send.cm/qr/1035V
104.26.1.171200 OK 339 B IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type PNG image data, 135 x 135, 1-bit grayscale, non-interlaced\012- data
Hash d8d1b1a5773662d4691dd9d08287329e
33bb9a6fdc4526e93c077e7042ab9b914098e232
4f4e30fc8298d464bb71edf6f943adcf1bba69380531ec514d8fa6394b32d1e2
GET /qr/1035V HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/g6rvxz31ok5p
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: image/png
content-length: 339
content-transfer-encoding: binary
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noauQHgUoaPmnQLFpbZhX2iTPSM2nPG5HsHlxzOFbw%2F%2BUco5ZDOYbd3tiMyhWMU28Ug4OinWMZtsd3k%2Fgb1n5LgreeM2orj2ajfkmhoZ3Lafm%2FImZRfFrFA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74d9fa88568a-OSL
alt-svc: h3=":443"; ma=86400
d2dkurdav21mkk.cloudfront.net/?rukdd=984022
54.230.241.157200 OK 55 kB URL GET HTTP/2 d2dkurdav21mkk.cloudfront.net/?rukdd=984022
IP 54.230.241.157:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash acafddb53d9b57ceb1f2a106fb6a3c0d
4c59dc0b1206b5470656352b91513b7c6f99b5a6
d1193baa10e5e479467b6015af9f75902f9d81b29c35356b32a15a8c968e8472
GET /?rukdd=984022 HTTP/1.1
Host: d2dkurdav21mkk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 54826
date: Sat, 02 Dec 2023 23:13:53 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YEm8VkPWFkgbMEIXFffd5MYX9JaA1220CRqy4zDEZdS-3W8leipkIg==
age: 64943
X-Firefox-Spdy: h2
send.cm/static/css/dl.min.css
104.26.1.171200 OK 110 kB URL GET HTTP/3 send.cm/static/css/dl.min.css
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 110 kB (109922 bytes)
Hash 3e85e3b581d51ddba21136119002fc2d
038a7216f7187936b4f4e5bee0975bf44e3e1449
dde25a807ebc087b35d1bbe9b3030ea528a52e414ce29a7894abd937bf67e7c6
GET /static/css/dl.min.css HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/g6rvxz31ok5p
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: text/css
last-modified: Thu, 07 Sep 2023 13:24:21 GMT
etag: W/"2bee9-604c4c72211a7-gzip"
vary: Accept-Encoding
expires: Sun, 03 Dec 2023 16:59:44 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1660
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFVERM6JYvYOodgjeCtokJEy5nYjDfRSHhQbY0DZ6H0yewtYHEBPsU%2BTx0p5sfruDbdO3BzL61lyh7Q7k2z%2BWtELCs8%2F0bcL%2B0KLVRNa4nrX3f3yBwtes0c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74d9ea79568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
send.cm/assets/js/dashforge.js
104.26.1.171200 OK 78 kB URL GET HTTP/3 send.cm/assets/js/dashforge.js
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type ASCII text, with very long lines (366)
Hash 6ede26a7d7238a4ed67bcbdb67b30bb6
581c80a8cfec9844478e3b99b7774221c78d2be9
ccc7d942a1cfa3c238044a4885889799d7b215b5b29b2c48f5db28bececc2040
GET /assets/js/dashforge.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/g6rvxz31ok5p
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: application/javascript; charset=utf8
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-control: max-age=259200
cf-bgj: minify
cf-polished: origSize=3370
etag: W/"d2a-5d2f044f765a3-gzip"
expires: Sun, 03 Dec 2023 17:12:34 GMT
last-modified: Sun, 12 Dec 2021 10:17:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9O1Wniu27r3C9V7xwxzUun%2FNcGxRenIUfdrLBWXfC3Ce0cLg5ZTkUDfitvaa66n0C%2F2yBdvjE2%2BAaEYwMr3YLYxOKk0m4MAASpxRcLv5%2F32Hrx167E4R14%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74d9fa91568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
send.cm/lib/perfect-scrollbar/perfect-scrollbar.min.js
104.26.1.171200 OK 87 kB URL GET HTTP/3 send.cm/lib/perfect-scrollbar/perfect-scrollbar.min.js
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type ASCII text, with very long lines (18216)
Hash 4a10bcfa0a9c9fa9d503b5a498cac31e
c4f6c403e99fb37cb496c3844b332823db7c5837
a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634
GET /lib/perfect-scrollbar/perfect-scrollbar.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/g6rvxz31ok5p
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: application/javascript; charset=utf8
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
etag: W/"4773-5ae64b14b0680-gzip"
vary: Accept-Encoding
expires: Sun, 03 Dec 2023 16:58:55 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBS2HSP1rzetMXMmlmvTSd%2FfiCRLy86ZkYO9VT5QgqmahOOtEI6p6sj3zkpZRL8XS0n9tp1cirN4M1ZETJBRESWMHnNu6ZEylotLtQGjrTww%2Bs%2BB%2F7X3EBI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74d9fa92568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fvcwqkkqmuv.com/solid.gif?z=1951167&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=111517616166400&eclog=0&sp=1&im=1
212.117.190.201200 OK 43 B URL POST HTTP/2 fvcwqkkqmuv.com/solid.gif?z=1951167&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=111517616166400&eclog=0&sp=1&im=1
IP 212.117.190.201:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerBuypass AS-983163327
Subject
FingerprintF4:CF:5F:33:5D:62:A5:49:C0:ED:F4:A2:07:7B:6A:FC:5A:C8:EE:2D
ValiditySat, 28 Oct 2023 11:35:09 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1951167&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=111517616166400&eclog=0&sp=1&im=1 HTTP/1.1
Host: fvcwqkkqmuv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Sun, 05 Jan 2025 17:16:16 GMT; Secure; SameSite=None
UID=2312031216593f35276d7246c092f524f81f; Path=/; Expires=Sun, 05 Jan 2025 17:16:16 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ldrenandthe.org/ckJWOWJdfTVKXz8sOkswHAcVbTRDcwV4Fj4aZWsqMSlnbQEnG3BNCxZ/bwFWQnBkHxIbJmsIRAE2N00XAX9nHwscJDkERAR/ZxdRRmxlDUxCZCMEU1Q2JlgFT3NwSRYGLmsIVUJzYAtRRXpnAFJC
104.21.20.207204 No Content 0 B URL GET HTTP/2 ldrenandthe.org/ckJWOWJdfTVKXz8sOkswHAcVbTRDcwV4Fj4aZWsqMSlnbQEnG3BNCxZ/bwFWQnBkHxIbJmsIRAE2N00XAX9nHwscJDkERAR/ZxdRRmxlDUxCZCMEU1Q2JlgFT3NwSRYGLmsIVUJzYAtRRXpnAFJC
IP 104.21.20.207:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectldrenandthe.org
FingerprintB1:E1:DF:C0:4E:E7:2F:9B:70:DF:D1:CA:75:2B:47:98:1B:CC:5F:BB
ValidityWed, 29 Nov 2023 06:03:19 GMT - Tue, 27 Feb 2024 06:03:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ckJWOWJdfTVKXz8sOkswHAcVbTRDcwV4Fj4aZWsqMSlnbQEnG3BNCxZ/bwFWQnBkHxIbJmsIRAE2N00XAX9nHwscJDkERAR/ZxdRRmxlDUxCZCMEU1Q2JlgFT3NwSRYGLmsIVUJzYAtRRXpnAFJC HTTP/1.1
Host: ldrenandthe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 03 Dec 2023 17:16:16 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMj9CtD4RyzY97cxH2Ra7L1RKTPnxQZqZ11giYA%2Bhq87KeXKLW4TVBqrS3kIYX8vRRTFTsfuFqlty90kKNny2T8IgXVkmD7Tq6M3Q282Y84wWnlzmxYSX3OD68u9f%2FV4yb0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74dbfe4b56b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
send.cm/lib/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
104.26.1.171200 OK 74 kB URL GET HTTP/3 send.cm/lib/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type Web Open Font Format (Version 2), TrueType, length 74256, version 329.-17761\012- data
Hash 418dad87601f9c8abd0e5798c0dc1feb
a6b003ef506e92d05cde73adf67487d7fd7ec6df
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
GET /lib/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/lib/@fortawesome/fontawesome-free/css/fa.min.css
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421; __PPU___PPU_SESSION_URL=%2Fg6rvxz31ok5p
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: font/woff2
content-length: 74256
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
etag: "12210-5ae64b14b0680"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cache-control: max-age=259200
cf-cache-status: HIT
age: 3268
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oyyClyzNt0etJnUg1EzaAdKNJyQF6ocyt78hgvgzEHXUplsWXmJpDpXYfvWbXvP8cJ%2FWf9O%2B3z%2FvL%2Fidc6SSh6%2Br20l7%2BAvkVaYkBOaqlMiPlIn6LFuiRU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd74dd0f1a568a-OSL
alt-svc: h3=":443"; ma=86400
lingrethertantin.com/Q0NFV0YiISY6eSJ+J3EzMS94cnQFZncRInEnLiI0JyIzZXcuKC55JS8sMDMgMSwrI2gtJjFydAUaJmcxdiIoGhcKciYaHgIgKQ8QJyIWZCEJFAMREAkoKhECEg09BCp2FgMwCAEGBxYOBBIDNAlyFnEGMXYmFGU2FQAyZxMgEX0HAhEBPRQDNAADLnIGGy4CDhMFHBUeJBYqBBcCEA0tKhYLFBUQDBUtDwIrNHcCBxoTADotDw8DDSIlAT0OE3IwcgIHEgsNEzIIF3QRAgoodAcTFg18FBMRFxM5f3QXdBECDHIEEhAWJzUULysEFA8+ARsDMxElcGgjFhYWCHJ0ARd1bhcOLXUdHnNyAQ0UOxoQLxczFCISCxUtcHJ0BRQDGQUlAik1E3MJNRR3LAUCPXMgBwQgCiISNiQTKA1wEXczBQc5AwplLyQpLTN4JHJ0JgovPDA3EG9wGw
52.85.242.99200 OK 1.2 kB URL GET HTTP/2 lingrethertantin.com/Q0NFV0YiISY6eSJ+J3EzMS94cnQFZncRInEnLiI0JyIzZXcuKC55JS8sMDMgMSwrI2gtJjFydAUaJmcxdiIoGhcKciYaHgIgKQ8QJyIWZCEJFAMREAkoKhECEg09BCp2FgMwCAEGBxYOBBIDNAlyFnEGMXYmFGU2FQAyZxMgEX0HAhEBPRQDNAADLnIGGy4CDhMFHBUeJBYqBBcCEA0tKhYLFBUQDBUtDwIrNHcCBxoTADotDw8DDSIlAT0OE3IwcgIHEgsNEzIIF3QRAgoodAcTFg18FBMRFxM5f3QXdBECDHIEEhAWJzUULysEFA8+ARsDMxElcGgjFhYWCHJ0ARd1bhcOLXUdHnNyAQ0UOxoQLxczFCISCxUtcHJ0BRQDGQUlAik1E3MJNRR3LAUCPXMgBwQgCiISNiQTKA1wEXczBQc5AwplLyQpLTN4JHJ0JgovPDA3EG9wGw
IP 52.85.242.99:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerAmazon
Subjectlingrethertantin.com
Fingerprint05:43:5F:62:44:4A:F8:16:0D:0E:1F:DC:05:AA:39:FF:6E:4C:56:B8
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3044), with no line terminators
Hash 45684981885ea124e24725210423c209
ea18e0e96a191868dcd572a2363a360e9d203ca4
9a5261daf0aa19ec1ece1c8e0199fd5473c2d104fb86a813ecdcd28499bfe610
GET /Q0NFV0YiISY6eSJ+J3EzMS94cnQFZncRInEnLiI0JyIzZXcuKC55JS8sMDMgMSwrI2gtJjFydAUaJmcxdiIoGhcKciYaHgIgKQ8QJyIWZCEJFAMREAkoKhECEg09BCp2FgMwCAEGBxYOBBIDNAlyFnEGMXYmFGU2FQAyZxMgEX0HAhEBPRQDNAADLnIGGy4CDhMFHBUeJBYqBBcCEA0tKhYLFBUQDBUtDwIrNHcCBxoTADotDw8DDSIlAT0OE3IwcgIHEgsNEzIIF3QRAgoodAcTFg18FBMRFxM5f3QXdBECDHIEEhAWJzUULysEFA8+ARsDMxElcGgjFhYWCHJ0ARd1bhcOLXUdHnNyAQ0UOxoQLxczFCISCxUtcHJ0BRQDGQUlAik1E3MJNRR3LAUCPXMgBwQgCiISNiQTKA1wEXczBQc5AwplLyQpLTN4JHJ0JgovPDA3EG9wGw HTTP/1.1
Host: lingrethertantin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1194
date: Sun, 03 Dec 2023 17:16:16 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 b4b5a8fc69875a192be2508de7e5a5e8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: _d7v5MzUDTH6Vx9mHTNx7YgTWXrmYoQ7bOiflCaAnHbqaotB6Ej5jw==
X-Firefox-Spdy: h2
send.cm/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
104.26.1.171200 OK 3.4 kB URL GET HTTP/3 send.cm/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type ASCII text, with very long lines (7372), with no line terminators
Hash edc215a1643e4a025f8c49a096564f72
9ed48d462519595ba71f4d6fc08af77151f70c7d
a1f987ac313fd73c14076b1ce8bfc04df66ff09991b42e0676d857d6f7c7717e
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421; __PPU___PPU_SESSION_URL=%2Fg6rvxz31ok5p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mO%2Bn6mcibYqr61%2FUbn7bdbgPuEBCH8D8DVfpma%2BPA4hTQVuEZUbwunBt4FYUgiko1cjkmTbpLDWE4z6uqHtsjIFC%2BWQUjzuLBXdQQ%2BX001n60nZwXO3sGIU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74ddcfec568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
send.cm/lib/bootstrap/js/bootstrap.bundle.min.js
104.26.1.171200 OK 23 kB URL GET HTTP/3 send.cm/lib/bootstrap/js/bootstrap.bundle.min.js
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type ASCII text, with very long lines (65297)
Hash a454220fc07088bf1fdd19313b6bfd50
265a733cb7fbc481fd2510a659a85ad55c93c895
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
GET /lib/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/g6rvxz31ok5p
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: application/javascript; charset=utf8
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
etag: W/"1332b-5ae64b14b0680-gzip"
vary: Accept-Encoding
expires: Sun, 03 Dec 2023 17:15:00 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1658
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGkSw53ZN%2FPx8TfEnvh%2BPRxC83rxvgrNFI8WECOCN%2F5kahN21zB6ZlRUri2GKCgSkX3zswwB94I%2B4zgXi1qxlyT%2FOdgBnBu6FF4a2VRAE5oqFtxVT3mXXN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74dc7e52568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
walker.send.cm/s.php?action_name=send.cm%2Fg6rvxz31ok5p&idsite=1&rec=1&r=019806&h=17&m=16&s=22&url=https%3A%2F%2Fsend.cm%2Fg6rvxz31ok5p&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=PdUsP2&pf_net=23&pf_srv=191&pf_tfr=94&pf_dm1=454&uadata=%7B%7D
104.26.1.171204 No Content 0 B URL POST HTTP/3 walker.send.cm/s.php?action_name=send.cm%2Fg6rvxz31ok5p&idsite=1&rec=1&r=019806&h=17&m=16&s=22&url=https%3A%2F%2Fsend.cm%2Fg6rvxz31ok5p&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=PdUsP2&pf_net=23&pf_srv=191&pf_tfr=94&pf_dm1=454&uadata=%7B%7D
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /s.php?action_name=send.cm%2Fg6rvxz31ok5p&idsite=1&rec=1&r=019806&h=17&m=16&s=22&url=https%3A%2F%2Fsend.cm%2Fg6rvxz31ok5p&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=PdUsP2&pf_net=23&pf_srv=191&pf_tfr=94&pf_dm1=454&uadata=%7B%7D HTTP/1.1
Host: walker.send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/3 204 No Content
date: Sun, 03 Dec 2023 17:16:16 GMT
x-powered-by: PHP/8.2.13
tk: N
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlYbmOrWf2VB6nbsAmGZn74gs4%2Foj59Pcp%2F%2FSYr5AxgmxasL5NQI4bik0NNBEwxwPkZ5bfYQx2oxfmWOTjSD%2BKebATEE3GTBlzipsbg4sd0gWdfVVGdIoJmU13RsYPgr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74dd6f8b568a-OSL
alt-svc: h3=":443"; ma=86400
limurol.com/ssp/req/1951167/?pb=fccac8cea2a8987035d8c6d32cf3ef3b1701630976&psp=6vIcQLWAL9rl1PrVRHcrQKPzdaXD4GOmibp2eh0qFPpt_C_C5OM6N2AmucR7WXZZckMgSI60TMRhngi6ahi7NfZLNEN7TiLrx4ypBa1b8FEZGkl6JToTNQ6rgmyuuqmX6M2lCqupNeVzKT3OJlq8PdrbG4NKiEB7tUK2opU6-NjOnRRjYhTAMvjMOr8smlqLOeod5saYc2ztAkZ55cth1UphJt9o0c4e5g7yTTiYn8ZGeu1fsaqfAnuxe1amyacr2VjNEbRncV23LHKvNC9XZVWSAw-3_JSy-lZRWBVzOGTu_JQefoFpv_TqRT_mYkKh4AWcoGENbs906zMC2UjqIjPETwwKtLODUtWr9PWdoT7QNTvy8uQePGLH_R09FZxOLrQmp6OV7uYepJZB_wXC10rL2w6AamrgrWumARQTJI2izKhGqiOV1XT7Xy2htBa0gnG1bYQ01plaRhtdLoqRRTXMnVnkAiN9MvGeQd8PoE3wIksOPgAvOMdQ6yz4Bgjvbmhb8I3TpWVylq75RsQrF-iIGMkNqthnDDuUe554eVysXDrNqfdmo6t8Ng0zRNLBRYKDUreXH8M9o_7Lpw6AiFaz5mWumYPHlF2MAH53drDNM8SNz1nWQaeCwgCvGqP6_hAF95MEDSW1951X6rxJcRDbQUwOZ4ajohKGfR2eb2pBySnhe9jqiX6Ylhh950_dlNyIzW6vxHQKsPivKc2pj6uXWEhWAyEUEytRAyZc6AAu_XT5fBZjneBMeInlhxEpJHvGi7YiUVbit8IXhBlmtJtxGKL6itGfmy5Bw0LZRn8pj8RVPnm45vbFdiqrGDxKobvN9_UH4B5-URp-t9OFKn6QaGYZG9ziodPvr1lr79imURD8MOFGfKEorZLTB3k7Zy7bwHzpP-eMsu_s6M5wKygrk1mYDNWTP2fg2bPvUf9MS8iIcHFgg5hjMdwZ&im=1&cb=_cls6deont9dd6ynt79q7po&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=111517616166400&eclog=0&sp=1&im=1
212.117.190.201200 OK 7 B URL GET HTTP/2 limurol.com/ssp/req/1951167/?pb=fccac8cea2a8987035d8c6d32cf3ef3b1701630976&psp=6vIcQLWAL9rl1PrVRHcrQKPzdaXD4GOmibp2eh0qFPpt_C_C5OM6N2AmucR7WXZZckMgSI60TMRhngi6ahi7NfZLNEN7TiLrx4ypBa1b8FEZGkl6JToTNQ6rgmyuuqmX6M2lCqupNeVzKT3OJlq8PdrbG4NKiEB7tUK2opU6-NjOnRRjYhTAMvjMOr8smlqLOeod5saYc2ztAkZ55cth1UphJt9o0c4e5g7yTTiYn8ZGeu1fsaqfAnuxe1amyacr2VjNEbRncV23LHKvNC9XZVWSAw-3_JSy-lZRWBVzOGTu_JQefoFpv_TqRT_mYkKh4AWcoGENbs906zMC2UjqIjPETwwKtLODUtWr9PWdoT7QNTvy8uQePGLH_R09FZxOLrQmp6OV7uYepJZB_wXC10rL2w6AamrgrWumARQTJI2izKhGqiOV1XT7Xy2htBa0gnG1bYQ01plaRhtdLoqRRTXMnVnkAiN9MvGeQd8PoE3wIksOPgAvOMdQ6yz4Bgjvbmhb8I3TpWVylq75RsQrF-iIGMkNqthnDDuUe554eVysXDrNqfdmo6t8Ng0zRNLBRYKDUreXH8M9o_7Lpw6AiFaz5mWumYPHlF2MAH53drDNM8SNz1nWQaeCwgCvGqP6_hAF95MEDSW1951X6rxJcRDbQUwOZ4ajohKGfR2eb2pBySnhe9jqiX6Ylhh950_dlNyIzW6vxHQKsPivKc2pj6uXWEhWAyEUEytRAyZc6AAu_XT5fBZjneBMeInlhxEpJHvGi7YiUVbit8IXhBlmtJtxGKL6itGfmy5Bw0LZRn8pj8RVPnm45vbFdiqrGDxKobvN9_UH4B5-URp-t9OFKn6QaGYZG9ziodPvr1lr79imURD8MOFGfKEorZLTB3k7Zy7bwHzpP-eMsu_s6M5wKygrk1mYDNWTP2fg2bPvUf9MS8iIcHFgg5hjMdwZ&im=1&cb=_cls6deont9dd6ynt79q7po&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=111517616166400&eclog=0&sp=1&im=1
IP 212.117.190.201:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerBuypass AS-983163327
Subject
FingerprintF5:B7:17:E8:F4:87:B4:48:99:C9:D2:6D:DA:4A:E3:52:D3:E9:8C:0E
ValiditySat, 28 Oct 2023 13:52:28 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1951167/?pb=fccac8cea2a8987035d8c6d32cf3ef3b1701630976&psp=6vIcQLWAL9rl1PrVRHcrQKPzdaXD4GOmibp2eh0qFPpt_C_C5OM6N2AmucR7WXZZckMgSI60TMRhngi6ahi7NfZLNEN7TiLrx4ypBa1b8FEZGkl6JToTNQ6rgmyuuqmX6M2lCqupNeVzKT3OJlq8PdrbG4NKiEB7tUK2opU6-NjOnRRjYhTAMvjMOr8smlqLOeod5saYc2ztAkZ55cth1UphJt9o0c4e5g7yTTiYn8ZGeu1fsaqfAnuxe1amyacr2VjNEbRncV23LHKvNC9XZVWSAw-3_JSy-lZRWBVzOGTu_JQefoFpv_TqRT_mYkKh4AWcoGENbs906zMC2UjqIjPETwwKtLODUtWr9PWdoT7QNTvy8uQePGLH_R09FZxOLrQmp6OV7uYepJZB_wXC10rL2w6AamrgrWumARQTJI2izKhGqiOV1XT7Xy2htBa0gnG1bYQ01plaRhtdLoqRRTXMnVnkAiN9MvGeQd8PoE3wIksOPgAvOMdQ6yz4Bgjvbmhb8I3TpWVylq75RsQrF-iIGMkNqthnDDuUe554eVysXDrNqfdmo6t8Ng0zRNLBRYKDUreXH8M9o_7Lpw6AiFaz5mWumYPHlF2MAH53drDNM8SNz1nWQaeCwgCvGqP6_hAF95MEDSW1951X6rxJcRDbQUwOZ4ajohKGfR2eb2pBySnhe9jqiX6Ylhh950_dlNyIzW6vxHQKsPivKc2pj6uXWEhWAyEUEytRAyZc6AAu_XT5fBZjneBMeInlhxEpJHvGi7YiUVbit8IXhBlmtJtxGKL6itGfmy5Bw0LZRn8pj8RVPnm45vbFdiqrGDxKobvN9_UH4B5-URp-t9OFKn6QaGYZG9ziodPvr1lr79imURD8MOFGfKEorZLTB3k7Zy7bwHzpP-eMsu_s6M5wKygrk1mYDNWTP2fg2bPvUf9MS8iIcHFgg5hjMdwZ&im=1&cb=_cls6deont9dd6ynt79q7po&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=111517616166400&eclog=0&sp=1&im=1 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: CHCK=1; Path=/; Expires=Sun, 05 Jan 2025 17:16:16 GMT; Secure; SameSite=None
UID=2312031216aa4b16f8712e499ca8d769996a; Path=/; Expires=Sun, 05 Jan 2025 17:16:16 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
64.233.161.84302 Found 0 B URL GET HTTP/3 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 64.233.161.84:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:m5qE8tHExp75tQMvE25cw6r9G_KV2Q:YeGo_2Y0XmkL9eak; Expires=Tue, 02-Dec-2025 17:16:17 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 17:16:17 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp24htGSZXc1wG09Eo_NRvXoz8QiMu-tPsZ9cx0weF1XRd9BNuu2BHsLD16O9mm7LmoYMZ0h
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-_76z9u_5F6M-PsqqEUqssA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
64.233.161.84302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 64.233.161.84:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:JwKDgawjGIfLXfHW5T_zp7qGic5Aig:5RWepCnw0krPFvMf; Expires=Tue, 02-Dec-2025 17:16:17 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 17:16:17 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1b0bnW3-_I_gT9BhIqFegMBsfiWp9JK6Mo930w5xlcbCPlSNurCaKcye9KgEyz7-7IBAGO
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-Q9U9Z584ZuqRTdMiUHoong' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lingrethertantin.com/utx?cb=x0XGVr6fbpG7&top=send.cm&tid=984022
52.85.242.99204 No Content 0 B URL GET HTTP/2 lingrethertantin.com/utx?cb=x0XGVr6fbpG7&top=send.cm&tid=984022
IP 52.85.242.99:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerAmazon
Subjectlingrethertantin.com
Fingerprint05:43:5F:62:44:4A:F8:16:0D:0E:1F:DC:05:AA:39:FF:6E:4C:56:B8
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=x0XGVr6fbpG7&top=send.cm&tid=984022 HTTP/1.1
Host: lingrethertantin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 03 Dec 2023 17:16:17 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://send.cm
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 03 Dec 2023 17:17:17 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 b4b5a8fc69875a192be2508de7e5a5e8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 79kyjqhWEMHeeI61FStVlhbQ1iI9qeieU22dCvxPKWk2RxAMLtt6mA==
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp24htGSZXc1wG09Eo_NRvXoz8QiMu-tPsZ9cx0weF1XRd9BNuu2BHsLD16O9mm7LmoYMZ0h
64.233.161.84302 Found 404 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp24htGSZXc1wG09Eo_NRvXoz8QiMu-tPsZ9cx0weF1XRd9BNuu2BHsLD16O9mm7LmoYMZ0h
IP 64.233.161.84:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (396)
Hash 7a31fd40240b00941f31c0317390c394
a5386a5d7638f0f7937b8b40de68098a463b4b8d
9fc7ec51117ac4bcd9acbddc3d1c698d732ce0e22f897f7c96431325de1e3cb8
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp24htGSZXc1wG09Eo_NRvXoz8QiMu-tPsZ9cx0weF1XRd9BNuu2BHsLD16O9mm7LmoYMZ0h HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:3etikMf3fYrl2mVkLi4nTlQV0Vnlcg:-bP73PiKQnCeP3bE;Path=/;Expires=Tue, 02-Dec-2025 17:16:17 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 17:16:17 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1uzahTifFkl_VEAYl21WpFvShf6XyHhJwUnC_8CGGnxPxAEol9Bm_Pjj89MFJ-juBYr8EPfQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1928921092%3A1701623777269481&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-0arma-sZupDzx2_OM4-zvA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 404
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1b0bnW3-_I_gT9BhIqFegMBsfiWp9JK6Mo930w5xlcbCPlSNurCaKcye9KgEyz7-7IBAGO
64.233.161.84302 Found 407 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1b0bnW3-_I_gT9BhIqFegMBsfiWp9JK6Mo930w5xlcbCPlSNurCaKcye9KgEyz7-7IBAGO
IP 64.233.161.84:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (400)
Hash d3be5b6790abe2cd84c7ca3e05b4fec2
8e118ef699144210cc8299d9d45dc23f1cd8d5e1
21bfffba9c1fe7190518c33025c9217fb5cd570a5f35a62bd24c91991256551a
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1b0bnW3-_I_gT9BhIqFegMBsfiWp9JK6Mo930w5xlcbCPlSNurCaKcye9KgEyz7-7IBAGO HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:7IZ79iUe_0L6ay_Jc7mTUbFrkis52w:i8C4P56M14sMO_Yn;Path=/;Expires=Tue, 02-Dec-2025 17:16:17 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 17:16:17 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0k6JXr90IyAsn74i-7WeUZ5f5jodePyfBGA0IxhKz1gZhcoH55VFOeq7TUjij--aAUTUZsoQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1325168150%3A1701623777272075&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-0C-Y_dHxhX-pbNnGB6rjDw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 407
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d2dkurdav21mkk.cloudfront.net/Yc0w5amMQI1cMXAclXVdaS3gJWFFVJkoFDQNxSl5UFgNBEBAHGQFcO1U4Qw5eQ2pVCw0UcR8PDRBxCEwCFy4EXkUHPFYBXgUoSQASHzlUHQBVOVhXDhw2UAYPEmkLLFZdfBxYU1s7UAQHHDtKT1FDIk1PUUN9CURTVn97T1FDO1AEVUdpCihGQXxBXFdWf3-tPUUM+T09QMn0JX01DZRxYUxQpWgEMVn5/WFNCfAlbU0JpC1oFGj5cDAwLaQssUkN5F1pFBnEI
54.230.241.157 627 B URL d2dkurdav21mkk.cloudfront.net/Yc0w5amMQI1cMXAclXVdaS3gJWFFVJkoFDQNxSl5UFgNBEBAHGQFcO1U4Qw5eQ2pVCw0UcR8PDRBxCEwCFy4EXkUHPFYBXgUoSQASHzlUHQBVOVhXDhw2UAYPEmkLLFZdfBxYU1s7UAQHHDtKT1FDIk1PUUN9CURTVn97T1FDO1AEVUdpCihGQXxBXFdWf3-tPUUM+T09QMn0JX01DZRxYUxQpWgEMVn5/WFNCfAlbU0JpC1oFGj5cDAwLaQssUkN5F1pFBnEI
IP 54.230.241.157:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (885), with no line terminators
Hash f8b7699ae0f015ce1b43fa4b836097b5
821392788ac58279c958624906177d40320655d5
aa503a54c2c0e45242bd9d54d0f1141e279d173420d162f076635b3c03f59a61
GET /Yc0w5amMQI1cMXAclXVdaS3gJWFFVJkoFDQNxSl5UFgNBEBAHGQFcO1U4Qw5eQ2pVCw0UcR8PDRBxCEwCFy4EXkUHPFYBXgUoSQASHzlUHQBVOVhXDhw2UAYPEmkLLFZdfBxYU1s7UAQHHDtKT1FDIk1PUUN9CURTVn97T1FDO1AEVUdpCihGQXxBXFdWf3-tPUUM+T09QMn0JX01DZRxYUxQpWgEMVn5/WFNCfAlbU0JpC1oFGj5cDAwLaQssUkN5F1pFBnEI HTTP/1.1
Host: d2dkurdav21mkk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lingrethertantin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 627
date: Sun, 03 Dec 2023 17:16:17 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 09xyZ0lap-s_zeaqwCf6cVvIxm_f7tbMtO_hA0DeuVOfXL0hNYXaww==
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0k6JXr90IyAsn74i-7WeUZ5f5jodePyfBGA0IxhKz1gZhcoH55VFOeq7TUjij--aAUTUZsoQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1325168150%3A1701623777272075&theme=glif
64.233.161.84403 Forbidden 804 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0k6JXr90IyAsn74i-7WeUZ5f5jodePyfBGA0IxhKz1gZhcoH55VFOeq7TUjij--aAUTUZsoQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1325168150%3A1701623777272075&theme=glif
IP 64.233.161.84:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators
Hash aa57f61a8f7175256a5c9f1342a8cf08
be414840fb9fdbfdc9c4a28929234074db6b62b7
20bb16604cabe091eee34fbb4a79d1b37f10216255878edc68265a922496c6bf
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0k6JXr90IyAsn74i-7WeUZ5f5jodePyfBGA0IxhKz1gZhcoH55VFOeq7TUjij--aAUTUZsoQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1325168150%3A1701623777272075&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 17:16:17 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-FSQw6aR64lPXbIsHjpVtSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1uzahTifFkl_VEAYl21WpFvShf6XyHhJwUnC_8CGGnxPxAEol9Bm_Pjj89MFJ-juBYr8EPfQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1928921092%3A1701623777269481&theme=glif
64.233.161.84403 Forbidden 809 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1uzahTifFkl_VEAYl21WpFvShf6XyHhJwUnC_8CGGnxPxAEol9Bm_Pjj89MFJ-juBYr8EPfQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1928921092%3A1701623777269481&theme=glif
IP 64.233.161.84:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators
Hash 81c57435ed525eeca05bf73f1edb9009
742907092ab68c2b6e7473f442cc7132a35dfa8a
d89a5df634282e0853f3eefebaa7226fc97fc55ee91428ae3fd42923ff6b1aa8
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1uzahTifFkl_VEAYl21WpFvShf6XyHhJwUnC_8CGGnxPxAEol9Bm_Pjj89MFJ-juBYr8EPfQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1928921092%3A1701623777269481&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 17:16:17 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-MRfHlHF5WK5cIicXX9AzaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff
104.26.1.171200 OK 77 kB URL GET HTTP/3 send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type Web Open Font Format, TrueType, length 77420, version 1.1\012- data
Hash 2afba28a9ce96315436db858db163c47
550d4374a60527b4f68d4700019aaac11a9140a2
b51d665d9cfebb31a2b61491bf408a172a5791166a0eb99a57ae4a7acbcba0d4
GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421; __PPU___PPU_SESSION_URL=%2Fg6rvxz31ok5p; cf_clearance=b_bcFIjPwFwaJ2hsMgRQyC9ffEMFal9NUVqPuEIv4Qo-1701623777-0-1-730ca2d2.73a07051.5b213570-0.2.1701623777
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:18 GMT
content-type: font/woff
content-length: 77420
last-modified: Thu, 17 Sep 2020 12:29:21 GMT
vary: Accept-Encoding
etag: "5f6356a1-12e6c"
expires: Sat, 11 Nov 2023 16:43:34 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 743953
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFr3tmXZeHpfAHDKqEeyBxxIAixXJ1vhDixLlCwR2Keu7ccMs%2BATDdPi5TuQqhAbVcPpcsnvkIR63uP8GEr8FWA7En6rF%2BXrQ6AzAlhPjF7fvIfKDF2jFpg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74e48968568a-OSL
alt-svc: h3=":443"; ma=86400
ldrenandthe.org/popunder.gif
104.21.20.207200 OK 1.2 kB URL GET HTTP/3 ldrenandthe.org/popunder.gif
IP 104.21.20.207:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectldrenandthe.org
FingerprintB1:E1:DF:C0:4E:E7:2F:9B:70:DF:D1:CA:75:2B:47:98:1B:CC:5F:BB
ValidityWed, 29 Nov 2023 06:03:19 GMT - Tue, 27 Feb 2024 06:03:18 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash f3eeedaed090991c65ed3bb0d3018788
7c8668b3a78d3ef8ef29f791bc7f91be71f82f9c
67a20020e14a92ed380f241c408586f4613ec330c3e279dc2c1925f11cd60ffe
GET /popunder.gif HTTP/1.1
Host: ldrenandthe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:17 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 181847
last-modified: Fri, 01 Dec 2023 14:45:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrPAwedILjb81KAV1x%2BrxICN9DKrKKvJhBincD1NtycaHonuDl7UWpjRtuEk3HkqlBl%2BacEcY7Bn4Ds78zYZIGVeBmTXMg0BLDWcsC3oPOH3JeM9tm2gDIIS4QuF4ha0ozs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd74e2e836b4eb-OSL
alt-svc: h3=":443"; ma=86400
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff
104.26.1.171200 OK 82 kB URL GET HTTP/3 send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type Web Open Font Format, TrueType, length 81760, version 1.1\012- data
Hash 220843e2f1927e726e78ca63f426ce50
d86801f8452cda25025530f406773162decd1458
ae9310191397b69cd6dd015ba0c6f9d674f493d35384f29c9c7d23e3c7df0d24
GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421; __PPU___PPU_SESSION_URL=%2Fg6rvxz31ok5p; cf_clearance=b_bcFIjPwFwaJ2hsMgRQyC9ffEMFal9NUVqPuEIv4Qo-1701623777-0-1-730ca2d2.73a07051.5b213570-0.2.1701623777
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:18 GMT
content-type: font/woff
content-length: 81760
last-modified: Thu, 17 Sep 2020 12:29:20 GMT
vary: Accept-Encoding
etag: "5f6356a0-13f60"
expires: Sat, 11 Nov 2023 16:45:04 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 995647
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFJTCbY7bFnj5vkVu6nsEx%2F6bUFLvQI%2FSMK3hMMnYpvsyonmueBZw4fJq087bHG7NBk4G0O6inemQMPa4QMBo2DtYgmHtRzC8aG%2FhhjKCx7YT%2Fi%2FnTVMn%2F8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74e48965568a-OSL
alt-svc: h3=":443"; ma=86400
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff
104.26.1.171200 OK 82 kB URL GET HTTP/3 send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type Web Open Font Format, TrueType, length 82076, version 1.1\012- data
Hash dac78b0f1626eb1aa95d41b488e699c1
a377d0df34945fc45bdc030dc63139bd9cf28a2d
ee6d9467e82f91146b9f71f3ac572d66f4aeed0f261b30ef4765550edc11119d
GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421; __PPU___PPU_SESSION_URL=%2Fg6rvxz31ok5p; cf_clearance=b_bcFIjPwFwaJ2hsMgRQyC9ffEMFal9NUVqPuEIv4Qo-1701623777-0-1-730ca2d2.73a07051.5b213570-0.2.1701623777
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:18 GMT
content-type: font/woff
content-length: 82076
last-modified: Thu, 17 Sep 2020 12:29:20 GMT
vary: Accept-Encoding
etag: "5f6356a0-1409c"
expires: Sat, 11 Nov 2023 16:42:52 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 906282
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2OeGjSJiaxwbYGXXa1zsZP19B8D87GyX8k1VkSt%2B9KVH0g4Dd6%2F7CHX0c0CP1fzpeZBpTByAnKneO2CM6vwvutkHAyBxG7rrgSgYpegsnCw%2BqJQ3FgUhrM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74e4896a568a-OSL
alt-svc: h3=":443"; ma=86400
proftrafficcounter.com/stats
18.157.203.0200 OK 40 B URL GET HTTP/2 proftrafficcounter.com/stats
IP 18.157.203.0:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 6f5393ebf71edc7cdbc70f6353486337
de14d9fe972bd48f48910ceff45abc8e5e7ffbc5
f5f0a33d64344a0c990bc638ec5c19d524e61e892c8ee6d77fc92c5a348ba708
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:16:18 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://send.cm
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=1a9d4c3a-f391-48cc-973d-515b4a235904:2:1; expires=Wed, 30 Nov 2033 17:16:18 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
proftrafficcounter.com/stats
18.157.203.0200 OK 40 B URL GET HTTP/2 proftrafficcounter.com/stats
IP 18.157.203.0:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 740606dbea187e528e029185d55df495
c394d0de3db7035284bf0aaffc11d9e8baae022b
f3b0427048b449687616969950894bc30b4ba19c843d79b58024c2c112c891b1
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:16:18 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://send.cm
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=caaedc36-cd3c-45a7-9daf-2c283460cff0:3:1; expires=Wed, 30 Nov 2033 17:16:18 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
send.cm/cdn-cgi/challenge-platform/h/b/jsd/r/82fd74d62f4bb503
104.26.1.171200 OK 1 B URL POST HTTP/3 send.cm/cdn-cgi/challenge-platform/h/b/jsd/r/82fd74d62f4bb503
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type very short file (no magic)
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
POST /cdn-cgi/challenge-platform/h/b/jsd/r/82fd74d62f4bb503 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12180
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/g6rvxz31ok5p
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421; __PPU___PPU_SESSION_URL=%2Fg6rvxz31ok5p; cf_clearance=b_bcFIjPwFwaJ2hsMgRQyC9ffEMFal9NUVqPuEIv4Qo-1701623777-0-1-730ca2d2.73a07051.5b213570-0.2.1701623777
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:18 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=zXrHjhGwsNkn18iGxvQm8KgZYyg7zVQo0QTSGR5fLzE-1701623778-0-1-730ca2d2.73a07051.5b213570-0.2.1701623778; path=/; expires=Mon, 02-Dec-24 17:16:18 GMT; domain=.send.cm; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aAB%2B5d6XTk7N6vPLoi3jSLFMhi6VfjxW5BKVgcZZQWBxxGZrn226Gsxb1wBkZJtkm%2FbS8Xe18VUAWWUx%2FVdcmTbFhatxUb8DqYqCMPrv3%2BPBrVq8qRKg7o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74e60ba7568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
64.233.161.84302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 64.233.161.84:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:QQQdgvHkSjmTFEzf5lY2lF9w2Vspkw:lRfjLrkgCSCkwYC1; Expires=Tue, 02-Dec-2025 17:16:18 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 17:16:18 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1YVn384tgksrPRwBXHuwrXdMfIC9-L-4rT5IBOUro1V4TnXywzEtAW3ikUkjDIf6urvXx8vg
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-3tmnCLupZM1xUDcSS490uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
d25sca3heoa1so.cloudfront.net/5S0l2cFooJhgWZT8gEk1je3pOQWltIwUfNDt0ByJtHhFOBgMSbwIKPnZ5UBw7JS5LVj8lKktBfCotFE1ubT0GHzF2OwAKKTshDxIrP28DEWcmJgwZNicoU0IcfmdGVWh7YQEZNC8mAQN/eXkYBH95eUdAdHtsRTJ/eXkBGTR9fVNDGG57Rghsf2xFMn95eQ-QGf3gIR0BvZXlfVWh7LhMTMSRsRDZoe3hGQGt7eFNCai0gBBU8JDFTQhx6eUNeam08S0FvfHtDRGx4fEVJbXJ4RkE
54.230.241.78 558 B URL d25sca3heoa1so.cloudfront.net/5S0l2cFooJhgWZT8gEk1je3pOQWltIwUfNDt0ByJtHhFOBgMSbwIKPnZ5UBw7JS5LVj8lKktBfCotFE1ubT0GHzF2OwAKKTshDxIrP28DEWcmJgwZNicoU0IcfmdGVWh7YQEZNC8mAQN/eXkYBH95eUdAdHtsRTJ/eXkBGTR9fVNDGG57Rghsf2xFMn95eQ-QGf3gIR0BvZXlfVWh7LhMTMSRsRDZoe3hGQGt7eFNCai0gBBU8JDFTQhx6eUNeam08S0FvfHtDRGx4fEVJbXJ4RkE
IP 54.230.241.78:0
File type ASCII text, with very long lines (773), with no line terminators
Hash df0ac90d33de19b092c88cbf5ad33bf4
653e410b028cfe92b4541dc85353d21ee5df815e
99a7f4cb22c095a877e583b0e79660b08b7315de9bd66ad9481428b58b56878c
GET /5S0l2cFooJhgWZT8gEk1je3pOQWltIwUfNDt0ByJtHhFOBgMSbwIKPnZ5UBw7JS5LVj8lKktBfCotFE1ubT0GHzF2OwAKKTshDxIrP28DEWcmJgwZNicoU0IcfmdGVWh7YQEZNC8mAQN/eXkYBH95eUdAdHtsRTJ/eXkBGTR9fVNDGG57Rghsf2xFMn95eQ-QGf3gIR0BvZXlfVWh7LhMTMSRsRDZoe3hGQGt7eFNCai0gBBU8JDFTQhx6eUNeam08S0FvfHtDRGx4fEVJbXJ4RkE HTTP/1.1
Host: d25sca3heoa1so.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lingrethertantin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 558
date: Sun, 03 Dec 2023 17:16:18 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZCZkfE1dHWTk2ZkxG1l7xNRou2zSsts_cG1lRv5FRor3EuNHiyK6zQ==
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp2Eu9-JFJwo67t_5o0xpSGNiV5VZoZPtNIRu8DF6eIC7ww844gr8vSPyDPATR5i7EjTYx00TA
64.233.161.84302 Found 401 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp2Eu9-JFJwo67t_5o0xpSGNiV5VZoZPtNIRu8DF6eIC7ww844gr8vSPyDPATR5i7EjTYx00TA
IP 64.233.161.84:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (394)
Hash ae02f7f3c5ce6cc0dbde90c689ca4eda
e5db85f211140b5615c77f83e49ce06d05cfc77c
28b7df044b54ed2a0284baed8f9a57b281d4ae615e0466959916041a064b4d7e
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp2Eu9-JFJwo67t_5o0xpSGNiV5VZoZPtNIRu8DF6eIC7ww844gr8vSPyDPATR5i7EjTYx00TA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:T22Q2MHUmIqsiL-5DjF1Fm8wsbWjmw:yKcROLr_yI2BOL7o;Path=/;Expires=Tue, 02-Dec-2025 17:16:18 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 17:16:18 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1UasuNihruqV95qUIgO5udM-6ElkHJqiXNl9l6iJoS9P8G2S1yAMU9emZ2nuNW7uqnbsYLpg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S604892845%3A1701623778411517&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-t1-nEmjAtJqiTwhXaabV-A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 401
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1YVn384tgksrPRwBXHuwrXdMfIC9-L-4rT5IBOUro1V4TnXywzEtAW3ikUkjDIf6urvXx8vg
64.233.161.84302 Found 407 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1YVn384tgksrPRwBXHuwrXdMfIC9-L-4rT5IBOUro1V4TnXywzEtAW3ikUkjDIf6urvXx8vg
IP 64.233.161.84:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (398)
Hash ddeb31c91cb09512a2953bd99c0be791
de289986ef39f763eb73595d62ec2ff2c25d96b7
8531cfafe677d29516c071d0299faf3b5acc030cbcb16e9f1330f49968707c67
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1YVn384tgksrPRwBXHuwrXdMfIC9-L-4rT5IBOUro1V4TnXywzEtAW3ikUkjDIf6urvXx8vg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:a7XilxqynezByR7Qe6dTBeg1kKsXaw:Xhd9OViez38FCGQI;Path=/;Expires=Tue, 02-Dec-2025 17:16:18 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 17:16:18 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0BjZ4sFyyoJJPQpap7R-24Ax2aoZpXn98v1_z6IlJLIrqc0LTFS7Z2dQlOv7-5HBYSsnOsQQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S604567903%3A1701623778433096&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-j8IniCGIR7HrRyufs6KqAQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 407
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
evidenceguidance.com/9c/ed/24/9ced2453f41586bc39632e754938332a.json
173.233.137.36200 OK 401 B URL GET HTTP/1.1 evidenceguidance.com/9c/ed/24/9ced2453f41586bc39632e754938332a.json
IP 173.233.137.36:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerLet's Encrypt
Subjectevidenceguidance.com
Fingerprint73:DA:5D:A0:74:AB:D2:A0:E4:AD:F8:6A:1A:42:80:4C:E9:E5:01:99
ValiditySun, 26 Nov 2023 06:32:48 GMT - Sat, 24 Feb 2024 06:32:47 GMT
File type JSON data\012- , ASCII text, with very long lines (401), with no line terminators
Hash e408165a3fcbc35de54d4604992dedc1
58d12308e835d68ccf7547366fbf53ec084cbfe4
350b370ce9a79df77621c60a7e5a45774233302c1b59349d781727c9f763594e
GET /9c/ed/24/9ced2453f41586bc39632e754938332a.json HTTP/1.1
Host: evidenceguidance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 17:16:18 GMT
Content-Type: application/json
Content-Length: 401
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 05d0ca7a26f77107b9b8ff5d2e60c5ed
Strict-Transport-Security: max-age=0; includeSubdomains
evidenceguidance.com/9c/ed/24/9ced2453f41586bc39632e754938332a.json
173.233.137.36200 OK 410 B URL GET HTTP/1.1 evidenceguidance.com/9c/ed/24/9ced2453f41586bc39632e754938332a.json
IP 173.233.137.36:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerLet's Encrypt
Subjectevidenceguidance.com
Fingerprint73:DA:5D:A0:74:AB:D2:A0:E4:AD:F8:6A:1A:42:80:4C:E9:E5:01:99
ValiditySun, 26 Nov 2023 06:32:48 GMT - Sat, 24 Feb 2024 06:32:47 GMT
File type JSON data\012- , ASCII text, with very long lines (410), with no line terminators
Hash 6f3439b48a397616a262fefd38289031
91c4317edd3d869f1bbe7b0f87f9ed839070a946
b1b819944c91c377a227352c788c4b559d4b28f9d1c2f85050fa1ffd59617dc0
GET /9c/ed/24/9ced2453f41586bc39632e754938332a.json HTTP/1.1
Host: evidenceguidance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 17:16:18 GMT
Content-Type: application/json
Content-Length: 410
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7004d5e6689e3d1bae91f1fca205f67a
Strict-Transport-Security: max-age=0; includeSubdomains
friendshipmale.com/sfp.js
172.64.134.5200 OK 86 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP 172.64.134.5:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:16:18 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: a691e92a9d2dc09ff0fa6c0faf344748
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 03 Dec 2023 17:16:18 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxQMzilNss6INgmmdUxZlv0ujyfRYW9MhFWDXVujZ7zvuRg3NXvd08%2BTzQHAO6gxvJ4f%2FgpF%2FWr4SofHMvgUCHfj6p6ngKGiJ0a6do%2BE9PSgal2zeMQwtcU9hqe%2F8ZLLVHb51r8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd74e9cb3c60f7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
send.cm/static/css/auth.min.css
104.26.1.171200 OK 789 B URL GET HTTP/3 send.cm/static/css/auth.min.css
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type ASCII text, with very long lines (789), with no line terminators
Hash f095cdbc5703353ae870aa6fd1504bb8
395b5898fde4cb72dc30e7752bde4e68317fb299
d7091a28d7048b34315acc78d543eb1181751aec851df73f83da7d3b07081116
GET /static/css/auth.min.css HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/g6rvxz31ok5p
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: text/css
last-modified: Tue, 23 Mar 2021 17:04:40 GMT
etag: W/"315-5be372d95fefb-gzip"
vary: Accept-Encoding
expires: Sun, 03 Dec 2023 17:14:47 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1660
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Xs4Qv1whXj3vkDjpUoPQ9Npw55mGSCu91v%2BXpG%2Byg92zYtSYjo4QiwroEfmAmAp4UYG7W5tOGpS6ImDNfCtmbCpic0Bh3Oaj5qAOkf761%2FVApQNzoJZxbw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74d9ea7a568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
pogothere.xyz/
172.64.201.15200 OK 27 B IP 172.64.201.15:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash f187fffad80dc47286f13fc2eff1a95a
82332571a681890a32b2ec03788f1942c4f7b7e9
9a24d6628ec91ab5bbb132fa9bc1028ba8dffcea58785fb7d6e510edbbfdec79
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:16:17 GMT
content-type: text/plain
set-cookie: csu=1572546353979101@1@1701623777; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVAzcYEevqDIeqrCB2izr3ZXzWvQbWYpUss%2FDIYQ2ZH23kB8WiEVTA5Ka5m7Zah5ydbBhwIiV86Vl72nTnEPJdgXLNW7gUbv2styjpZhjPVO6gtoOwkdw%2FLAF2Q2f4Ox"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74dfe8ef7717-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
lingrethertantin.com/utx?cb=nQlC19s9YY7V&top=send.cm&tid=903813
52.85.242.99204 No Content 0 B URL GET HTTP/2 lingrethertantin.com/utx?cb=nQlC19s9YY7V&top=send.cm&tid=903813
IP 52.85.242.99:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerAmazon
Subjectlingrethertantin.com
Fingerprint05:43:5F:62:44:4A:F8:16:0D:0E:1F:DC:05:AA:39:FF:6E:4C:56:B8
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=nQlC19s9YY7V&top=send.cm&tid=903813 HTTP/1.1
Host: lingrethertantin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 03 Dec 2023 17:16:17 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://send.cm
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 03 Dec 2023 17:17:17 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 b4b5a8fc69875a192be2508de7e5a5e8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: kB-so3oDV8HFTgeDY9qq8mjd9MeBiMP_iD0999yDb0R0SghhY5E7VA==
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.134.5200 OK 86 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP 172.64.134.5:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:16:18 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 3af80d734f6cfca81435c9aec01bc3b1
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 03 Dec 2023 17:16:18 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANTQVkn3JoXAcZJ10K9Wrv9Ob4U6S45haZ5V4iGISIyEZAlnU0Hj8FThHT38%2BDP8L8CCIVe%2Fq%2BDG8%2BVMHjgOFsz0UTKG83AgQvnpSd9bva7u%2BLOexr2919ueBnpLssFEJQLj%2Br0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd74ea0bb160f7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
send.cm/lib/@fortawesome/fontawesome-free/css/fa.min.css
104.26.1.171200 OK 6.8 kB URL GET HTTP/3 send.cm/lib/@fortawesome/fontawesome-free/css/fa.min.css
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type ASCII text, with very long lines (7103), with no line terminators
Hash 3a4e6fe620850879f073fbeb7d915969
1ea842aabcf1d80ffd383b84c8da0650baefc68f
5a072970160446a139243170334741139bd414e1285dfd785bd552db7c263f80
GET /lib/@fortawesome/fontawesome-free/css/fa.min.css HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/g6rvxz31ok5p
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 10:52:41 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"61f7bf79-1a60"
expires: Sun, 13 Aug 2023 21:42:22 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 555204
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKr81c%2BrrjM8BomsT4mlUgMycpeYLsWxJu1CJFuwj6DnYLl9xq%2Bqu0sNKhu1NHKwRFbVvM%2BTULkg0k78J5ZxoDlCBjIyFaPnY5nazIrnp9XLGNXQPHktubk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74d9ea76568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
send.cm/static/js/clipboard.min.js
104.26.1.171200 OK 9.0 kB URL GET HTTP/3 send.cm/static/js/clipboard.min.js
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type Unicode text, UTF-8 text, with very long lines (9258), with no line terminators
Hash db9c29b300b6e957b611f437fe482b0c
a7ca1b86b66aa417e5ded8bddf571bd28775d7d1
02b7776bbff33fa250331338c8a085b5447d8575283a7943519c56f72215b2b2
GET /static/js/clipboard.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/g6rvxz31ok5p
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: application/javascript; charset=utf8
last-modified: Wed, 14 Dec 2022 18:00:20 GMT
etag: W/"234a-5efcd82834534-gzip"
vary: Accept-Encoding
expires: Sun, 03 Dec 2023 17:00:01 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1658
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9eMVaqsrT9u1hgSeRoS6z2esg58cseaBwz5SIGe390iQZGUjSqiPLwxK32jI35%2B043uw5mPgninl9i9eI9lnzASEmjc73jdYDc%2FUZKi6t%2ByNto%2BcHk6NDo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74dc7e4a568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1UasuNihruqV95qUIgO5udM-6ElkHJqiXNl9l6iJoS9P8G2S1yAMU9emZ2nuNW7uqnbsYLpg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S604892845%3A1701623778411517&theme=glif
64.233.161.84403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1UasuNihruqV95qUIgO5udM-6ElkHJqiXNl9l6iJoS9P8G2S1yAMU9emZ2nuNW7uqnbsYLpg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S604892845%3A1701623778411517&theme=glif
IP 64.233.161.84:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1UasuNihruqV95qUIgO5udM-6ElkHJqiXNl9l6iJoS9P8G2S1yAMU9emZ2nuNW7uqnbsYLpg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S604892845%3A1701623778411517&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 17:16:18 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-W-g0p647oQhUCYKcihgUQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
send.cm/js/share.js
104.26.1.171200 OK 329 B IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type ASCII text, with very long lines (332), with no line terminators
Hash 1d2236286294d62230ccc88e96b5297b
de15f3e22b3e2719f872e47a63b5702c48835a3f
c482daeb5dbeb1b8b60adbd8a47e025cbfe19ea0a0f798d8f77b862781694dbc
GET /js/share.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/g6rvxz31ok5p
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: application/javascript; charset=utf8
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-control: max-age=259200
cf-bgj: minify
cf-polished: origSize=354
etag: W/"162-5ae64b15a48c0-gzip"
expires: Sun, 03 Dec 2023 17:00:01 GMT
last-modified: Thu, 03 Sep 2020 08:39:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1658
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwgLVwbNzuwesIyJPdLvh4cPOocNbCMXR%2BeUdHoMIJLCAUuO3PT0hppF1G%2BlX5YxpYl0yJxs%2FcO4ZHAB3TKsHg6NzYpL%2F7n%2FKURp2ow572mGeshBhC8OsEo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74dcae89568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js
104.26.1.171302 Found 7.4 kB URL GET HTTP/3 send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421; __PPU___PPU_SESSION_URL=%2Fg6rvxz31ok5p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Sun, 03 Dec 2023 17:16:16 GMT
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
vary: accept-encoding
access-control-allow-origin: *
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEyCUD9xzFer0cgY84aoRNo3FpaYZIYSlmPl79A6n68HWWJ84XswJs6sRJaE5stEqR9ShBvLis0%2F5O6M8DTEcmOB4Pxs%2BYesabwClbFf2KIhcxsgWHKT3Es%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74dd5f83568a-OSL
alt-svc: h3=":443"; ma=86400
send.cm/favicon.ico
104.26.1.171200 OK 65 kB IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 64x64, 32 bits/pixel\012- data
Hash 22dab3b36a487940c539e179b7edd7ea
ad1d193daab9eb56c4d27b10e0f0638307c262cc
b64c225956915ee8b619ea190276ebe838880d3a16793a5614487e8be5b5d3bf
GET /favicon.ico HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/g6rvxz31ok5p
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421; __PPU___PPU_SESSION_URL=%2Fg6rvxz31ok5p
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:17 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 03 Sep 2020 08:39:39 GMT
etag: W/"fcae-5ae64b15a48c0"
expires: Sun, 03 Dec 2023 16:59:01 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1658
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyEr7%2FCPMFCrHTID2HFmyIp5tscm%2FSdA9KY2l1T%2FJkOkDOONJT%2FAMcyM7bH%2BaWbjxPSh8I7%2FtYbaq%2B2OVsu6sP2iCb8Oa%2Fxu3mn3GTZqTJUjPu0SGPiVmG0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd74df09e5568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ldrenandthe.org/NXRyclIaSxEBb1REOEIcfToRFgdCMyBDZ08lMyATbRogNhZgIVQGO1FJS0JhDUVBVCJcEE9DdEYAEwYnRklDVDtbEh1PdENJQ1xhAVpBRnwFUgdPYwBDQEdmA0dHQWsCTUNCYxMAAhM1CEVUAiZBGE9DZQVFREBhAkxBQ2UG
104.21.20.207204 No Content 0 B URL GET HTTP/3 ldrenandthe.org/NXRyclIaSxEBb1REOEIcfToRFgdCMyBDZ08lMyATbRogNhZgIVQGO1FJS0JhDUVBVCJcEE9DdEYAEwYnRklDVDtbEh1PdENJQ1xhAVpBRnwFUgdPYwBDQEdmA0dHQWsCTUNCYxMAAhM1CEVUAiZBGE9DZQVFREBhAkxBQ2UG
IP 104.21.20.207:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectldrenandthe.org
FingerprintB1:E1:DF:C0:4E:E7:2F:9B:70:DF:D1:CA:75:2B:47:98:1B:CC:5F:BB
ValidityWed, 29 Nov 2023 06:03:19 GMT - Tue, 27 Feb 2024 06:03:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NXRyclIaSxEBb1REOEIcfToRFgdCMyBDZ08lMyATbRogNhZgIVQGO1FJS0JhDUVBVCJcEE9DdEYAEwYnRklDVDtbEh1PdENJQ1xhAVpBRnwFUgdPYwBDQEdmA0dHQWsCTUNCYxMAAhM1CEVUAiZBGE9DZQVFREBhAkxBQ2UG HTTP/1.1
Host: ldrenandthe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Sun, 03 Dec 2023 17:16:17 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKTwqUxiBEh1QyNBCWpNdmBOTC5mp%2FGvcMoN%2FYOgNWKpxVt6iZ8aZ%2BNHwZ2etRsVxZ1cXfRymhLfqN0vBeK9QgO%2BjNhZXCsTBKTvUVWQr2wn3bpu51rHSB%2F8YMKoiWnvHzQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74e358bbb4eb-OSL
alt-svc: h3=":443"; ma=86400
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0BjZ4sFyyoJJPQpap7R-24Ax2aoZpXn98v1_z6IlJLIrqc0LTFS7Z2dQlOv7-5HBYSsnOsQQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S604567903%3A1701623778433096&theme=glif
64.233.161.84403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0BjZ4sFyyoJJPQpap7R-24Ax2aoZpXn98v1_z6IlJLIrqc0LTFS7Z2dQlOv7-5HBYSsnOsQQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S604567903%3A1701623778433096&theme=glif
IP 64.233.161.84:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0BjZ4sFyyoJJPQpap7R-24Ax2aoZpXn98v1_z6IlJLIrqc0LTFS7Z2dQlOv7-5HBYSsnOsQQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S604567903%3A1701623778433096&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 17:16:18 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-CETZFwk6s5Ewegl9gbUOrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
104.26.1.171200 OK 450 kB URL User Request GET HTTP/2 IP 104.26.1.171:443
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
Size 450 kB (449460 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /g6rvxz31ok5p HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:16:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=0;includeSubDomains;
expires: Sat, 02 Dec 2023 17:16:15 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k69O9aqFlRhfCKphS5uSSFdNcW%2B9C2LbEcqYNYxUWcYi587VFba9LhMH3yF7mhLKn2%2BtqP41XTwY71r3u37v2fsSgMSSc9HV3Eq%2FmJBJfMDwuVZAhcC%2FGSE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: lang=english; domain=.send.cm; path=/
aff=7702; domain=.send.cm; path=/; expires=Sun, 17-Dec-2023 17:16:15 GMT
c_7hyj5tegwm4sd1=g6rvxz31ok5p; domain=.send.cm; path=/
__cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421; SameSite=None; Secure; path=/; expires=Sun, 03-Dec-23 17:46:15 GMT; HttpOnly
server: cloudflare
cf-ray: 82fd74d62f4bb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
send.cm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.26.1.171200 OK 12 kB URL GET HTTP/3 send.cm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type ASCII text, with very long lines (12331)
Hash 88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/g6rvxz31ok5p
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 16:06:21 GMT
etag: W/"65660ffd-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53kKnRHEAZP6B10DFx8JZgZ8pW%2B8eO%2FeI5sJdcGVQyvPJcvTQKa2Te%2Fgvdm51ISY0KbvJps508%2FgDWq5fsDY5oznitLIa1iQEpIoc1mroPYtV7MFVnxdi0c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd74d9fa84568a-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 05 Dec 2023 17:16:16 GMT
cache-control: max-age=172800, public
content-encoding: gzip
pogothere.xyz/asd100.bin
172.64.201.15200 OK 102 kB IP 172.64.201.15:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 17:16:17 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4249
last-modified: Sun, 03 Dec 2023 16:05:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftoF6iBj%2FQjEUUWtr0LV%2FK8zqJtqDlPuQR%2FKK0aCsH3flwA7qS30IubzaXiMhOH2lqhJdeiuoa%2Bu9oQfA%2FhAjnum1BTLAcZK4eawii3WbjgyVggqG7bQGB60QTDQ9FgL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fd74dfe8e87717-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
lingrethertantin.com/ZUdoQkEEJQsvfgR6CmQ0FytVZ3MjYloEJVdyGyEgVi8NLSBUNAdsIgkoHSYnFygGNm8LIhxncyNyO3ItVyQuLS4vLw8VGzF/DwcqVC0NcTEqFj8uNSwwPSQPITNYADgvMyAqByoFDw8SBzAhCRELHV0XAxJwIhF0KRECei0uLBwAJyYoHAQEVDIKFnEiDxIEcyowKQkKMTQABjksNThweSECPyEsLyAfGA8MJAcXcSwkDi8lIhE/KnY8Fi0YDyZ/BQMQK2JaBCQ9LDEACVxyDRclJCMgNjI3EyJncyMiMCkDIhM6eyczCSwFBlBwOiUpFiFaOgcoKVF3JDRqOQUnViAhEHEnMTIaLQMRPyp2KS8lFgw2FRsQBT8oDXEpIhYvNnYAASYBIAx3DwADMH8iBgcxFgA6dwASJicgCHdQEXEjMQ4KNSEVLzp1AwI+CCM9DVwQKiBhAjEuCzdVMxNSEjB6Nzwe
52.85.242.99200 OK 3.1 kB URL GET HTTP/2 lingrethertantin.com/ZUdoQkEEJQsvfgR6CmQ0FytVZ3MjYloEJVdyGyEgVi8NLSBUNAdsIgkoHSYnFygGNm8LIhxncyNyO3ItVyQuLS4vLw8VGzF/DwcqVC0NcTEqFj8uNSwwPSQPITNYADgvMyAqByoFDw8SBzAhCRELHV0XAxJwIhF0KRECei0uLBwAJyYoHAQEVDIKFnEiDxIEcyowKQkKMTQABjksNThweSECPyEsLyAfGA8MJAcXcSwkDi8lIhE/KnY8Fi0YDyZ/BQMQK2JaBCQ9LDEACVxyDRclJCMgNjI3EyJncyMiMCkDIhM6eyczCSwFBlBwOiUpFiFaOgcoKVF3JDRqOQUnViAhEHEnMTIaLQMRPyp2KS8lFgw2FRsQBT8oDXEpIhYvNnYAASYBIAx3DwADMH8iBgcxFgA6dwASJicgCHdQEXEjMQ4KNSEVLzp1AwI+CCM9DVwQKiBhAjEuCzdVMxNSEjB6Nzwe
IP 52.85.242.99:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerAmazon
Subjectlingrethertantin.com
Fingerprint05:43:5F:62:44:4A:F8:16:0D:0E:1F:DC:05:AA:39:FF:6E:4C:56:B8
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3081), with no line terminators
Hash 3a01f12277e39abb300a7151c30c8bd8
05d6d9ea61bc0f063ee2c29d57e438e3a53e527a
ebeda23a8fcc8f91ad15590dece149f42ea61a1f256d853da2fe02b1c6c6c3da
GET /ZUdoQkEEJQsvfgR6CmQ0FytVZ3MjYloEJVdyGyEgVi8NLSBUNAdsIgkoHSYnFygGNm8LIhxncyNyO3ItVyQuLS4vLw8VGzF/DwcqVC0NcTEqFj8uNSwwPSQPITNYADgvMyAqByoFDw8SBzAhCRELHV0XAxJwIhF0KRECei0uLBwAJyYoHAQEVDIKFnEiDxIEcyowKQkKMTQABjksNThweSECPyEsLyAfGA8MJAcXcSwkDi8lIhE/KnY8Fi0YDyZ/BQMQK2JaBCQ9LDEACVxyDRclJCMgNjI3EyJncyMiMCkDIhM6eyczCSwFBlBwOiUpFiFaOgcoKVF3JDRqOQUnViAhEHEnMTIaLQMRPyp2KS8lFgw2FRsQBT8oDXEpIhYvNnYAASYBIAx3DwADMH8iBgcxFgA6dwASJicgCHdQEXEjMQ4KNSEVLzp1AwI+CCM9DVwQKiBhAjEuCzdVMxNSEjB6Nzwe HTTP/1.1
Host: lingrethertantin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1205
date: Sun, 03 Dec 2023 17:16:17 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 b4b5a8fc69875a192be2508de7e5a5e8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: yzKgpn-nL7bQMaS_IS3cUZBOu5icN7OY7j3MjH90vNBjR6fej5SqgQ==
X-Firefox-Spdy: h2
send.cm/static/js/jquery.min.js
104.26.1.171200 OK 93 kB URL GET HTTP/3 send.cm/static/js/jquery.min.js
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type ASCII text, with very long lines (32072)
Hash bdce12c949e78d570c8d44e9c2b23508
9afdc4fec954646bd6270caf82f107fdef605bc5
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
GET /static/js/jquery.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/g6rvxz31ok5p
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: application/javascript; charset=utf8
last-modified: Sat, 26 Sep 2020 12:00:16 GMT
etag: W/"16b88-5b0362d29f400-gzip"
vary: Accept-Encoding
expires: Sun, 03 Dec 2023 17:01:34 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1660
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3D274XyBUus4B0FW6TAVHbWLe3hmaB4Va2ph8booh51vnCyuk2PIKOsX5LmvQUuCM%2BKOpp5WZ6JDX2wAVBVRFu3UPtCKMHmB2cCamn2UIWlAdNB%2B1l3GgW4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74d9ea7f568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js
104.26.1.171302 Found 7.4 kB URL GET HTTP/3 send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421; __PPU___PPU_SESSION_URL=%2Fg6rvxz31ok5p; cf_clearance=b_bcFIjPwFwaJ2hsMgRQyC9ffEMFal9NUVqPuEIv4Qo-1701623777-0-1-730ca2d2.73a07051.5b213570-0.2.1701623777
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Sun, 03 Dec 2023 17:16:17 GMT
access-control-allow-origin: *
cache-control: max-age=300, public
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ug1LvpQ6ISs00v1XJe2siG22Un895misH62WXtY5462sBRpz6t6VEiZ9G%2FGadYx0qsSD7hzPXTZiR16JoCVf%2BtF9MB%2FdtapqOkboG50S%2BQDv%2BoPHSSJ8Y6Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74e408a7568a-OSL
alt-svc: h3=":443"; ma=86400
send.cm/lib/feather-icons/feather.min.js
104.26.1.171200 OK 66 kB URL GET HTTP/3 send.cm/lib/feather-icons/feather.min.js
IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lib/feather-icons/feather.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/g6rvxz31ok5p
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdWPooMP2Q421
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: application/javascript; charset=utf8
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5f50abca-101aa"
expires: Sun, 13 Aug 2023 21:42:42 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 986064
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BoFzPqO9YeJra9mYpf0jR8gy4AQPJqasPvgJsJtLwmqVtwvrCuamEcZE7DKeSXqL1kyMZOmhl2vbDjV4GPfHvQwLURFi8%2BF6unc583OEKP8vGEb4Q5os5U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74d9fa90568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fvcwqkkqmuv.com/get/1951167?zoneid=1951167&jp=_cllx2dfoi1oe4imhi2jpgi&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=111517616166400&eclog=0&sp=1&im=1
212.117.190.201200 OK 4.1 kB URL GET HTTP/2 fvcwqkkqmuv.com/get/1951167?zoneid=1951167&jp=_cllx2dfoi1oe4imhi2jpgi&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=111517616166400&eclog=0&sp=1&im=1
IP 212.117.190.201:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerBuypass AS-983163327
Subject
FingerprintF4:CF:5F:33:5D:62:A5:49:C0:ED:F4:A2:07:7B:6A:FC:5A:C8:EE:2D
ValiditySat, 28 Oct 2023 11:35:09 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type ASCII text, with very long lines (4461), with no line terminators
Hash c27ee2542afae07370ac46bb5a72e132
4a1f9bb54ced0a0b0e52958183518419da154c74
32a4f89bfca4e0d52ff1c0351819e78d9c9b944ea253f33da2bf28ef24289e00
GET /get/1951167?zoneid=1951167&jp=_cllx2dfoi1oe4imhi2jpgi&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=111517616166400&eclog=0&sp=1&im=1 HTTP/1.1
Host: fvcwqkkqmuv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sun, 05 Jan 2025 17:16:16 GMT; Secure; SameSite=None
UID=2312031216c36ecf022bff4f78b07726fe21; Path=/; Expires=Sun, 05 Jan 2025 17:16:16 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
fvcwqkkqmuv.com/aas/r45d/vki/1951167/2819e174.js
212.117.190.201200 OK 90 kB URL GET HTTP/2 fvcwqkkqmuv.com/aas/r45d/vki/1951167/2819e174.js
IP 212.117.190.201:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerBuypass AS-983163327
Subject
FingerprintF4:CF:5F:33:5D:62:A5:49:C0:ED:F4:A2:07:7B:6A:FC:5A:C8:EE:2D
ValiditySat, 28 Oct 2023 11:35:09 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type ASCII text, with very long lines (65106)
Hash 838dbb7a5fae0ed357725f8025754176
4a4e6e4eb61e0c9e07e7a595bc6ee679dfcf9800
d10259ead7ad4537e40eacec736982eb2bc74bff558f63487189ccd3cc31a68a
GET /aas/r45d/vki/1951167/2819e174.js HTTP/1.1
Host: fvcwqkkqmuv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 11:34:35 GMT
vary: Accept-Encoding
etag: W/"6565d04b-15e20"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
walker.send.cm/s.js
104.26.1.171200 OK 66 kB IP 104.26.1.171:443
Requested by https://send.cm/g6rvxz31ok5p
Certificate IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT
File type ASCII text, with very long lines (63519)
Hash aa75f900aba472f50be2f4db1226b3f8
62f3822053c09280bcc1e4fffa93ac0db6e38a7a
d08e12da7da1f4bc98264e356cdfb738d1edf0f81dcbf9f7045ae9c072bc7876
GET /s.js HTTP/1.1
Host: walker.send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: lang=english; aff=7702; c_7hyj5tegwm4sd1=g6rvxz31ok5p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 03 Dec 2023 17:16:16 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=66304
etag: W/"10300-60b5df17329ca"
last-modified: Thu, 30 Nov 2023 12:39:30 GMT
vary: Accept-Encoding
cache-control: max-age=259200
cf-cache-status: HIT
age: 1544
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbV%2BqLWPwsnFEAbYEIxbNrl5V0%2BvOjHtZa1fslshHjz7G1T%2BVrpz9N9tISE%2B4Zi3C9%2BRrrcfAMIez5bAMEe5Eds6kyfMA6khUfkVKfXK5dp6HfuX0NIpLvQSw5QdVY3u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fd74db8cfb568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
dismantlepenantiterrorist.com/pxf.gif?uuid=caaedc36-cd3c-45a7-9daf-2c283460cff0&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=13.3095&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17
0.0.0.0 0 B URL GET dismantlepenantiterrorist.com/pxf.gif?uuid=caaedc36-cd3c-45a7-9daf-2c283460cff0&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=13.3095&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17
IP 0.0.0.0:0
Requested by https://send.cm/g6rvxz31ok5p
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=caaedc36-cd3c-45a7-9daf-2c283460cff0&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=13.3095&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17 HTTP/1.1
Host: dismantlepenantiterrorist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache