPH6QPTnLOeXVPNfb
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Size
399 B (399 bytes)
Hash
4a273db4a0247dd84db9d3e932e080d2
3cabf889d13789f1af8d5075ff24449487d8117c
585b9d4c095f0a97d6c63e45f75e5f7651c6bcba936ff0f504102c8b7bf78242

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneG23YqYho1w640wPMcuHMYR42Chaqg96GpOr4G03pMmPCVNeSe4kyxQPH6QPTnLOeXVPNfb HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:aPF9xZ6j823-X_uYZqOVFGgRCVRNZQ:Ca5u4CvOCZ3ny-Sp;Path=/;Expires=Mon, 26-May-2025 12:09:17 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 12:09:17 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-536698550%3A1685189357304598&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneF-jL3MZaYn2MO49CCorFHOinrMaKSRaM3H7PvZ1-wiC6uQajgUYs-R1IiXAYAdXm2F7ymRsg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-yVOqD_ZP5vTMcvtnvXPCvQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 399
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=

147.75.84.158

0 B

URL
prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
IP
147.75.84.158:0
ASN
#54825 PACKET

Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
Fingerprint86:27:A6:73:5B:D6:49:31:AD:38:AE:5D:D8:43:D7:59:83:60:76:B4
ValidityThu, 13 Apr 2023 07:33:05 GMT - Wed, 12 Jul 2023 07:33:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid= HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: max-age=0, private, must-revalidate
date: Sat, 27 May 2023 12:09:30 GMT
server: envoy
x-envoy-upstream-service-time: 1
vary: Accept-Encoding
X-Firefox-Spdy: h2

send.cm/cdn-cgi/challenge-platform/scripts/invisible.js

172.67.70.55

302 Found

14 kB

URL GET HTTP/3
send.cm/cdn-cgi/challenge-platform/scripts/invisible.js
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
data
Size
14 kB (14323 bytes)
Hash
a318e05fcf035fb81d1d164fb5f58a9f
3c5c6ddb7bb4df4ec81ea0f01653ab2676fc2f6c
8d4f1c4535873978941ebae3b74557a912ce2664de879fe356d0a6ac9a149c94

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c6f6a9f10f28066c.1685189355.; _pk_ses.1.43ee=1; c_7hyj5tegwm4sd2=lpbgegsvzsz6; __cf_bm=XDM8D.duvVmHDQGbq8td7COCFSuZE84gTv6GhNZn6.Q-1685189355-0-ARot0JUpI71QIWeTzudRTLfc5Pe6RVHEjxa46cWvG2AHls3MHF4ybzdMmcCP98dftzce8TMN2SONmik2KG734X+F6HBDEJW9tuGrywyOFBnp; _lr_retry_request=true; _lr_env_src_ats=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 27 May 2023 12:09:16 GMT
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7m6VDMJ0TtEhDFOhYOfAiaPJ73cijBx0zQnM0RqPclBsmrrC%2BBS3jx9iLW%2BttKcMwMOz0bS6ruuqsz0%2F2M2ACGqFFwx6QY5eTbD%2FV65rAcQ8X%2F7Cnxb0peY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25e71cc6b4f7-OSL
alt-svc: h3=":443"; ma=86400

godpvqnszo.com/aas/r45d/vki/1951167/a6cdd247.js

62.122.171.6

200 OK

85 kB

URL GET HTTP/2
godpvqnszo.com/aas/r45d/vki/1951167/a6cdd247.js
IP
62.122.171.6:443
ASN
#50245 Serverel Inc.

Requested by
https://send.cm/d/LHUG
Certificate
IssuerBuypass AS-983163327
Subject
FingerprintA3:18:81:46:21:23:25:D9:B2:A0:C9:DF:CC:95:3B:39:2C:75:77:82
ValiditySun, 05 Feb 2023 10:50:47 GMT - Thu, 03 Aug 2023 21:59:00 GMT

File type
ASCII text, with very long lines (64959)
Size
85 kB (84972 bytes)
Hash
0812a8bf5c1c1e239ff337a622c7a89b
50eebe8ff4820f3553c38ef1f63dcf94bb8e9bfb
8f3aea3e305a912052f8c54fce21ca754f095ded9d35a9c1684b846376dc5e65

HTTP Headers

GET /aas/r45d/vki/1951167/a6cdd247.js HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: UID=230527070950542e6d31944d4bbd4e4f739e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:09:15 GMT
content-type: application/javascript
last-modified: Thu, 11 May 2023 08:36:45 GMT
vary: Accept-Encoding
etag: W/"645ca91d-14c36"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

barnes.send.cm/s.js

172.67.70.55

200 OK

66 kB

URL GET HTTP/3
barnes.send.cm/s.js
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
ASCII text, with very long lines (63519)
Size
66 kB (65754 bytes)
Hash
e5461eb0cef4256771e360d6306c3033
f31a23f1e2d15a7a03992010c359833efba3e6b8
78c25da6082dd620e0fe7f12d7ef6e3c6015304575d9ced465b4e84e15a7d82a

HTTP Headers

GET /s.js HTTP/1.1
Host: barnes.send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:14 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=65842
etag: W/"10132-5fa39a5b1cdd7"
last-modified: Wed, 26 Apr 2023 09:13:03 GMT
strict-transport-security: max-age=15768000; includeSubDomains
cache-control: max-age=259200
cf-cache-status: HIT
age: 2394
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dn3LJOyNSMkDI9FP4VoCMJi2yR%2FSmrABkOVFklS9U41xiE1COcCrP%2FJZp3RJXTqO9bnjq%2B%2FMTdmDKgZIk1CYCMFiuxMPSJGb7IAk5%2FlrIVWXhswthAO%2BQ%2FWnrRocjMnR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cde25dbcb54b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/static/js/clipboard.min.js

172.67.70.55

200 OK

9.0 kB

URL GET HTTP/3
send.cm/static/js/clipboard.min.js
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
Unicode text, UTF-8 text, with very long lines (9258), with no line terminators
Size
9.0 kB (9034 bytes)
Hash
db9c29b300b6e957b611f437fe482b0c
a7ca1b86b66aa417e5ded8bddf571bd28775d7d1
02b7776bbff33fa250331338c8a085b5447d8575283a7943519c56f72215b2b2

HTTP Headers

GET /static/js/clipboard.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c6f6a9f10f28066c.1685189355.; _pk_ses.1.43ee=1; c_7hyj5tegwm4sd2=lpbgegsvzsz6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:15 GMT
content-type: application/javascript; charset=utf8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Dec 2022 18:00:20 GMT
etag: W/"234a-5efcd82834534-gzip"
vary: Accept-Encoding
expires: Sat, 27 May 2023 12:03:31 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvec7%2FlVxpdYe1C6Z7IYlI26vcZFA2t54NmvQq7uXrT2cAZUIuzfxn3xL%2FcwwQK8P2WHq1J2KczCcCgJOJS67GJjtgmfqHr2IzKj%2BHXfmnQUQvfgOWUwPVg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25deefddb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

addresseepaper.com/sfp.js

0.0.0.0

0 B

URL GET
addresseepaper.com/sfp.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://send.cm/d/LHUG

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

216.58.207.237

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
set-cookie: __Host-GAPS=1:yYfc2L-i_Em4h6-umLLv3fFRBA-_Ew:aQz4Uv5aC59o5tJZ; Expires=Mon, 26-May-2025 12:09:15 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 12:09:15 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneErq4lAdg3pfAvS4cFPSYWzwD3mDvAbmS3iTP9rjRQfBfJUYqD8Ku5OyQMFGjp6HjYKGFreSg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-QYOd_NaQug6-YGgBQHUYkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

send.cm/lib/@fortawesome/fontawesome-free/css/fa.min.css

172.67.70.55

200 OK

6.8 kB

URL GET HTTP/3
send.cm/lib/@fortawesome/fontawesome-free/css/fa.min.css
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
ASCII text, with very long lines (7103), with no line terminators
Size
6.8 kB (6752 bytes)
Hash
3a4e6fe620850879f073fbeb7d915969
1ea842aabcf1d80ffd383b84c8da0650baefc68f
5a072970160446a139243170334741139bd414e1285dfd785bd552db7c263f80

HTTP Headers

GET /lib/@fortawesome/fontawesome-free/css/fa.min.css HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:14 GMT
content-type: text/css
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Jan 2022 10:52:41 GMT
etag: W/"1a60-5d6de95650b32-gzip"
vary: Accept-Encoding
expires: Sat, 27 May 2023 12:07:56 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swlClgv9shD2kotzjCEkAf5s6%2F1UqB7hd8BxN%2B6HXm0iXek0nXXVu6eysZ6Kc3nh1qeD33joD3bcRFqWtmHvDQeWU6%2BXAkIQ%2FuAn6bcVtnuWMkmNvy39K1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25d9e89ab4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

p.gcprivacy.com/t/gcid_s.min.js

54.230.111.59

403 Forbidden

0 B

URL GET HTTP/2
p.gcprivacy.com/t/gcid_s.min.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://send.cm/d/LHUG
Certificate
IssuerAmazon
Subject*.gcprivacy.com
Fingerprint16:B6:01:12:52:A3:4C:6E:33:F8:D8:23:33:67:08:B1:D3:0B:5D:4F
ValidityThu, 23 Feb 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/gcid_s.min.js HTTP/1.1
Host: p.gcprivacy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
server: CloudFront
date: Sat, 27 May 2023 12:09:15 GMT
content-type: text/html
content-length: 986
x-cache: Error from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CxbvAXXOh7xF-4NsyHt1GM_ngQGvzmN8-ANp6NoiVNu0Z8qKXC__-w==
X-Firefox-Spdy: h2

send.cm/assets/js/dashforge.js

172.67.70.55

200 OK

2.3 kB

URL GET HTTP/3
send.cm/assets/js/dashforge.js
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
ASCII text, with very long lines (2286), with no line terminators
Size
2.3 kB (2271 bytes)
Hash
6c469db96744ab501de112c9fac8f15e
a9795764586d64d918bb8a433b1d3043a61a6a70
d7d2ab9143404f0500f004976b62f44516128747d69ef3994a9a18b479173efe

HTTP Headers

GET /assets/js/dashforge.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:14 GMT
content-type: application/javascript; charset=utf8
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-control: max-age=259200
cf-bgj: minify
cf-polished: origSize=3370
etag: W/"d2a-5d2f044f765a3-gzip"
expires: Sat, 27 May 2023 12:23:27 GMT
last-modified: Sun, 12 Dec 2021 10:17:54 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTrK74%2BeCu1Fc%2F%2BCBOKFdeOgo7c8gMz2clauz%2F8KELHDbydLgZhc%2FmuZaMBg7BtyRNz6FgUttyzOVJyBmzb9KICuDjlrgUDOTg%2Bqhd93j9PeE32uBaDUApo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25d9e8aeb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/cdn-cgi/challenge-platform/h/b/cv/result/7cde25d74d20b512

172.67.70.55

200 OK

2 B

URL POST HTTP/3
send.cm/cdn-cgi/challenge-platform/h/b/cv/result/7cde25d74d20b512
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/cv/result/7cde25d74d20b512 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12353
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c6f6a9f10f28066c.1685189355.; _pk_ses.1.43ee=1; c_7hyj5tegwm4sd2=lpbgegsvzsz6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:15 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=XDM8D.duvVmHDQGbq8td7COCFSuZE84gTv6GhNZn6.Q-1685189355-0-ARot0JUpI71QIWeTzudRTLfc5Pe6RVHEjxa46cWvG2AHls3MHF4ybzdMmcCP98dftzce8TMN2SONmik2KG734X+F6HBDEJW9tuGrywyOFBnp; path=/; expires=Sat, 27-May-23 12:39:15 GMT; domain=.send.cm; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRYRb9PG4u80rMew%2FOPdm45GsppQW%2BStq5roAS9Pua%2FEexjO%2Fw%2BFRkpir4x3ago3nHXeJNF8SYkjIO%2Fdh7jLKE1b8Zb9zK1yeTqYwssf%2Fl%2FpYRIern17GMY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25e1fd42b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

216.58.207.237

302 Found

0 B

URL GET HTTP/3
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
set-cookie: __Host-GAPS=1:MIQzdQq_JnLZBFtZ7FOLfcXTXQzFtQ:IZhWD3qQAYq4nFDH; Expires=Mon, 26-May-2025 12:09:17 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 12:09:17 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGpg4u5gB9rYAzhrZ40k_kP3eVVCMvFRbt8wccxGbeASJh4oiLtgWkBVZGPejoq78d0hgjO
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-mngDhBwhYKOsN1_nP04LIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

increaserev.com/ads/ob/tage/aaw.sendcm.js

104.26.0.126

200 OK

547 kB

URL GET HTTP/2
increaserev.com/ads/ob/tage/aaw.sendcm.js
IP
104.26.0.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintBC:B0:9D:21:A0:92:81:50:8F:B0:B4:E5:2D:4E:AA:4F:9D:14:E6:21
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type

Size
547 kB (546891 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ads/ob/tage/aaw.sendcm.js HTTP/1.1
Host: increaserev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 12:09:14 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 15:40:10 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEoZUn2SI69HSJyGx6RB4I8UspmxallsJopkMKoLkDoAdhTpblUZKuF9TVBwlT6n6OmZMMrxbfijUPYr444qL%2FBtT%2BrUDrHSeTnsCBndAnk4USLfxXdB8kj7FkJihwsefw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25da3f66b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

send.cm/cdn-cgi/challenge-platform/h/b/scripts/pica.js

172.67.70.55

200 OK

5.8 kB

URL GET HTTP/3
send.cm/cdn-cgi/challenge-platform/h/b/scripts/pica.js
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
ASCII text, with very long lines (5757), with no line terminators
Size
5.8 kB (5754 bytes)
Hash
7e397abb3158badd6668e9985f62ede6
27a42836f6afe5be77a9fba629861d08d45d0757
e9f26e9a644831b4f0f93fc9b553d38ff48a22d4fe28e9ef74f172cad7fae2dc

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/pica.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c6f6a9f10f28066c.1685189355.; _pk_ses.1.43ee=1; c_7hyj5tegwm4sd2=lpbgegsvzsz6; __cf_bm=XDM8D.duvVmHDQGbq8td7COCFSuZE84gTv6GhNZn6.Q-1685189355-0-ARot0JUpI71QIWeTzudRTLfc5Pe6RVHEjxa46cWvG2AHls3MHF4ybzdMmcCP98dftzce8TMN2SONmik2KG734X+F6HBDEJW9tuGrywyOFBnp; _lr_retry_request=true; _lr_env_src_ats=false; dom3ic8zudi28v8lr6fgphwffqoz0j6c=873ea80c-616a-478b-a7f9-a88ae8a1df49%3A3%3A1
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:16 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJTcAVpT1GMl0gxuBANmla51rOZiFzZIQtxmETH2L9ypg6VdFCIkzA6hUZZ4WOVChAM2LW1Vm0h17voQaO8EvQ6OhxrKE0Nd0wl3vX9jF5TMe1OJzGVQYPE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25e80e0cb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cloudflare.com/cdn-cgi/trace

104.16.133.229

200 OK

260 B

URL GET HTTP/2
cloudflare.com/cdn-cgi/trace
IP
104.16.133.229:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerCloudflare, Inc.
Subjectcloudflare.com
FingerprintE4:16:7D:83:53:22:5B:0A:33:45:12:04:A9:A5:19:F3:02:9E:5B:60
ValidityFri, 07 Apr 2023 00:00:00 GMT - Thu, 06 Jul 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
260 B (260 bytes)
Hash
7388b9e224ae18990b964ab79ff6d79b
11921c1a46b371069667c00dc68bfa9d75fffb33
a0e020301fada0565fbae861094646296842f01822fb219231be224056046f92

HTTP Headers

GET /cdn-cgi/trace HTTP/1.1
Host: cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 12:09:14 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 7cde25dc19df0b45-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

send.cm/js/share.js

172.67.70.55

200 OK

329 B

URL GET HTTP/3
send.cm/js/share.js
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
ASCII text, with very long lines (332), with no line terminators
Size
329 B (329 bytes)
Hash
1d2236286294d62230ccc88e96b5297b
de15f3e22b3e2719f872e47a63b5702c48835a3f
c482daeb5dbeb1b8b60adbd8a47e025cbfe19ea0a0f798d8f77b862781694dbc

HTTP Headers

GET /js/share.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c6f6a9f10f28066c.1685189355.; _pk_ses.1.43ee=1; c_7hyj5tegwm4sd2=lpbgegsvzsz6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:15 GMT
content-type: application/javascript; charset=utf8
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-control: max-age=259200
cf-bgj: minify
cf-polished: origSize=354
etag: W/"162-5ae64b15a48c0-gzip"
expires: Sat, 27 May 2023 12:01:21 GMT
last-modified: Thu, 03 Sep 2020 08:39:39 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kw40AFDFMkUklfzv1sbNCfs7jRZFa8Xuq6yTqB02%2Bgg9MolJiCXl1TQt32sLub6aGD7KVGA%2BeN%2FopBVq62kO1PbTdv8kQlq7MljVc42%2FHLh3L3Kb2hr7NPM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25deffe2b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

godpvqnszo.com/aas/r45d/vki/1951167/a6cdd247.js

62.122.171.6

200 OK

85 kB

URL GET HTTP/2
godpvqnszo.com/aas/r45d/vki/1951167/a6cdd247.js
IP
62.122.171.6:443
ASN
#50245 Serverel Inc.

Requested by
https://send.cm/d/LHUG
Certificate
IssuerBuypass AS-983163327
Subject
FingerprintA3:18:81:46:21:23:25:D9:B2:A0:C9:DF:CC:95:3B:39:2C:75:77:82
ValiditySun, 05 Feb 2023 10:50:47 GMT - Thu, 03 Aug 2023 21:59:00 GMT

File type
ASCII text, with very long lines (64959)
Size
85 kB (84972 bytes)
Hash
0812a8bf5c1c1e239ff337a622c7a89b
50eebe8ff4820f3553c38ef1f63dcf94bb8e9bfb
8f3aea3e305a912052f8c54fce21ca754f095ded9d35a9c1684b846376dc5e65

HTTP Headers

GET /aas/r45d/vki/1951167/a6cdd247.js HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:09:14 GMT
content-type: application/javascript
last-modified: Thu, 11 May 2023 08:36:45 GMT
vary: Accept-Encoding
etag: W/"645ca91d-14c36"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

ib.adnxs.com/openrtb2/prebid

185.89.210.212

204 No Content

0 B

URL POST HTTP/1.1
ib.adnxs.com/openrtb2/prebid
IP
185.89.210.212:443
ASN
#29990 ASN-APPNEX

Requested by
https://send.cm/d/LHUG
Certificate
IssuerDigiCert Inc
Subject*.adnxs.com
Fingerprint30:E1:57:C8:5A:77:64:AE:54:99:08:F7:2B:B8:C7:F4:28:85:56:08
ValidityMon, 13 Feb 2023 00:00:00 GMT - Fri, 15 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /openrtb2/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2852
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.21.3
Date: Sat, 27 May 2023 12:09:15 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://send.cm
AN-X-Request-Uuid: f2230a4e-9a24-49fc-ac95-bbf02e9e835c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

dismantlepenantiterrorist.com/pxf.gif?uuid=873ea80c-616a-478b-a7f9-a88ae8a1df49&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=12

0.0.0.0

0 B

URL GET
dismantlepenantiterrorist.com/pxf.gif?uuid=873ea80c-616a-478b-a7f9-a88ae8a1df49&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=12
IP
0.0.0.0:0
ASN
#0

Requested by
https://send.cm/d/LHUG

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=873ea80c-616a-478b-a7f9-a88ae8a1df49&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=12 HTTP/1.1
Host: dismantlepenantiterrorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

send.cm/lib/feather-icons/feather.min.js

172.67.70.55

200 OK

66 kB

URL GET HTTP/3
send.cm/lib/feather-icons/feather.min.js
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type

Size
66 kB (65962 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lib/feather-icons/feather.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:14 GMT
content-type: application/javascript; charset=utf8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
etag: W/"101aa-5ae64b14b0680-gzip"
vary: Accept-Encoding
expires: Sat, 27 May 2023 12:18:47 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uR%2BRHAQpTloebP5oBC1JC7aNO5O%2FFvsv4raDFBgCM6vvs0tqRpcvgWV6C4%2B%2FI6LFAnN803nCCxqP80hsA10%2BiF%2Bl8hQNtjUTAPxISCd%2FPCo0LkIoKTdp7fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25d9e8adb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

id.a-mx.com/set?uid=e5e96f32-e44a-415b-8be7-7191d27078bf&gdpr=0&gdpr_consent=&us_privacy=null

104.21.41.253

200 OK

99 B

URL GET HTTP/3
id.a-mx.com/set?uid=e5e96f32-e44a-415b-8be7-7191d27078bf&gdpr=0&gdpr_consent=&us_privacy=null
IP
104.21.41.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerLet's Encrypt
Subjecta-mx.com
Fingerprint93:1B:3E:6F:0C:42:D4:9E:E2:06:0B:31:BD:11:83:9D:CF:0D:0C:67
ValidityMon, 01 May 2023 03:57:58 GMT - Sun, 30 Jul 2023 03:57:57 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
99 B (99 bytes)
Hash
94574a3a6d7e7926c5c228bc948d79bd
1ff6b83a03c715e59d178519db901c4c7628a0a8
45122b7feaec172a91f6ff6ced3894754c6f47aef3e71a60981adfe8946cbcec

HTTP Headers

GET /set?uid=e5e96f32-e44a-415b-8be7-7191d27078bf&gdpr=0&gdpr_consent=&us_privacy=null HTTP/1.1
Host: id.a-mx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Content-Type: text/plain
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:16 GMT
content-type: application/json
access-control-allow-origin: null
set-cookie: amuid2=e5e96f32-e44a-415b-8be7-7191d27078bf; Domain=a-mx.com; Path=/; Expires=Sun, 26 May 2024 12:09:16 GMT; Secure; SameSite=None
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yA6%2FKWk1Zn%2FZoY9orM01CR2R2e8og4E9P2piVA02K9nYa5rOLQt2kHLInzlDclyvKKptUzN3PGObYUf7eMyYV%2Fb6c9OeZqabke1pKvqYn%2FMSM%2BZtZQrsZa3EdlTn%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cde25e808e3b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

accounts.google.com/v3/signin/identifier?dsh=S-536698550%3A1685189357304598&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneF-jL3MZaYn2MO49CCorFHOinrMaKSRaM3H7PvZ1-wiC6uQajgUYs-R1IiXAYAdXm2F7ymRsg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

216.58.207.237

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?dsh=S-536698550%3A1685189357304598&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneF-jL3MZaYn2MO49CCorFHOinrMaKSRaM3H7PvZ1-wiC6uQajgUYs-R1IiXAYAdXm2F7ymRsg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?dsh=S-536698550%3A1685189357304598&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneF-jL3MZaYn2MO49CCorFHOinrMaKSRaM3H7PvZ1-wiC6uQajgUYs-R1IiXAYAdXm2F7ymRsg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 12:09:17 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: script-src 'nonce-wUIhqKJvlqzg8bNJmGJMLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

id.hadron.ad.gt/api/v1/pbhid?partner_id=405&_it=prebid

104.22.5.69

200 OK

141 B

URL GET HTTP/2
id.hadron.ad.gt/api/v1/pbhid?partner_id=405&_it=prebid
IP
104.22.5.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB5:9E:06:D8:8A:F4:6D:CC:E3:9D:4E:09:8B:28:E7:06:4F:08:42:44
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
141 B (141 bytes)
Hash
afd540bc532b5529e7ed041933991216
7e09d96e32d85de42a61d1880f91c9a4e3ae7e39
c7c9d2095142fa196181f2035aa45d3ece18f1c2f6ac870cd31d8be234e144db

HTTP Headers

GET /api/v1/pbhid?partner_id=405&_it=prebid HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 12:09:16 GMT
content-type: application/json
access-control-allow-origin: *
allow: POST, OPTIONS, GET
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cde25e65dddb4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

send.cm/static/css/auth.min.css

172.67.70.55

200 OK

789 B

URL GET HTTP/3
send.cm/static/css/auth.min.css
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
ASCII text, with very long lines (789), with no line terminators
Size
789 B (789 bytes)
Hash
f095cdbc5703353ae870aa6fd1504bb8
395b5898fde4cb72dc30e7752bde4e68317fb299
d7091a28d7048b34315acc78d543eb1181751aec851df73f83da7d3b07081116

HTTP Headers

GET /static/css/auth.min.css HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:14 GMT
content-type: text/css
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Mar 2021 17:04:40 GMT
etag: W/"315-5be372d95fefb-gzip"
vary: Accept-Encoding
expires: Sat, 27 May 2023 12:02:01 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BBqOzgnxhqySa9aTQK44rJWgg7ioEfRCbjsnjpjs%2Bye6ITNdA092HjprdN%2BQvuyCvXpk5IzEYN0lmM4r6to%2BTLyZoADhkTF7jUM0UjWxJaLvSOfuLl9Mgw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25d9e89cb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/favicon.ico

172.67.70.55

200 OK

65 kB

URL GET HTTP/3
send.cm/favicon.ico
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 64x64, 32 bits/pixel\012- data
Size
65 kB (64686 bytes)
Hash
22dab3b36a487940c539e179b7edd7ea
ad1d193daab9eb56c4d27b10e0f0638307c262cc
b64c225956915ee8b619ea190276ebe838880d3a16793a5614487e8be5b5d3bf

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c6f6a9f10f28066c.1685189355.; _pk_ses.1.43ee=1; c_7hyj5tegwm4sd2=lpbgegsvzsz6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:15 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 03 Sep 2020 08:39:39 GMT
etag: W/"fcae-5ae64b15a48c0"
expires: Sat, 27 May 2023 12:03:39 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 621
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Q5T%2FJnD7I5wKWU%2FFTa2YEO789Ui5Oli7fDwVmv6ZzNpRqu2YYqK0XlJpE%2FgUaMGAkEfxX9pxMT21BkuGnBNXC0ymJOrfybADSsIP1CDpf0IGO4Ca%2Bo%2F1eI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cde25df4850b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

accounts.google.com/v3/signin/identifier?dsh=S-1509873484%3A1685189356092106&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneE0aqLsfNif9mWN04jWqiFwf_B80KE5PZfFE_Jfues2HOqph6jbfKL4zgze-BJVtskq7u0D&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

216.58.207.237

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?dsh=S-1509873484%3A1685189356092106&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneE0aqLsfNif9mWN04jWqiFwf_B80KE5PZfFE_Jfues2HOqph6jbfKL4zgze-BJVtskq7u0D&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?dsh=S-1509873484%3A1685189356092106&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneE0aqLsfNif9mWN04jWqiFwf_B80KE5PZfFE_Jfues2HOqph6jbfKL4zgze-BJVtskq7u0D&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 12:09:16 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-I9Ty_Pk5ti93GnY84wyFOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

send.cm/static/css/dl.min.css

172.67.70.55

200 OK

179 kB

URL GET HTTP/3
send.cm/static/css/dl.min.css
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
179 kB (179028 bytes)
Hash
5b58461e5f18bf7cd778f13248d95d3f
3ce9cef55a1292bf12d39edffeb3b29721d4a399
6c94223dbccba502090c8df6145de92a1393195c1e0d21cf518d84c436059121

HTTP Headers

GET /static/css/dl.min.css HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:14 GMT
content-type: text/css
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jun 2022 15:22:22 GMT
etag: W/"2bb54-5e17e167b80b4-gzip"
vary: Accept-Encoding
expires: Sat, 27 May 2023 12:08:13 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2TKDGg%2FrbkINVRggE%2F2U6tlDP%2BvR1PwocDQxYOS3jemXOu8Y750iKLuShlyPDKcZhKSrVuhwQE%2FS9cWKHFDlzgbChVu9O4xHE9oEIEapnZ7ZVYB2DakrH0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25d9e89bb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

216.58.207.237

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A
ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
set-cookie: __Host-GAPS=1:bnEhyXkS1bfemJUfikalmOveJ3XViQ:I19bGfvxihqU-mxR; Expires=Mon, 26-May-2025 12:09:15 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 12:09:15 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneHfDprjj6aIN-d-ISsMSBJDAS4cJFaied4qAeHUx-cjUcpz2P0sWQeSYsthCTL9cdlKiz-vtw
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-JLnHV-yckHm51GFD7S0hAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gforanythingamgl.info/popunder.gif

104.21.93.237

200 OK

35 B

URL GET HTTP/3
gforanythingamgl.info/popunder.gif
IP
104.21.93.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subjectgforanythingamgl.info
Fingerprint5E:50:F4:C2:4F:D9:85:4E:40:F6:9A:2E:AC:04:DE:C2:79:BB:A8:74
ValidityFri, 05 May 2023 13:46:21 GMT - Thu, 03 Aug 2023 13:46:20 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: gforanythingamgl.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:16 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 475494
last-modified: Mon, 22 May 2023 00:04:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8paCudpm79p0G4%2BAF%2FUbCO7OqXN1LZ28BHx3KQuERdvvDMN2C6QexBmifBLZPmd5yGY4pFa2B9X3uq%2BExZ4cnAMkbI2cBuwCCB4je2iDiOsr6a%2BIYnHsMAWeM%2B1wL%2FkjCeF8Gm%2FVBA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cde25e63c5ffac0-OSL
alt-svc: h3=":443"; ma=86400

pogothere.xyz/asd100.bin

104.21.0.182

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
104.21.0.182:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 12:09:15 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2991
last-modified: Sat, 27 May 2023 11:19:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=do3ItW0O0h%2FtnX6PsCNF76yfPebnutpxKXYBmGsDPR9YD%2BaP%2B3OY5n0Yr%2Ff9uodLMJM0M25U%2FjFryL%2BkZiJHmXw0eaSbKj90UHzko9QSdA86E0bhnB%2FTfY0dP8e4ijr0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cde25dfc8410b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?dsh=S-905270983%3A1685189357295043&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFFXqkryp2HVAWZKAI8bATmxWBQ7iMTOYUjm3jBbOYxb35-FRIWRVjcwwhqIPowaR99lYaG_w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

216.58.207.237

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?dsh=S-905270983%3A1685189357295043&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFFXqkryp2HVAWZKAI8bATmxWBQ7iMTOYUjm3jBbOYxb35-FRIWRVjcwwhqIPowaR99lYaG_w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?dsh=S-905270983%3A1685189357295043&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFFXqkryp2HVAWZKAI8bATmxWBQ7iMTOYUjm3jBbOYxb35-FRIWRVjcwwhqIPowaR99lYaG_w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 12:09:17 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-mBMqSdM4Itl2tpW9wNfVzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

send.cm/cdn-cgi/challenge-platform/h/b/scripts/pica.js

172.67.70.55

200 OK

5.8 kB

URL GET HTTP/3
send.cm/cdn-cgi/challenge-platform/h/b/scripts/pica.js
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
ASCII text, with very long lines (5754), with no line terminators
Size
5.8 kB (5751 bytes)
Hash
5dfe87a918cc2537b52368b1029926b1
fb9c18ca950bdc5dacd5915f8183b570defec39b
69dc7cb2a4f44e32f649802c53be323a0354bb79452d577539f6b36cc860358b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/pica.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c6f6a9f10f28066c.1685189355.; _pk_ses.1.43ee=1; c_7hyj5tegwm4sd2=lpbgegsvzsz6
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgD9OVJDhIsrYubXqXUDx3zxZH%2FhjJjfQk34O2LwMs2OHatiboCMubjug3M4YO6ZuTbmCFuzTZdkgVQ4Wfz4HV1KXVh7o0CkjmMUAyNjGhSIdWOw4%2FlNH%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25e08ac5b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

simplewebanalysis.com/stats

52.28.214.225

200 OK

40 B

URL GET HTTP/2
simplewebanalysis.com/stats
IP
52.28.214.225:443
ASN
#16509 AMAZON-02

Requested by
https://send.cm/d/LHUG
Certificate
IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
bb0f8a1a4185b6c2edabeb1cee3954ee
f2dfb6ab93b43a4c85dd156e78d8264b5f296581
7fa9a4220649c660fc7cac12137d777ddcc8255436bd80ccf22cd1fc5d245b90

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 12:09:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://send.cm
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=873ea80c-616a-478b-a7f9-a88ae8a1df49:3:1; expires=Tue, 24 May 2033 12:09:16 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

send.cm/lib/perfect-scrollbar/perfect-scrollbar.min.js

172.67.70.55

200 OK

18 kB

URL GET HTTP/3
send.cm/lib/perfect-scrollbar/perfect-scrollbar.min.js
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
ASCII text, with very long lines (18216)
Size
18 kB (18291 bytes)
Hash
4a10bcfa0a9c9fa9d503b5a498cac31e
c4f6c403e99fb37cb496c3844b332823db7c5837
a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634

HTTP Headers

GET /lib/perfect-scrollbar/perfect-scrollbar.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:14 GMT
content-type: application/javascript; charset=utf8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
etag: W/"4773-5ae64b14b0680-gzip"
vary: Accept-Encoding
expires: Sat, 27 May 2023 12:13:17 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybH405Bbm2S9qkai2sspnL3qM8PTW6rkdmiUvSQ990Gjy8Gm50t8rRTZJXkDutVWB2gss7IsacSibSeAgkeyhwwjViRqbmyrHgs1rNuIpHIQfMG6zcM1cvY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25d9e8afb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

addresseepaper.com/sfp.js

0.0.0.0

0 B

URL GET
addresseepaper.com/sfp.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://send.cm/d/LHUG

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

accounts.google.com/v3/signin/identifier?dsh=S-788054214%3A1685189356075418&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneG6b5AVnkRdDJkbyYTwj2rGJJP4Pq6T77g95cwTvuQFrYhM848FJO9JI157PLnntx6LKkVx&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

216.58.207.237

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?dsh=S-788054214%3A1685189356075418&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneG6b5AVnkRdDJkbyYTwj2rGJJP4Pq6T77g95cwTvuQFrYhM848FJO9JI157PLnntx6LKkVx&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?dsh=S-788054214%3A1685189356075418&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneG6b5AVnkRdDJkbyYTwj2rGJJP4Pq6T77g95cwTvuQFrYhM848FJO9JI157PLnntx6LKkVx&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 12:09:16 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-I3M8FIgR-JP3R1ZN1jMmyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

chalaips.com/5/4277204/?oo=1&aab=1

139.45.197.242

200 OK

2.8 kB

URL GET HTTP/2
chalaips.com/5/4277204/?oo=1&aab=1
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://send.cm/d/LHUG
Certificate
IssuerLet's Encrypt
Subjectchalaips.com
Fingerprint28:94:6E:5D:AE:BB:B3:9F:3B:95:34:54:7C:9C:4E:C9:58:2F:F3:00
ValidityTue, 21 Mar 2023 11:43:54 GMT - Mon, 19 Jun 2023 11:43:53 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2990), with no line terminators
Size
2.8 kB (2750 bytes)
Hash
2f0d69e61574053ac5902e075b0399e2
1f34241471a79d5f0d74a22d10d3bed3fe3da8ae
2b9cff486e084acaff5b60a576e1af1ef794daa3d77e0a3117b607380f019642

HTTP Headers

GET /5/4277204/?oo=1&aab=1 HTTP/1.1
Host: chalaips.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:09:16 GMT
content-type: application/json
x-trace-id: f219152f8a6a41e8ab74171c301202f8
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=4545a7d8854644faa878bb79f947f731; expires=Sun, 26 May 2024 12:09:16 GMT; path=/; secure; SameSite=None
oaidts=1685189356; expires=Sun, 26 May 2024 12:09:16 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

send.cm/static/js/lwcnCookieNotice.js

172.67.70.55

200 OK

53 kB

URL GET HTTP/3
send.cm/static/js/lwcnCookieNotice.js
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
HTML document, ASCII text, with very long lines (53401), with no line terminators
Size
53 kB (53401 bytes)
Hash
80ac9c6d6785b91485916869cade2107
181b8192bfad99ae60bfd12d7912301d526e5a25
dca3e0c9cbb4489fc71e12ab3020c2ee13e53c647eb50ce597813969732b570a

HTTP Headers

GET /static/js/lwcnCookieNotice.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c6f6a9f10f28066c.1685189355.; _pk_ses.1.43ee=1; c_7hyj5tegwm4sd2=lpbgegsvzsz6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:15 GMT
content-type: application/javascript; charset=utf8
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-control: max-age=259200
cf-bgj: minify
etag: W/"d099-5d5ec913f5674-gzip"
expires: Sat, 27 May 2023 12:03:40 GMT
last-modified: Wed, 19 Jan 2022 10:08:29 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNJYff%2FBf13N9K5KpiILKeIwbdmQs7osl2vx7hY3O5mvdfe6PCIUt6ZmPxFdD%2BMO6cwpPnwyW2kEQNF9OuwmF3JWNxa9aPeedfIcUCI6ayHL%2BOY9BMdnd0s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25deffe3b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/static/js/jquery.min.js

172.67.70.55

200 OK

93 kB

URL GET HTTP/3
send.cm/static/js/jquery.min.js
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
ASCII text, with very long lines (32072)
Size
93 kB (93064 bytes)
Hash
bdce12c949e78d570c8d44e9c2b23508
9afdc4fec954646bd6270caf82f107fdef605bc5
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

HTTP Headers

GET /static/js/jquery.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:14 GMT
content-type: application/javascript; charset=utf8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
last-modified: Sat, 26 Sep 2020 12:00:16 GMT
etag: W/"16b88-5b0362d29f400-gzip"
vary: Accept-Encoding
expires: Sat, 27 May 2023 12:09:44 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xAOaw15A8x9c5SjTgjBCN93NkHMoPuxmtLBVyE7p1IAMizC4rZhxU7dzhH0nlbhhdS7AgGJx6kuUo8PmUKm4CZLyWU7ikB7n3Mfv6isJ1alwmtrgN1YHdk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25d9e8a0b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.hostip.info/get_json.php

172.67.129.45

200 OK

102 B

URL GET HTTP/2
api.hostip.info/get_json.php
IP
172.67.129.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerLet's Encrypt
Subjecthostip.info
FingerprintB2:23:7B:16:C8:AC:B7:DC:3A:6F:4B:8F:3D:F9:DB:B4:E3:FC:B6:84
ValidityTue, 16 May 2023 04:51:55 GMT - Mon, 14 Aug 2023 04:51:54 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
498534132300725e25df970e7ed16c98
c7952a865346582558a9301e461c3a3127b2594e
76fd08fc6780ba0c9001bb03ce8af924da37d2d60e5d021054ec1c41e95a60b0

HTTP Headers

GET /get_json.php HTTP/1.1
Host: api.hostip.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 12:09:16 GMT
content-type: application/json; charset=iso-8859-1
expires: Sun, 28 May 2023 12:09:16 GMT
last-modified: Sat, 27 May 2023 12:09:16 GMT
cache-control: public, max-age=86400
pragma: !invalid
access-control-allow-origin: *
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9E%2FKliNZvJ48kM6J13%2FaBMXBrWvsJKrnvCP4P56GuEuc%2BEoFy7VzytuYmi99bFCqOODjBxPkhs0%2B55gV62WhscJSDF%2BYR7hlPbPzwHjm3mPfxXiC1rZw7LC6dJz2KLg4quE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25e69d64b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

send.cm/cdn-cgi/challenge-platform/h/b/cv/result/7cde25d74d20b512

172.67.70.55

200 OK

2 B

URL POST HTTP/3
send.cm/cdn-cgi/challenge-platform/h/b/cv/result/7cde25d74d20b512
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/cv/result/7cde25d74d20b512 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12353
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c6f6a9f10f28066c.1685189355.; _pk_ses.1.43ee=1; c_7hyj5tegwm4sd2=lpbgegsvzsz6; __cf_bm=XDM8D.duvVmHDQGbq8td7COCFSuZE84gTv6GhNZn6.Q-1685189355-0-ARot0JUpI71QIWeTzudRTLfc5Pe6RVHEjxa46cWvG2AHls3MHF4ybzdMmcCP98dftzce8TMN2SONmik2KG734X+F6HBDEJW9tuGrywyOFBnp; _lr_retry_request=true; _lr_env_src_ats=false; dom3ic8zudi28v8lr6fgphwffqoz0j6c=873ea80c-616a-478b-a7f9-a88ae8a1df49%3A3%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:17 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=8vL9fu6nnYAH390XsycvsWL._BY9Dzwt0zaRAuV45D0-1685189357-0-ASegLwFEphY1aEtj8t0+/99+2qbYrQDA52O5+WIwNeBuwoVr41ku+NlCq2UqjBPsuAASH5BOGVljTswq5k0hUczNZIXBCi8H1ju+6b9w/pE6; path=/; expires=Sat, 27-May-23 12:39:17 GMT; domain=.send.cm; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wormISkuNhfg3XuVvMC2BaBwT%2FqAYMEGtRTr9SUA5BQ2H5bbkONA6aCwEANWFXVnocBQpBhj1PoSYT%2Bqz5GEo09Ghj1ljff%2F3B8vpEDao7sIYB4xdVQM1oU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25e93f79b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

172.67.70.55

200 OK

12 kB

URL GET HTTP/3
send.cm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
172.67.70.55:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT

File type
ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/LHUG
Cookie: c_7hyj5tegwm4sd1=lpbgegsvzsz6; aff=1731; lang=english; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZo9e3Fh2Xup6Wg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 12:09:14 GMT
content-type: application/javascript
last-modified: Thu, 25 May 2023 08:39:22 GMT
etag: W/"646f1eba-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJApWBJMh9fRr0W7RkmckQcapkwSqfarnoFDks3c14a1Xp2jxmJA5anm9WnU5zJUWlO%2F68V1ZYFZpJL2%2BAC8o6mYiuu7AmgPaQuHIblla2aCGKVBBCyG2OE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cde25d9e8b0b4f7-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 29 May 2023 12:09:14 GMT
cache-control: max-age=172800, public
content-encoding: gzip

cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

104.16.89.20

200 OK

1.6 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
IP
104.16.89.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/LHUG
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDD:2E:D1:50:F1:3B:79:16:36:22:E7:0A:FD:E6:E7:35:C7:1A:42:6E
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1738), with no line terminators
Size
1.6 kB (1600 bytes)
Hash
04418021eead996ecace53ccb711fd8b
a48ea4831e2e798184457b15fd9479daf6bb9127
b5801c2beb347008edeb99c9b6e5a15c1d1348c2ff184aac14aed0c2dae5b069

HTTP Headers

GET /gh/prebid/currency-file@1/latest.json HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 12:09:14 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.0.1706
x-jsd-version-type: version
etag: W/"640-J/bDiMmADhbOR0K46f1BfsfxsyQ"
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1671-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 28035
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLADMvVCIyUNXhn2JW%2BevOCilW6ohOkwDrmi5oGrE3w9%2BS1KmypKm2osDyw7mM22oOZ4bZeYgMF3iCJLfTcVVNi6Z9oHyRyKdTVCue%2BK70DakYejgXM0w5LJJK0%2BblWFThY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cde25dc8a890b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

0.0.0.0

0 B

URL GET
dismantlepenantiterrorist.com/pxf.gif?uuid=873ea80c-616a-478b-a7f9-a88ae8a1df49&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=12
IP
0.0.0.0:0
ASN
#0

Requested by
https://send.cm/d/LHUG

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=873ea80c-616a-478b-a7f9-a88ae8a1df49&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=12 HTTP/1.1
Host: dismantlepenantiterrorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

216.58.207.237

302 Found

0 B

URL GET HTTP/3
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://send.cm/d/LHUG
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
set-cookie: __Host-GAPS=1:iRUCML0Oo99BWZHdnUJKxTrS-tF4Zw:ZLzNx2ivUMD01ix_; Expires=Mon, 26-May-2025 12:09:17 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 12:09:17 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneG23YqYho1w640wPMcuHMYR42Chaqg96GpOr4G03pMmPCVNeSe4kyxQPH6QPTnLOeXVPNfb
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-oFTflo9nN7_KFBOr5fWm_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

chalaips.com/?rb=iKx9QjpXFJl7UbfLdREiAcsUN_b5bD0zHxv2ZQb4ln077bOsZuWNovKSeXZxypQWntoHl_aFd2zrFBUG4wFLB6l0No3OqSZq_15v4Z8ciGfCoG4JeQYJR0slqocG-2VIWdKBoAKHlJfPIGqPfdKK5iTDOaCJC4jixLux-XzkmYTNMNeop3NRzcP8F7NOCl9xpoH-Y-FM7JnBndeSLJEnaQ%3D%3D&request_ab2=0&zoneid=4277204&js_build=iclick-v1.547.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=6&pl=https%3A%2F%2Fsend.cm%2Fd%2FLHUG&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.547.0&bs=13f4ccdb-fa55-449a-ae6c-ff3de7dd6937&userId=4545a7d8854644faa878bb79f947f731&m=link

139.45.197.242

200 OK

1.7 kB

URL GET HTTP/2
chalaips.com/?rb=iKx9QjpXFJl7UbfLdREiAcsUN_b5bD0zHxv2ZQb4ln077bOsZuWNovKSeXZxypQWntoHl_aFd2zrFBUG4wFLB6l0No3OqSZq_15v4Z8ciGfCoG4JeQYJR0slqocG-2VIWdKBoAKHlJfPIGqPfdKK5iTDOaCJC4jixLux-XzkmYTNMNeop3NRzcP8F7NOCl9xpoH-Y-FM7JnBndeSLJEnaQ%3D%3D&request_ab2=0&zoneid=4277204&js_build=iclick-v1.547.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=6&pl=https%3A%2F%2Fsend.cm%2Fd%2FLHUG&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.547.0&bs=13f4ccdb-fa55-449a-ae6c-ff3de7dd6937&userId=4545a7d8854644faa878bb79f947f731&m=link
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://send.cm/d/LHUG
Certificate
IssuerLet's Encrypt
Subjectchalaips.com
Fingerprint28:94:6E:5D:AE:BB:B3:9F:3B:95:34:54:7C:9C:4E:C9:58:2F:F3:00
ValidityTue, 21 Mar 2023 11:43:54 GMT - Mon, 19 Jun 2023 11:43:53 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1742), with no line terminators
Size
1.7 kB (1722 bytes)
Hash
e75d29e848cdfe6920a355815d5366e1
7f814c9ff428a9ddaf55bc3414d80a215180bcd8
5639f0497069822d6214558584f6eb8b7821a5d3902ea640f8b88cde9dcf7ca7

HTTP Headers

GET /?rb=iKx9QjpXFJl7UbfLdREiAcsUN_b5bD0zHxv2ZQb4ln077bOsZuWNovKSeXZxypQWntoHl_aFd2zrFBUG4wFLB6l0No3OqSZq_15v4Z8ciGfCoG4JeQYJR0slqocG-2VIWdKBoAKHlJfPIGqPfdKK5iTDOaCJC4jixLux-XzkmYTNMNeop3NRzcP8F7NOCl9xpoH-Y-FM7JnBndeSLJEnaQ%3D%3D&request_ab2=0&zoneid=4277204&js_build=iclick-v1.547.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=6&pl=https%3A%2F%2Fsend.cm%2Fd%2FLHUG&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.547.0&bs=13f4ccdb-fa55-449a-ae6c-ff3de7dd6937&userId=4545a7d8854644faa878bb79f947f731&m=link HTTP/1.1
Host: chalaips.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Cookie: OAID=4545a7d8854644faa878bb79f947f731; oaidts=1685189356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:09:17 GMT
content-type: application/json
x-trace-id: d9398cd04121af94da8a74d7945d0b71
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=4545a7d8854644faa878bb79f947f731; expires=Sun, 26 May 2024 12:09:17 GMT; path=/; secure; SameSite=None
oaidts=1685189357; expires=Sun, 26 May 2024 12:09:17 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 03 Jun 2023 12:09:17 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

godpvqnszo.com/get/1951167?zoneid=1951167&jp=_cl0m5gc4k53p6ozmm9wdi5&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&cid=8836164847534176

62.122.171.6

200 OK

3.7 kB

URL GET HTTP/2
godpvqnszo.com/get/1951167?zoneid=1951167&jp=_cl0m5gc4k53p6ozmm9wdi5&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&cid=8836164847534176
IP
62.122.171.6:443
ASN
#50245 Serverel Inc.

Requested by
https://send.cm/d/LHUG
Certificate
IssuerBuypass AS-983163327
Subject
FingerprintA3:18:81:46:21:23:25:D9:B2:A0:C9:DF:CC:95:3B:39:2C:75:77:82
ValiditySun, 05 Feb 2023 10:50:47 GMT - Thu, 03 Aug 2023 21:59:00 GMT

File type
ASCII text, with very long lines (4062), with no line terminators
Size
3.7 kB (3732 bytes)
Hash
77224e9a46b058059ab728a81efcbf14
e5339c51858e9c6b456d5c7d8dcdaf718d0b1f65
764bf87fddfa10ed741530707453b2c7e421370c397f065396ec5f476bab7eae

HTTP Headers

GET /get/1951167?zoneid=1951167&jp=_cl0m5gc4k53p6ozmm9wdi5&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&cid=8836164847534176 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: UID=230527070950542e6d31944d4bbd4e4f739e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:09:15 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (42)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash