send.cm/qr/QXP7
104.26.1.171200 OK 340 B IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type PNG image data, 135 x 135, 1-bit grayscale, non-interlaced\012- data
Hash 842d4aa6f5d7ec3dcca5005651a03287
37c74192ec81a3705cca55f4ba8bbe0a34bcf0a9
f058779d66c21a64ae60a3402e2cd8c17f7e8668143088a7ae125775ca60d3a4
GET /qr/QXP7 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: image/png
content-length: 340
content-transfer-encoding: binary
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4lUFx0kmAzZ81IXVXDQ%2BEgPxtTAmPLd2gGHZlgG4jbjJq%2BGjLpr78UjBjsMeqf5ay%2B6jmUXsDnDb%2B%2BwNBCzT7zbZmPg%2BWJ%2FnB0P2epWqcgnsvvqKvSH8sY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d249350fe280b3d-OSL
alt-svc: h3=":443"; ma=86400
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff
104.26.1.171200 OK 82 kB URL GET HTTP/3 send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type Web Open Font Format, TrueType, length 82076, version 1.1\012- data
Hash dac78b0f1626eb1aa95d41b488e699c1
a377d0df34945fc45bdc030dc63139bd9cf28a2d
ee6d9467e82f91146b9f71f3ac572d66f4aeed0f261b30ef4765550edc11119d
GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: font/woff
content-length: 82076
last-modified: Thu, 17 Sep 2020 12:29:20 GMT
vary: Accept-Encoding
etag: "5f6356a0-1409c"
expires: Fri, 26 May 2023 04:19:48 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1621331
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlFYjCDtLMFFL%2FCUwJ2yikEadkfEvtIwk3ZJQb8NruWMzA29C9T5JLclzdn0%2BBY3BPjxjbER7FxUF3bREVRvhXtWcvQyn6C7PYuJ80KvUU%2B1pggsKCKJmp0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2493523e770b3d-OSL
alt-svc: h3=":443"; ma=86400
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff
104.26.1.171200 OK 77 kB URL GET HTTP/3 send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type Web Open Font Format, TrueType, length 77420, version 1.1\012- data
Hash 2afba28a9ce96315436db858db163c47
550d4374a60527b4f68d4700019aaac11a9140a2
b51d665d9cfebb31a2b61491bf408a172a5791166a0eb99a57ae4a7acbcba0d4
GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: font/woff
content-length: 77420
last-modified: Thu, 17 Sep 2020 12:29:21 GMT
etag: "5f6356a1-12e6c"
expires: Tue, 09 May 2023 15:47:58 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1818226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=at683ZHZDe0KVNJSfNDjt7gdQ2hauTN43NeSr2UxiyOJxdURn0JJC%2FooEInPPvNF1gxOADnLr6diq8rWXYkKUPLWbLAx4%2Foa2fvD49KXew7Oq%2F%2F4dsUqBDI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d2493523e7a0b3d-OSL
alt-svc: h3=":443"; ma=86400
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff
104.26.1.171200 OK 82 kB URL GET HTTP/3 send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type Web Open Font Format, TrueType, length 81760, version 1.1\012- data
Hash 220843e2f1927e726e78ca63f426ce50
d86801f8452cda25025530f406773162decd1458
ae9310191397b69cd6dd015ba0c6f9d674f493d35384f29c9c7d23e3c7df0d24
GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: font/woff
content-length: 81760
last-modified: Thu, 17 Sep 2020 12:29:20 GMT
etag: "5f6356a0-13f60"
expires: Fri, 28 Apr 2023 10:10:49 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1818226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z357RfxQR6TVNKrLp0gT%2B22rkAKVBsQVnUZqkgGTxYyjQk8w5Sp2%2B9AzSsCdK18eFtPsxnr%2BH6AWNUu1qBRPALiJfAsmTHH7KpR2ifGGgogyQZOTJU8hWWI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d2493523e790b3d-OSL
alt-svc: h3=":443"; ma=86400
d2dkurdav21mkk.cloudfront.net/?rukdd=984022
54.230.245.144200 OK 54 kB URL GET HTTP/2 d2dkurdav21mkk.cloudfront.net/?rukdd=984022
IP 54.230.245.144:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Hash 9673afa3c665ee59c34f9c2ea297bb55
805c2076f91cf19a5fba97654d9a93ff871eb79b
1aafc32d9a0fe19bf9256d4e756b3f94a23d72fb522be62c56fafed68dd5dba5
GET /?rukdd=984022 HTTP/1.1
Host: d2dkurdav21mkk.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 53874
date: Mon, 05 Jun 2023 01:17:21 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J1DVGasqs184vvsZF6m87gLryEus50Fh18KfacidGA7LggmqOrkGCA==
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
151.101.1.229200 OK 847 B URL GET HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
IP 151.101.1.229:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type JSON data\012- , ASCII text, with very long lines (1599), with no line terminators
Hash eba60412a79beafcb16c5e57571fe7fc
398dfdf5c0cfe276a2946686b2401bc9b244d588
3ffc31ac04b7ff27fd69991b687bb94dabc532fdc6562d052fd5a5419b25ac55
GET /gh/prebid/currency-file@1/latest.json HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1711
x-jsd-version-type: version
etag: W/"63f-OY399cDP4nailGaGskAbybJE1Yg"
content-encoding: br
accept-ranges: bytes
date: Mon, 05 Jun 2023 01:17:21 GMT
age: 33377
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1632-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 847
X-Firefox-Spdy: h2
barnes.send.cm/s.php?action_name=send.cm%2Frme53wzr0vbh&idsite=1&rec=1&r=811688&h=1&m=17&s=21&url=https%3A%2F%2Fsend.cm%2Frme53wzr0vbh&_id=c48c820d17e0627e&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=yDGhn4&pf_net=21&pf_srv=162&pf_tfr=84&uadata=%7B%7D
104.26.1.171204 No Content 0 B URL POST HTTP/3 barnes.send.cm/s.php?action_name=send.cm%2Frme53wzr0vbh&idsite=1&rec=1&r=811688&h=1&m=17&s=21&url=https%3A%2F%2Fsend.cm%2Frme53wzr0vbh&_id=c48c820d17e0627e&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=yDGhn4&pf_net=21&pf_srv=162&pf_tfr=84&uadata=%7B%7D
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /s.php?action_name=send.cm%2Frme53wzr0vbh&idsite=1&rec=1&r=811688&h=1&m=17&s=21&url=https%3A%2F%2Fsend.cm%2Frme53wzr0vbh&_id=c48c820d17e0627e&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=yDGhn4&pf_net=21&pf_srv=162&pf_tfr=84&uadata=%7B%7D HTTP/1.1
Host: barnes.send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/3 204 No Content
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.6
content-encoding: none
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
strict-transport-security: max-age=15768000; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FHWOn%2B5%2BAa150Mj9GderVDBv24ybkL%2FRflU0PpB9BciJUQq3ajB0TR%2FbyM5TA23Ab1c0GBEbTsgAx%2BAkYCPRJaCXMpV9Bs%2BX2OPFrf4oX4tbSGcOhL7YlPCPHrsrqIT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2493530eb00b3d-OSL
alt-svc: h3=":443"; ma=86400
godpvqnszo.com/solid.gif?z=1951167&abvar=0
62.122.171.6200 OK 43 B URL POST HTTP/2 godpvqnszo.com/solid.gif?z=1951167&abvar=0
IP 62.122.171.6:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerBuypass AS-983163327
Subject
FingerprintA3:18:81:46:21:23:25:D9:B2:A0:C9:DF:CC:95:3B:39:2C:75:77:82
ValiditySun, 05 Feb 2023 10:50:47 GMT - Thu, 03 Aug 2023 21:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1951167&abvar=0 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
142.250.74.72200 OK 64 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
IP 142.250.74.72:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (40735)
Hash a5f6527a60fea2017c1c7f8ee2786b4c
7348ff4a3fd983725f686fb20599bfbdca022d7c
0f51bf4317d1f3d177d3750f843a39f4001fadae16b215c537ca109a2d3d87d3
GET /gtm.js?id=GTM-KXJCD57 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Jun 2023 01:17:21 GMT
expires: Mon, 05 Jun 2023 01:17:21 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Jun 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 63991
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nedukeration.info/NkhEZWNXKicIXFd1JkMWRCR5QFFwbXYjBwQsLxARUikyV1JbIy9LAFonMQEFRCcqEU1YLTBAUXAKIFVWTiwTEjZ/GnwxNkEFKiM2Xh4QVhN0GnVQMXwJDQQiUSw+LyJzORU0W0wHEjAZfBseJi11CisnMg4BFwtWbg8VVTl9HTwxIGQjMDEmZAMCDAxiGwINMXkvAQQhBicyLTFRKQAcMnwJBVEnVwkVMDZkJywmG0EJAxxaYxo9FSBvDQI0O10sKSY2ZCwRC1NMHQJQK38gIwckZ3E2NFNjHRBWBEMZdQ0wUBwKNDtdK3wnUnQuCgtadBwBLytseWk3K24KBRcmXnwAMA1BexZUG3EuLyMmbg0eFzIGHQ8tCUEdARIuZil0KBluHR5AUXAQdDModyYKJEVcOysLEwsdMCNVdwoIXCddH3M9NA
54.230.111.79200 OK 1.2 kB URL GET HTTP/2 nedukeration.info/NkhEZWNXKicIXFd1JkMWRCR5QFFwbXYjBwQsLxARUikyV1JbIy9LAFonMQEFRCcqEU1YLTBAUXAKIFVWTiwTEjZ/GnwxNkEFKiM2Xh4QVhN0GnVQMXwJDQQiUSw+LyJzORU0W0wHEjAZfBseJi11CisnMg4BFwtWbg8VVTl9HTwxIGQjMDEmZAMCDAxiGwINMXkvAQQhBicyLTFRKQAcMnwJBVEnVwkVMDZkJywmG0EJAxxaYxo9FSBvDQI0O10sKSY2ZCwRC1NMHQJQK38gIwckZ3E2NFNjHRBWBEMZdQ0wUBwKNDtdK3wnUnQuCgtadBwBLytseWk3K24KBRcmXnwAMA1BexZUG3EuLyMmbg0eFzIGHQ8tCUEdARIuZil0KBluHR5AUXAQdDModyYKJEVcOysLEwsdMCNVdwoIXCddH3M9NA
IP 54.230.111.79:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerAmazon
Subjectnedukeration.info
Fingerprint95:45:18:1D:79:D5:0F:7B:46:CF:15:61:D4:43:EE:1E:2D:89:79:A3
ValiditySun, 16 Apr 2023 00:00:00 GMT - Tue, 14 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3025), with no line terminators
Hash c8f1422f836b3e9f81665b19582aff6d
d20600d6a02468a2460fab0fbad745bab8ecabca
c51bba0b4514887d56d282e5d2249b812eba5283fb641c1485dcd537ee0d9e58
GET /NkhEZWNXKicIXFd1JkMWRCR5QFFwbXYjBwQsLxARUikyV1JbIy9LAFonMQEFRCcqEU1YLTBAUXAKIFVWTiwTEjZ/GnwxNkEFKiM2Xh4QVhN0GnVQMXwJDQQiUSw+LyJzORU0W0wHEjAZfBseJi11CisnMg4BFwtWbg8VVTl9HTwxIGQjMDEmZAMCDAxiGwINMXkvAQQhBicyLTFRKQAcMnwJBVEnVwkVMDZkJywmG0EJAxxaYxo9FSBvDQI0O10sKSY2ZCwRC1NMHQJQK38gIwckZ3E2NFNjHRBWBEMZdQ0wUBwKNDtdK3wnUnQuCgtadBwBLytseWk3K24KBRcmXnwAMA1BexZUG3EuLyMmbg0eFzIGHQ8tCUEdARIuZil0KBluHR5AUXAQdDModyYKJEVcOysLEwsdMCNVdwoIXCddH3M9NA HTTP/1.1
Host: nedukeration.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1180
date: Mon, 05 Jun 2023 01:17:21 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v57TjPwaCsUXIkGN3jmAHZNX0l7UdnX43b0Xq_g6n7L_acrQAIdqVA==
X-Firefox-Spdy: h2
thycantyoubelike.com/V2JOeFB4XS0LbQUqIiAHDzB9KQcRERwWYRY7IxQeMycIDjJnL2gMOTNfd0BkZ1B8XiA+BnNJdiQWLwwlJF9/Xjk5BCFFdiFff1ZjY0x9Sn5lRDtFYXEWPhk3alNoCCQjDnNJZm9Xd0pnb1Z/S2Bu
104.21.27.111204 No Content 0 B URL GET HTTP/2 thycantyoubelike.com/V2JOeFB4XS0LbQUqIiAHDzB9KQcRERwWYRY7IxQeMycIDjJnL2gMOTNfd0BkZ1B8XiA+BnNJdiQWLwwlJF9/Xjk5BCFFdiFff1ZjY0x9Sn5lRDtFYXEWPhk3alNoCCQjDnNJZm9Xd0pnb1Z/S2Bu
IP 104.21.27.111:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subjectthycantyoubelike.com
FingerprintEE:1F:4E:1B:ED:D1:D3:7C:D8:9A:87:62:4F:8A:C0:01:0C:0E:25:F4
ValidityThu, 01 Jun 2023 15:44:27 GMT - Wed, 30 Aug 2023 15:44:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /V2JOeFB4XS0LbQUqIiAHDzB9KQcRERwWYRY7IxQeMycIDjJnL2gMOTNfd0BkZ1B8XiA+BnNJdiQWLwwlJF9/Xjk5BCFFdiFff1ZjY0x9Sn5lRDtFYXEWPhk3alNoCCQjDnNJZm9Xd0pnb1Z/S2Bu HTTP/1.1
Host: thycantyoubelike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Mon, 05 Jun 2023 01:17:21 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akkQ2ToxZtFj0zcVqN3X%2Fv80MeLBwtKC%2BxI9j%2B1nJEE3uzZvFEgGddk3kc46wEkGZWUMF%2BT9hzdXWiXFOsKzR53NextFnwqHP4XaR5RJbdrBvg9xC0zGLOxxggkYc%2FKVKQq5TOkH3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d249353aa1db523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cat.hbwrapper.com/
192.241.157.60200 OK 15 B IP 192.241.157.60:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerLet's Encrypt
Subjectcat.hbwrapper.com
Fingerprint3A:7E:CB:44:A6:8A:75:6E:02:EC:B5:C6:DF:27:A0:C4:8D:78:84:66
ValidityFri, 02 Jun 2023 04:31:08 GMT - Thu, 31 Aug 2023 04:31:07 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 0f0479874bf6f4a7281099b15df27c27
55a490e280d48996e564d00492437eb17faadd28
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
POST / HTTP/1.1
Host: cat.hbwrapper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 133
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 01:17:21 GMT
Server: Apache
Access-Control-Allow-Origin: https://send.cm
Access-Control-Allow-Credentials: true
Content-Length: 15
Connection: close
Content-Type: text/html; charset=UTF-8
104.26.1.171200 OK 0 B URL User Request GET HTTP/2 IP 104.26.1.171:443
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /rme53wzr0vbh HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=0;includeSubDomains;
expires: Sun, 04 Jun 2023 01:17:22 GMT
set-cookie: aff=36954; domain=.send.cm; path=/; expires=Mon, 19-Jun-2023 01:17:22 GMT
c_7hyj5tegwm4sd2=rme53wzr0vbh; domain=.send.cm; path=/
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72eex1S48Bz0SEtDnQa4YF0vbPp8DS%2FpB4JXdX29RlEMw1khnjpeQxn86lOauGQOXi6I%2FQtgFb9jj2OT5uJn9a2oFSZNvjnvpv06TS%2FnQYqJ8StWFhWKU1U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d249353fef70b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
increaserev.com/ads/ob/tage/aaw.sendcm.js
104.26.1.126200 OK 241 kB URL GET HTTP/2 increaserev.com/ads/ob/tage/aaw.sendcm.js
IP 104.26.1.126:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintBC:B0:9D:21:A0:92:81:50:8F:B0:B4:E5:2D:4E:AA:4F:9D:14:E6:21
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (65254)
Size 241 kB (241103 bytes)
Hash a7876b1f303fbf2928874be6b30c5b54
cb24f6f424c5634647f4a4e13a279be460548b77
b7d9e0de523772a554d288a4b7667ebcdcb194240f37516c491f5abd93de4e70
GET /ads/ob/tage/aaw.sendcm.js HTTP/1.1
Host: increaserev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: application/javascript
last-modified: Fri, 02 Jun 2023 17:41:00 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
cache-control: max-age=31536000
cf-cache-status: HIT
age: 759
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DCoZU8nJ0lMCDPKO1CcTRoPhMetG3j0p1wlQrGcLY6m%2BryNw1jywqV7D8WMB5FlzfU51FenSaaRasGpXmwLYdjvuSYGrIO9wi7djEDWipdBYd%2BPe58c4lKmlPxWz3vVyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2493511faefab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
godpvqnszo.com/solid.gif?z=1951167&abvar=0
62.122.171.6200 OK 43 B URL POST HTTP/2 godpvqnszo.com/solid.gif?z=1951167&abvar=0
IP 62.122.171.6:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerBuypass AS-983163327
Subject
FingerprintA3:18:81:46:21:23:25:D9:B2:A0:C9:DF:CC:95:3B:39:2C:75:77:82
ValiditySun, 05 Feb 2023 10:50:47 GMT - Thu, 03 Aug 2023 21:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1951167&abvar=0 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: UID=23060420170df94f6757b942e3bf2b4a018d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
send.cm/static/css/dl.min.css
104.26.1.171200 OK 75 kB URL GET HTTP/3 send.cm/static/css/dl.min.css
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5b58461e5f18bf7cd778f13248d95d3f
3ce9cef55a1292bf12d39edffeb3b29721d4a399
6c94223dbccba502090c8df6145de92a1393195c1e0d21cf518d84c436059121
GET /static/css/dl.min.css HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: text/css
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jun 2022 15:22:22 GMT
etag: W/"2bb54-5e17e167b80b4-gzip"
vary: Accept-Encoding
expires: Mon, 05 Jun 2023 01:34:42 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 759
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5GzQajHcTie6yFchxV3CpTflv7Bd0cFP7VIffQtGp2cWg8y0GA9kZa%2Fmn3uxgp7qfkfdxLMdEpHH5qrHsxSQQQtkDZJ4Wd6TTtw3SMyMhckR0k3kxbuaUQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d249350ee210b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
limurol.com/ssp/req/1951167/?pb=ba7afc66e49e40d47d483d954f4062b31685935041&psp=H0bRo0WXdA8wEhEsUHja4YKV4abtBHQAkoGNCpXnGkBUevW0lgldlPevyqhskizAAJQHjW8oxKWOFh1eL6lOwGXX2_-V7aMHCurahGoOmmzaLZ3udyexX2DLUQlOuCiKvkcjUIjkfhiOuuT4k0Ic82fb8vL1DCTMCjhl_mN5LX8mEhoQm_x7mer-D3EnNEyMXR_2vc32Q9GHBUwpTc9yRxRlAqmkkrAaCSMEnC91ntSbmOiU47r7FqPiECpPBWlZvszZdtM4k04xGeffqnB3zVCahNwGXXqiWbVOYJm2zHFnL8Rl0G6KkBJ-2ZfEwtKIWQdwN96psGLMsZhlzlasnwg7fisBnUbXJX5adDo9v3nCF6dXJr7Csb7SGvGEh_tr_gsFmWCDi3i2FSf4UooRvGLI53wOB33xDqiDiWnOVCg8L1vR3uFBrFT1JR33iU66DKebEURxmUPGr7CKt9lWQr0hjApKPIzmBPZES-1atNVm3sNL-sdnOkJd9TVEcs5vqOeQEpzel18TuRlEP-DeWzNNRuIiVIrZaK4QTAaccRZcn8--5qZj8m5jQEqb3wCrpl8WVJtrUuFuvBfT6wWfvEAzuorcTngLvU41FlDdXInkfJHo42bNXIyIyEF6uMULosMoGZMIv4BD7horGEwsMYNn4d5tdoYVQAusH1vpu4YfFAn-HwFMfvMHC0SCu3tlwvwo-DiDbJr3SVsNc8rE5-RrU0p8YG2ZExXr7_piaS5YN4li5moDEKIQEn35QMlNe_j1QV0xetg=&sp=1&cb=_clwzk58kmjhtfa0ah5fql7&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL GET HTTP/2 limurol.com/ssp/req/1951167/?pb=ba7afc66e49e40d47d483d954f4062b31685935041&psp=H0bRo0WXdA8wEhEsUHja4YKV4abtBHQAkoGNCpXnGkBUevW0lgldlPevyqhskizAAJQHjW8oxKWOFh1eL6lOwGXX2_-V7aMHCurahGoOmmzaLZ3udyexX2DLUQlOuCiKvkcjUIjkfhiOuuT4k0Ic82fb8vL1DCTMCjhl_mN5LX8mEhoQm_x7mer-D3EnNEyMXR_2vc32Q9GHBUwpTc9yRxRlAqmkkrAaCSMEnC91ntSbmOiU47r7FqPiECpPBWlZvszZdtM4k04xGeffqnB3zVCahNwGXXqiWbVOYJm2zHFnL8Rl0G6KkBJ-2ZfEwtKIWQdwN96psGLMsZhlzlasnwg7fisBnUbXJX5adDo9v3nCF6dXJr7Csb7SGvGEh_tr_gsFmWCDi3i2FSf4UooRvGLI53wOB33xDqiDiWnOVCg8L1vR3uFBrFT1JR33iU66DKebEURxmUPGr7CKt9lWQr0hjApKPIzmBPZES-1atNVm3sNL-sdnOkJd9TVEcs5vqOeQEpzel18TuRlEP-DeWzNNRuIiVIrZaK4QTAaccRZcn8--5qZj8m5jQEqb3wCrpl8WVJtrUuFuvBfT6wWfvEAzuorcTngLvU41FlDdXInkfJHo42bNXIyIyEF6uMULosMoGZMIv4BD7horGEwsMYNn4d5tdoYVQAusH1vpu4YfFAn-HwFMfvMHC0SCu3tlwvwo-DiDbJr3SVsNc8rE5-RrU0p8YG2ZExXr7_piaS5YN4li5moDEKIQEn35QMlNe_j1QV0xetg=&sp=1&cb=_clwzk58kmjhtfa0ah5fql7&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint72:B0:71:AA:BB:77:16:4F:5D:2B:24:A5:E4:E7:B9:A5:80:81:2D:D0
ValiditySun, 05 Feb 2023 11:13:42 GMT - Thu, 03 Aug 2023 21:59:00 GMT
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1951167/?pb=ba7afc66e49e40d47d483d954f4062b31685935041&psp=H0bRo0WXdA8wEhEsUHja4YKV4abtBHQAkoGNCpXnGkBUevW0lgldlPevyqhskizAAJQHjW8oxKWOFh1eL6lOwGXX2_-V7aMHCurahGoOmmzaLZ3udyexX2DLUQlOuCiKvkcjUIjkfhiOuuT4k0Ic82fb8vL1DCTMCjhl_mN5LX8mEhoQm_x7mer-D3EnNEyMXR_2vc32Q9GHBUwpTc9yRxRlAqmkkrAaCSMEnC91ntSbmOiU47r7FqPiECpPBWlZvszZdtM4k04xGeffqnB3zVCahNwGXXqiWbVOYJm2zHFnL8Rl0G6KkBJ-2ZfEwtKIWQdwN96psGLMsZhlzlasnwg7fisBnUbXJX5adDo9v3nCF6dXJr7Csb7SGvGEh_tr_gsFmWCDi3i2FSf4UooRvGLI53wOB33xDqiDiWnOVCg8L1vR3uFBrFT1JR33iU66DKebEURxmUPGr7CKt9lWQr0hjApKPIzmBPZES-1atNVm3sNL-sdnOkJd9TVEcs5vqOeQEpzel18TuRlEP-DeWzNNRuIiVIrZaK4QTAaccRZcn8--5qZj8m5jQEqb3wCrpl8WVJtrUuFuvBfT6wWfvEAzuorcTngLvU41FlDdXInkfJHo42bNXIyIyEF6uMULosMoGZMIv4BD7horGEwsMYNn4d5tdoYVQAusH1vpu4YfFAn-HwFMfvMHC0SCu3tlwvwo-DiDbJr3SVsNc8rE5-RrU0p8YG2ZExXr7_piaS5YN4li5moDEKIQEn35QMlNe_j1QV0xetg=&sp=1&cb=_clwzk58kmjhtfa0ah5fql7&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2306042017f46556ecffe04e9eb15875d982; Path=/; Expires=Tue, 04 Jun 2024 01:17:22 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
send.cm/static/js/jquery.min.js
104.26.1.171200 OK 34 kB URL GET HTTP/3 send.cm/static/js/jquery.min.js
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type ASCII text, with very long lines (32072)
Hash bdce12c949e78d570c8d44e9c2b23508
9afdc4fec954646bd6270caf82f107fdef605bc5
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
GET /static/js/jquery.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: application/javascript; charset=utf8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
last-modified: Sat, 26 Sep 2020 12:00:16 GMT
etag: W/"16b88-5b0362d29f400-gzip"
vary: Accept-Encoding
expires: Mon, 05 Jun 2023 01:24:13 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ByA8lzaxge9qSJiqPgUMxXrG7bErERULazwyWaAhYJ2AqVxNV0qPH2hprN7wZTcyuyFdcuqGPX8oiEuLT%2FMvxBN9GEoauJMvmbPsnFpQW7CIIOYDHFGUMs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d249350fe250b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
send.cm/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
104.26.1.171200 OK 12 kB URL GET HTTP/3 send.cm/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type ASCII text, with very long lines (27265), with no line terminators
Hash 1a6406261871aafc26ba2c4599e777a4
2420e1b8380caba12954125db5fa464fb3616fdf
529b7f7d743efc433cc8bb06f19598285d0f20dae5397beaa2850c74a932f113
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1; __PPU___PPU_SESSION_URL=%2Frme53wzr0vbh; c_7hyj5tegwm4sd2=rme53wzr0vbh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XI8PRGTkZ0g93hApOymQRIo0jMg4GCD96fqjX%2F7482Nnm8cRJlh7RSAh5ofNtapYET2f8Z9jlt5VPHNrKX4sj3n3tGyKqPStKhIdo9xaEX4wemsT0bWZhR8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2493561fb80b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
d2dkurdav21mkk.cloudfront.net/Bd05xdWwUIR8TUwMnFUhVT3pBR15RJAIaAgdzJAEqQQ8zOVUzJSZCNCBoBQ8ISn5XGQ0ZKUxTCRktTERKFioTSFhROgEaB0ovHRgaDyQJAA4DaAQUURohCxwAGy9URypCYEFQXkdmCURdUn0zUF5HIhgbGQ9rQ0UUT3guQ1hSfTNQXkc8B1BfNn9BTEJHZ1-RHXBArEh4DUnw3R1xGfkFEXEZrQ0UKHjwUEwMPa0MzXUZ/X0VKAnNA
54.230.245.144 615 B URL d2dkurdav21mkk.cloudfront.net/Bd05xdWwUIR8TUwMnFUhVT3pBR15RJAIaAgdzJAEqQQ8zOVUzJSZCNCBoBQ8ISn5XGQ0ZKUxTCRktTERKFioTSFhROgEaB0ovHRgaDyQJAA4DaAQUURohCxwAGy9URypCYEFQXkdmCURdUn0zUF5HIhgbGQ9rQ0UUT3guQ1hSfTNQXkc8B1BfNn9BTEJHZ1-RHXBArEh4DUnw3R1xGfkFEXEZrQ0UKHjwUEwMPa0MzXUZ/X0VKAnNA
IP 54.230.245.144:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (878), with no line terminators
Hash 05b789fbb9fc16764467b68e9a9e82f3
1e92112c7201eb7b5d5d86fc7cd92e7a5e56aca1
dea3a741ff6cd317956156e14c88b9f8549c21154c1239aa1f291d5b9060c666
GET /Bd05xdWwUIR8TUwMnFUhVT3pBR15RJAIaAgdzJAEqQQ8zOVUzJSZCNCBoBQ8ISn5XGQ0ZKUxTCRktTERKFioTSFhROgEaB0ovHRgaDyQJAA4DaAQUURohCxwAGy9URypCYEFQXkdmCURdUn0zUF5HIhgbGQ9rQ0UUT3guQ1hSfTNQXkc8B1BfNn9BTEJHZ1-RHXBArEh4DUnw3R1xGfkFEXEZrQ0UKHjwUEwMPa0MzXUZ/X0VKAnNA HTTP/1.1
Host: d2dkurdav21mkk.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nedukeration.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 615
date: Mon, 05 Jun 2023 01:17:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FLMksmxkUSk4aMjzpe0eizqcBiPDxouVNggKKWBdp5cKtlnuo-KXFw==
X-Firefox-Spdy: h2
p.gcprivacy.com/t/gcid_s.min.js
54.230.111.12403 Forbidden 986 B URL GET HTTP/2 p.gcprivacy.com/t/gcid_s.min.js
IP 54.230.111.12:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerAmazon
Subject*.gcprivacy.com
Fingerprint16:B6:01:12:52:A3:4C:6E:33:F8:D8:23:33:67:08:B1:D3:0B:5D:4F
ValidityThu, 23 Feb 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash efeffa2e7ac3229f9ab6d8e1ee35bc93
c82cb7922c88527f5ead9677b200dbcc49750ba2
cfb13ba8623afea19075a020c130a5c75388b13c5c55cba39a236030fcc6891d
GET /t/gcid_s.min.js HTTP/1.1
Host: p.gcprivacy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
server: CloudFront
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: text/html
content-length: 986
x-cache: Error from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LseTwwR4kOcZsdPazOukQJZKcRWsdTAhNUhzYffuLx1APCxFVw5XNQ==
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.84.158204 No Content 0 B IP 147.75.84.158:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
Fingerprint86:27:A6:73:5B:D6:49:31:AD:38:AE:5D:D8:43:D7:59:83:60:76:B4
ValidityThu, 13 Apr 2023 07:33:05 GMT - Wed, 12 Jul 2023 07:33:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2007
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://send.cm
cache-control: max-age=0, private, must-revalidate
date: Mon, 05 Jun 2023 01:17:22 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
send.cm/js/share.js
104.26.1.171200 OK 119 B IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
Hash e38522ef9b2fe6940894f9f35a29f407
d5227e21fbae55e23bd87bf084a4049e797d0775
59b3cd5e8d2207976f8f687c84eba22d83cf960318fa8f7a6f31022ef4e69208
GET /js/share.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1; __PPU___PPU_SESSION_URL=%2Frme53wzr0vbh; c_7hyj5tegwm4sd2=rme53wzr0vbh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: application/javascript; charset=utf8
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-control: max-age=259200
cf-bgj: minify
cf-polished: origSize=354
etag: W/"162-5ae64b15a48c0-gzip"
expires: Mon, 05 Jun 2023 01:42:27 GMT
last-modified: Thu, 03 Sep 2020 08:39:39 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6e5DCLxYOBVfohD8ADUjt2a8ae8HZ18FBlFdrR85hWxeVysPhiw1WHJt2z%2BQk%2B9FkOLIBOa6cY4q3xo1sGUJoxrZX330H%2BbcSj%2BHAwpVFrzBVoHT6KLANs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2493556f870b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
onetag-sys.com/prebid-request
51.89.9.254200 OK 41 B URL POST HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.254:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint1B:3E:A7:6D:D6:26:C6:9E:AB:38:DE:9E:22:71:64:8C:9F:91:0B:7B
ValidityWed, 28 Dec 2022 00:00:00 GMT - Sun, 28 Jan 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2213
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://send.cm
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
limurol.com/ssp/req/1951167/?pb=44c3b5399042b0bf0c735e83b9b59ffd1685935042&psp=x5ezoHizTHblI_LucyBYYx52ccAY1n4ALWijAAG6TLpuOyX-LuhWPYTjJIq1vo9uz2RftLnYTQzCILG9kLz5RM_xMdSG54RQc_ps-B491z8SYvImoRy8LlC0b8vX12Cs62Dt9SRL4ayq5g8d-jlP9xK-HBDL1dcbDeWCjeD4UV5evKqo8h84esip10uAVQiwrqZzvEEe0yr_WcVKDsjcfSH-7CWabI85hys4rMMaQk3IVIWtpZkb_IAWj4vxKxE7wLr_sHvfnJeXjYYtgpdBaWwgz2Lyk0mcckxXHmG0dKUM1iElu7OB8AsPCBE5ICFmitpvvrB_VljIOu0NtXtR1O__t7qYU6ISKQJSDdQ_AeaXEIiH5eOM5du_F-29_yTYtuV1kNoIDbSiWkm5Qw5gn3xdYgYwIojHsh7nUcsbwq9SYJHEUtTm8S4gZwfJH1G5ZoEA_xk8tSwcPjU5KWSpjWtSpsuJppwTZCsVHHQsNwIRTMxmAgDO-OH0NZsCgmeYYmr4tv1WKxiCsR6Pg-xoH_8qWJlIHhbeDbqodKeuw7OpThBSbAW5wnSuAO-u1Di2huh_2RtxviwzriF62FhvhhTElmhI_IAwJn4tNoKlLBTWrWkdR8-g_uuZrLrCLcKXOF3Xp_eho4bC5NtEFxxZoxgA7M_wPNGLO9thThqzY2zV_88fi-OCr4NjvOxyQFgHxsZV4rrNWZqnnoupoBJmpkcYoxGVJL8_WqNBN7okdFKmh40ZBNEO5sl5lQ_5i0b0arCPmFJgbAQ=&sp=1&cb=_clnqm2h58fwppk03ao7wzl&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL GET HTTP/2 limurol.com/ssp/req/1951167/?pb=44c3b5399042b0bf0c735e83b9b59ffd1685935042&psp=x5ezoHizTHblI_LucyBYYx52ccAY1n4ALWijAAG6TLpuOyX-LuhWPYTjJIq1vo9uz2RftLnYTQzCILG9kLz5RM_xMdSG54RQc_ps-B491z8SYvImoRy8LlC0b8vX12Cs62Dt9SRL4ayq5g8d-jlP9xK-HBDL1dcbDeWCjeD4UV5evKqo8h84esip10uAVQiwrqZzvEEe0yr_WcVKDsjcfSH-7CWabI85hys4rMMaQk3IVIWtpZkb_IAWj4vxKxE7wLr_sHvfnJeXjYYtgpdBaWwgz2Lyk0mcckxXHmG0dKUM1iElu7OB8AsPCBE5ICFmitpvvrB_VljIOu0NtXtR1O__t7qYU6ISKQJSDdQ_AeaXEIiH5eOM5du_F-29_yTYtuV1kNoIDbSiWkm5Qw5gn3xdYgYwIojHsh7nUcsbwq9SYJHEUtTm8S4gZwfJH1G5ZoEA_xk8tSwcPjU5KWSpjWtSpsuJppwTZCsVHHQsNwIRTMxmAgDO-OH0NZsCgmeYYmr4tv1WKxiCsR6Pg-xoH_8qWJlIHhbeDbqodKeuw7OpThBSbAW5wnSuAO-u1Di2huh_2RtxviwzriF62FhvhhTElmhI_IAwJn4tNoKlLBTWrWkdR8-g_uuZrLrCLcKXOF3Xp_eho4bC5NtEFxxZoxgA7M_wPNGLO9thThqzY2zV_88fi-OCr4NjvOxyQFgHxsZV4rrNWZqnnoupoBJmpkcYoxGVJL8_WqNBN7okdFKmh40ZBNEO5sl5lQ_5i0b0arCPmFJgbAQ=&sp=1&cb=_clnqm2h58fwppk03ao7wzl&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint72:B0:71:AA:BB:77:16:4F:5D:2B:24:A5:E4:E7:B9:A5:80:81:2D:D0
ValiditySun, 05 Feb 2023 11:13:42 GMT - Thu, 03 Aug 2023 21:59:00 GMT
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1951167/?pb=44c3b5399042b0bf0c735e83b9b59ffd1685935042&psp=x5ezoHizTHblI_LucyBYYx52ccAY1n4ALWijAAG6TLpuOyX-LuhWPYTjJIq1vo9uz2RftLnYTQzCILG9kLz5RM_xMdSG54RQc_ps-B491z8SYvImoRy8LlC0b8vX12Cs62Dt9SRL4ayq5g8d-jlP9xK-HBDL1dcbDeWCjeD4UV5evKqo8h84esip10uAVQiwrqZzvEEe0yr_WcVKDsjcfSH-7CWabI85hys4rMMaQk3IVIWtpZkb_IAWj4vxKxE7wLr_sHvfnJeXjYYtgpdBaWwgz2Lyk0mcckxXHmG0dKUM1iElu7OB8AsPCBE5ICFmitpvvrB_VljIOu0NtXtR1O__t7qYU6ISKQJSDdQ_AeaXEIiH5eOM5du_F-29_yTYtuV1kNoIDbSiWkm5Qw5gn3xdYgYwIojHsh7nUcsbwq9SYJHEUtTm8S4gZwfJH1G5ZoEA_xk8tSwcPjU5KWSpjWtSpsuJppwTZCsVHHQsNwIRTMxmAgDO-OH0NZsCgmeYYmr4tv1WKxiCsR6Pg-xoH_8qWJlIHhbeDbqodKeuw7OpThBSbAW5wnSuAO-u1Di2huh_2RtxviwzriF62FhvhhTElmhI_IAwJn4tNoKlLBTWrWkdR8-g_uuZrLrCLcKXOF3Xp_eho4bC5NtEFxxZoxgA7M_wPNGLO9thThqzY2zV_88fi-OCr4NjvOxyQFgHxsZV4rrNWZqnnoupoBJmpkcYoxGVJL8_WqNBN7okdFKmh40ZBNEO5sl5lQ_5i0b0arCPmFJgbAQ=&sp=1&cb=_clnqm2h58fwppk03ao7wzl&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: UID=2306042017f46556ecffe04e9eb15875d982
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1951167/?pb=ba7afc66e49e40d47d483d954f4062b31685935041&psp=H0bRo0WXdA8wEhEsUHja4YKV4abtBHQAkoGNCpXnGkBUevW0lgldlPevyqhskizAAJQHjW8oxKWOFh1eL6lOwGXX2_-V7aMHCurahGoOmmzaLZ3udyexX2DLUQlOuCiKvkcjUIjkfhiOuuT4k0Ic82fb8vL1DCTMCjhl_mN5LX8mEhoQm_x7mer-D3EnNEyMXR_2vc32Q9GHBUwpTc9yRxRlAqmkkrAaCSMEnC91ntSbmOiU47r7FqPiECpPBWlZvszZdtM4k04xGeffqnB3zVCahNwGXXqiWbVOYJm2zHFnL8Rl0G6KkBJ-2ZfEwtKIWQdwN96psGLMsZhlzlasnwg7fisBnUbXJX5adDo9v3nCF6dXJr7Csb7SGvGEh_tr_gsFmWCDi3i2FSf4UooRvGLI53wOB33xDqiDiWnOVCg8L1vR3uFBrFT1JR33iU66DKebEURxmUPGr7CKt9lWQr0hjApKPIzmBPZES-1atNVm3sNL-sdnOkJd9TVEcs5vqOeQEpzel18TuRlEP-DeWzNNRuIiVIrZaK4QTAaccRZcn8--5qZj8m5jQEqb3wCrpl8WVJtrUuFuvBfT6wWfvEAzuorcTngLvU41FlDdXInkfJHo42bNXIyIyEF6uMULosMoGZMIv4BD7horGEwsMYNn4d5tdoYVQAusH1vpu4YfFAn-HwFMfvMHC0SCu3tlwvwo-DiDbJr3SVsNc8rE5-RrU0p8YG2ZExXr7_piaS5YN4li5moDEKIQEn35QMlNe_j1QV0xetg=&sp=1&cb=_clwzk58kmjhtfa0ah5fql7&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL GET HTTP/2 limurol.com/ssp/req/1951167/?pb=ba7afc66e49e40d47d483d954f4062b31685935041&psp=H0bRo0WXdA8wEhEsUHja4YKV4abtBHQAkoGNCpXnGkBUevW0lgldlPevyqhskizAAJQHjW8oxKWOFh1eL6lOwGXX2_-V7aMHCurahGoOmmzaLZ3udyexX2DLUQlOuCiKvkcjUIjkfhiOuuT4k0Ic82fb8vL1DCTMCjhl_mN5LX8mEhoQm_x7mer-D3EnNEyMXR_2vc32Q9GHBUwpTc9yRxRlAqmkkrAaCSMEnC91ntSbmOiU47r7FqPiECpPBWlZvszZdtM4k04xGeffqnB3zVCahNwGXXqiWbVOYJm2zHFnL8Rl0G6KkBJ-2ZfEwtKIWQdwN96psGLMsZhlzlasnwg7fisBnUbXJX5adDo9v3nCF6dXJr7Csb7SGvGEh_tr_gsFmWCDi3i2FSf4UooRvGLI53wOB33xDqiDiWnOVCg8L1vR3uFBrFT1JR33iU66DKebEURxmUPGr7CKt9lWQr0hjApKPIzmBPZES-1atNVm3sNL-sdnOkJd9TVEcs5vqOeQEpzel18TuRlEP-DeWzNNRuIiVIrZaK4QTAaccRZcn8--5qZj8m5jQEqb3wCrpl8WVJtrUuFuvBfT6wWfvEAzuorcTngLvU41FlDdXInkfJHo42bNXIyIyEF6uMULosMoGZMIv4BD7horGEwsMYNn4d5tdoYVQAusH1vpu4YfFAn-HwFMfvMHC0SCu3tlwvwo-DiDbJr3SVsNc8rE5-RrU0p8YG2ZExXr7_piaS5YN4li5moDEKIQEn35QMlNe_j1QV0xetg=&sp=1&cb=_clwzk58kmjhtfa0ah5fql7&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint72:B0:71:AA:BB:77:16:4F:5D:2B:24:A5:E4:E7:B9:A5:80:81:2D:D0
ValiditySun, 05 Feb 2023 11:13:42 GMT - Thu, 03 Aug 2023 21:59:00 GMT
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1951167/?pb=ba7afc66e49e40d47d483d954f4062b31685935041&psp=H0bRo0WXdA8wEhEsUHja4YKV4abtBHQAkoGNCpXnGkBUevW0lgldlPevyqhskizAAJQHjW8oxKWOFh1eL6lOwGXX2_-V7aMHCurahGoOmmzaLZ3udyexX2DLUQlOuCiKvkcjUIjkfhiOuuT4k0Ic82fb8vL1DCTMCjhl_mN5LX8mEhoQm_x7mer-D3EnNEyMXR_2vc32Q9GHBUwpTc9yRxRlAqmkkrAaCSMEnC91ntSbmOiU47r7FqPiECpPBWlZvszZdtM4k04xGeffqnB3zVCahNwGXXqiWbVOYJm2zHFnL8Rl0G6KkBJ-2ZfEwtKIWQdwN96psGLMsZhlzlasnwg7fisBnUbXJX5adDo9v3nCF6dXJr7Csb7SGvGEh_tr_gsFmWCDi3i2FSf4UooRvGLI53wOB33xDqiDiWnOVCg8L1vR3uFBrFT1JR33iU66DKebEURxmUPGr7CKt9lWQr0hjApKPIzmBPZES-1atNVm3sNL-sdnOkJd9TVEcs5vqOeQEpzel18TuRlEP-DeWzNNRuIiVIrZaK4QTAaccRZcn8--5qZj8m5jQEqb3wCrpl8WVJtrUuFuvBfT6wWfvEAzuorcTngLvU41FlDdXInkfJHo42bNXIyIyEF6uMULosMoGZMIv4BD7horGEwsMYNn4d5tdoYVQAusH1vpu4YfFAn-HwFMfvMHC0SCu3tlwvwo-DiDbJr3SVsNc8rE5-RrU0p8YG2ZExXr7_piaS5YN4li5moDEKIQEn35QMlNe_j1QV0xetg=&sp=1&cb=_clwzk58kmjhtfa0ah5fql7&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: UID=2306042017f46556ecffe04e9eb15875d982
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ghb.adtelligent.com/v2/auction/
62.149.23.112200 OK 880 B URL POST HTTP/1.1 ghb.adtelligent.com/v2/auction/
IP 62.149.23.112:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerZeroSSL
Subjectghb.adtelligent.com
Fingerprint61:5D:B5:38:E3:4B:37:1E:4F:26:73:5B:D6:A1:DB:0B:33:79:B7:34
ValidityThu, 01 Jun 2023 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (4000), with no line terminators
Hash f270e5964ba2ef7636c89adc3c4ed01d
0b991ef760c9950421e1ba571fc8eb92f2168e64
91dbe40128abe7e6b447b1f0ea84d640e6cf2ff95362918ba74c771cf125046b
POST /v2/auction/ HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 609
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Adtelligent
Date: Mon, 05 Jun 2023 01:17:22 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 880
Access-Control-Allow-Origin: https://send.cm
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
limurol.com/ssp/req/1951167/?pb=44c3b5399042b0bf0c735e83b9b59ffd1685935042&psp=x5ezoHizTHblI_LucyBYYx52ccAY1n4ALWijAAG6TLpuOyX-LuhWPYTjJIq1vo9uz2RftLnYTQzCILG9kLz5RM_xMdSG54RQc_ps-B491z8SYvImoRy8LlC0b8vX12Cs62Dt9SRL4ayq5g8d-jlP9xK-HBDL1dcbDeWCjeD4UV5evKqo8h84esip10uAVQiwrqZzvEEe0yr_WcVKDsjcfSH-7CWabI85hys4rMMaQk3IVIWtpZkb_IAWj4vxKxE7wLr_sHvfnJeXjYYtgpdBaWwgz2Lyk0mcckxXHmG0dKUM1iElu7OB8AsPCBE5ICFmitpvvrB_VljIOu0NtXtR1O__t7qYU6ISKQJSDdQ_AeaXEIiH5eOM5du_F-29_yTYtuV1kNoIDbSiWkm5Qw5gn3xdYgYwIojHsh7nUcsbwq9SYJHEUtTm8S4gZwfJH1G5ZoEA_xk8tSwcPjU5KWSpjWtSpsuJppwTZCsVHHQsNwIRTMxmAgDO-OH0NZsCgmeYYmr4tv1WKxiCsR6Pg-xoH_8qWJlIHhbeDbqodKeuw7OpThBSbAW5wnSuAO-u1Di2huh_2RtxviwzriF62FhvhhTElmhI_IAwJn4tNoKlLBTWrWkdR8-g_uuZrLrCLcKXOF3Xp_eho4bC5NtEFxxZoxgA7M_wPNGLO9thThqzY2zV_88fi-OCr4NjvOxyQFgHxsZV4rrNWZqnnoupoBJmpkcYoxGVJL8_WqNBN7okdFKmh40ZBNEO5sl5lQ_5i0b0arCPmFJgbAQ=&sp=1&cb=_clnqm2h58fwppk03ao7wzl&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL GET HTTP/2 limurol.com/ssp/req/1951167/?pb=44c3b5399042b0bf0c735e83b9b59ffd1685935042&psp=x5ezoHizTHblI_LucyBYYx52ccAY1n4ALWijAAG6TLpuOyX-LuhWPYTjJIq1vo9uz2RftLnYTQzCILG9kLz5RM_xMdSG54RQc_ps-B491z8SYvImoRy8LlC0b8vX12Cs62Dt9SRL4ayq5g8d-jlP9xK-HBDL1dcbDeWCjeD4UV5evKqo8h84esip10uAVQiwrqZzvEEe0yr_WcVKDsjcfSH-7CWabI85hys4rMMaQk3IVIWtpZkb_IAWj4vxKxE7wLr_sHvfnJeXjYYtgpdBaWwgz2Lyk0mcckxXHmG0dKUM1iElu7OB8AsPCBE5ICFmitpvvrB_VljIOu0NtXtR1O__t7qYU6ISKQJSDdQ_AeaXEIiH5eOM5du_F-29_yTYtuV1kNoIDbSiWkm5Qw5gn3xdYgYwIojHsh7nUcsbwq9SYJHEUtTm8S4gZwfJH1G5ZoEA_xk8tSwcPjU5KWSpjWtSpsuJppwTZCsVHHQsNwIRTMxmAgDO-OH0NZsCgmeYYmr4tv1WKxiCsR6Pg-xoH_8qWJlIHhbeDbqodKeuw7OpThBSbAW5wnSuAO-u1Di2huh_2RtxviwzriF62FhvhhTElmhI_IAwJn4tNoKlLBTWrWkdR8-g_uuZrLrCLcKXOF3Xp_eho4bC5NtEFxxZoxgA7M_wPNGLO9thThqzY2zV_88fi-OCr4NjvOxyQFgHxsZV4rrNWZqnnoupoBJmpkcYoxGVJL8_WqNBN7okdFKmh40ZBNEO5sl5lQ_5i0b0arCPmFJgbAQ=&sp=1&cb=_clnqm2h58fwppk03ao7wzl&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint72:B0:71:AA:BB:77:16:4F:5D:2B:24:A5:E4:E7:B9:A5:80:81:2D:D0
ValiditySun, 05 Feb 2023 11:13:42 GMT - Thu, 03 Aug 2023 21:59:00 GMT
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1951167/?pb=44c3b5399042b0bf0c735e83b9b59ffd1685935042&psp=x5ezoHizTHblI_LucyBYYx52ccAY1n4ALWijAAG6TLpuOyX-LuhWPYTjJIq1vo9uz2RftLnYTQzCILG9kLz5RM_xMdSG54RQc_ps-B491z8SYvImoRy8LlC0b8vX12Cs62Dt9SRL4ayq5g8d-jlP9xK-HBDL1dcbDeWCjeD4UV5evKqo8h84esip10uAVQiwrqZzvEEe0yr_WcVKDsjcfSH-7CWabI85hys4rMMaQk3IVIWtpZkb_IAWj4vxKxE7wLr_sHvfnJeXjYYtgpdBaWwgz2Lyk0mcckxXHmG0dKUM1iElu7OB8AsPCBE5ICFmitpvvrB_VljIOu0NtXtR1O__t7qYU6ISKQJSDdQ_AeaXEIiH5eOM5du_F-29_yTYtuV1kNoIDbSiWkm5Qw5gn3xdYgYwIojHsh7nUcsbwq9SYJHEUtTm8S4gZwfJH1G5ZoEA_xk8tSwcPjU5KWSpjWtSpsuJppwTZCsVHHQsNwIRTMxmAgDO-OH0NZsCgmeYYmr4tv1WKxiCsR6Pg-xoH_8qWJlIHhbeDbqodKeuw7OpThBSbAW5wnSuAO-u1Di2huh_2RtxviwzriF62FhvhhTElmhI_IAwJn4tNoKlLBTWrWkdR8-g_uuZrLrCLcKXOF3Xp_eho4bC5NtEFxxZoxgA7M_wPNGLO9thThqzY2zV_88fi-OCr4NjvOxyQFgHxsZV4rrNWZqnnoupoBJmpkcYoxGVJL8_WqNBN7okdFKmh40ZBNEO5sl5lQ_5i0b0arCPmFJgbAQ=&sp=1&cb=_clnqm2h58fwppk03ao7wzl&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: UID=2306042017f46556ecffe04e9eb15875d982
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
nedukeration.info/utx?cb=xnmvUL8z2fQ4&top=send.cm&tid=984022
54.230.111.79204 No Content 0 B URL GET HTTP/2 nedukeration.info/utx?cb=xnmvUL8z2fQ4&top=send.cm&tid=984022
IP 54.230.111.79:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerAmazon
Subjectnedukeration.info
Fingerprint95:45:18:1D:79:D5:0F:7B:46:CF:15:61:D4:43:EE:1E:2D:89:79:A3
ValiditySun, 16 Apr 2023 00:00:00 GMT - Tue, 14 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=xnmvUL8z2fQ4&top=send.cm&tid=984022 HTTP/1.1
Host: nedukeration.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Jun 2023 01:17:22 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://send.cm
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 05 Jun 2023 01:18:22 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zw9M7gaY0TkUahbe2W6fQvy4W-SL9-5Qid95glWc4YdK-AAo-En9OQ==
X-Firefox-Spdy: h2
send.cm/static/js/lwcnCookieNotice.js
104.26.1.171200 OK 9.3 kB URL GET HTTP/3 send.cm/static/js/lwcnCookieNotice.js
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type HTML document, ASCII text, with very long lines (53401), with no line terminators
Hash 80ac9c6d6785b91485916869cade2107
181b8192bfad99ae60bfd12d7912301d526e5a25
dca3e0c9cbb4489fc71e12ab3020c2ee13e53c647eb50ce597813969732b570a
GET /static/js/lwcnCookieNotice.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1; __PPU___PPU_SESSION_URL=%2Frme53wzr0vbh; c_7hyj5tegwm4sd2=rme53wzr0vbh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: application/javascript; charset=utf8
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-control: max-age=259200
cf-bgj: minify
etag: W/"d099-5d5ec913f5674-gzip"
expires: Mon, 05 Jun 2023 01:17:51 GMT
last-modified: Wed, 19 Jan 2022 10:08:29 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzV5bSzHtM%2BqkSPvSmxgezKKwLQYT9AVHrvfNsMbu7GnDrMzAi8xSenVgcHBFHJSDSpyaNLDIqOkqHC0J0hE1KDmmw65aXKAraMkeJwLUjabZ1vfuTIremI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2493556f880b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGYLI-XZcR36TrXyfEReHpVusj_BCCjl2DUTs1OQDDYB3s1QbnM9egfq5VWKmCULU7g-xschQ
142.250.74.109302 Found 406 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGYLI-XZcR36TrXyfEReHpVusj_BCCjl2DUTs1OQDDYB3s1QbnM9egfq5VWKmCULU7g-xschQ
IP 142.250.74.109:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (396)
Hash c9ed979d8b1308ff026769f0ffbae579
0ae116807cda6391dcc07fa5c299e43a301f504e
d7a4eb1a5c8884f82b760dca5a06a22628821c3d5240e5c174fe6ebe0961d1a0
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGYLI-XZcR36TrXyfEReHpVusj_BCCjl2DUTs1OQDDYB3s1QbnM9egfq5VWKmCULU7g-xschQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:FEs-vUb5g55LwRQP7aIGYMV30wD6dA:Qy4DH-x6jBXT8H3B;Path=/;Expires=Wed, 04-Jun-2025 01:17:22 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Jun 2023 01:17:22 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1358606532%3A1685927842910313&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFtjcC8xARaK7J9Rg-vjt1898ei7CpV1mhWoBO7SksU3eYWYCTpCDCWFIa9-YhYBU72pBxPDg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-xOfKeAu5ll_rpQa2AAPtow' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 406
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff
104.26.1.171200 OK 77 kB URL GET HTTP/3 send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type Web Open Font Format, TrueType, length 77420, version 1.1\012- data
Hash 2afba28a9ce96315436db858db163c47
550d4374a60527b4f68d4700019aaac11a9140a2
b51d665d9cfebb31a2b61491bf408a172a5791166a0eb99a57ae4a7acbcba0d4
GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1; __PPU___PPU_SESSION_URL=%2Frme53wzr0vbh; c_7hyj5tegwm4sd2=rme53wzr0vbh; __cf_bm=AKHND3.Ulzkz6hsQwkTEHYv2.r1VRyeXPuRYRjY1P2E-1685927842-0-ASqr6NpsEoguD2vxqKqvTViz+mbRDu9xPNae11N60uhAs0gY/QtMvr/6PJrutXJPQd9l50kYnSO2sMiikvQaG33pJZ5N9oYD46vBWdr69aw4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: font/woff
content-length: 77420
last-modified: Thu, 17 Sep 2020 12:29:21 GMT
etag: "5f6356a1-12e6c"
expires: Tue, 09 May 2023 15:47:58 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1818228
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSWfxNreQRRqmnJrkviHzEY8d6TXMikn5aBPcuh6OeWfHhUzfaeksBRIBG7hvJtg1fryYa4zl8cIfrlp27joeBGPzubrSpR1KEVq%2Bwdo8CzBWPGASJtSGe0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d24935ba9400b3d-OSL
alt-svc: h3=":443"; ma=86400
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff
104.26.1.171200 OK 82 kB URL GET HTTP/3 send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type Web Open Font Format, TrueType, length 81760, version 1.1\012- data
Hash 220843e2f1927e726e78ca63f426ce50
d86801f8452cda25025530f406773162decd1458
ae9310191397b69cd6dd015ba0c6f9d674f493d35384f29c9c7d23e3c7df0d24
GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1; __PPU___PPU_SESSION_URL=%2Frme53wzr0vbh; c_7hyj5tegwm4sd2=rme53wzr0vbh; __cf_bm=AKHND3.Ulzkz6hsQwkTEHYv2.r1VRyeXPuRYRjY1P2E-1685927842-0-ASqr6NpsEoguD2vxqKqvTViz+mbRDu9xPNae11N60uhAs0gY/QtMvr/6PJrutXJPQd9l50kYnSO2sMiikvQaG33pJZ5N9oYD46vBWdr69aw4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: font/woff
content-length: 81760
last-modified: Thu, 17 Sep 2020 12:29:20 GMT
etag: "5f6356a0-13f60"
expires: Fri, 28 Apr 2023 10:10:49 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1818228
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8RyEDFave2vIFjgv4CaJMen5DeMA26e23XZztNIJDB2MWKWY0eyjDClS%2F9sAGXMNBceozVKOfoJfny0sILDT%2Fu2ts42UDDImjtDRuwK1hTSB1KbYFz352U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d24935ba9430b3d-OSL
alt-svc: h3=":443"; ma=86400
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff
104.26.1.171200 OK 82 kB URL GET HTTP/3 send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type Web Open Font Format, TrueType, length 82076, version 1.1\012- data
Hash dac78b0f1626eb1aa95d41b488e699c1
a377d0df34945fc45bdc030dc63139bd9cf28a2d
ee6d9467e82f91146b9f71f3ac572d66f4aeed0f261b30ef4765550edc11119d
GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1; __PPU___PPU_SESSION_URL=%2Frme53wzr0vbh; c_7hyj5tegwm4sd2=rme53wzr0vbh; __cf_bm=AKHND3.Ulzkz6hsQwkTEHYv2.r1VRyeXPuRYRjY1P2E-1685927842-0-ASqr6NpsEoguD2vxqKqvTViz+mbRDu9xPNae11N60uhAs0gY/QtMvr/6PJrutXJPQd9l50kYnSO2sMiikvQaG33pJZ5N9oYD46vBWdr69aw4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: font/woff
content-length: 82076
last-modified: Thu, 17 Sep 2020 12:29:20 GMT
vary: Accept-Encoding
etag: "5f6356a0-1409c"
expires: Fri, 26 May 2023 04:19:48 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1621333
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHCW3ZrMOZVvnTYkFWb36UTfuMJk33%2F%2FlghYw0EsMLJZatx0%2FaCGFjB7TvXzjKeGBsJwZyrfcfvCweHv6TD41ya5Pe%2BWsn4%2B5hn8s29zOHrlWL5Bz16fRdE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d24935ba9420b3d-OSL
alt-svc: h3=":443"; ma=86400
id.a-mx.com/sync/?tagId=&ref=null&u=https://send.cm/rme53wzr0vbh&tl=https://send.cm/rme53wzr0vbh&nf=0&rt=true&v=7.48.0&av=2.0&vg=aaw&us_privacy=null&am=null&gdpr=0&gdpr_consent=
188.114.97.1302 Found 0 B URL GET HTTP/2 id.a-mx.com/sync/?tagId=&ref=null&u=https://send.cm/rme53wzr0vbh&tl=https://send.cm/rme53wzr0vbh&nf=0&rt=true&v=7.48.0&av=2.0&vg=aaw&us_privacy=null&am=null&gdpr=0&gdpr_consent=
IP 188.114.97.1:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerLet's Encrypt
Subjecta-mx.com
Fingerprint93:1B:3E:6F:0C:42:D4:9E:E2:06:0B:31:BD:11:83:9D:CF:0D:0C:67
ValidityMon, 01 May 2023 03:57:58 GMT - Sun, 30 Jul 2023 03:57:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/?tagId=&ref=null&u=https://send.cm/rme53wzr0vbh&tl=https://send.cm/rme53wzr0vbh&nf=0&rt=true&v=7.48.0&av=2.0&vg=aaw&us_privacy=null&am=null&gdpr=0&gdpr_consent= HTTP/1.1
Host: id.a-mx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
location: https://c3.a-mo.net/b?gdpr=0&gdpr_consent=&us_privacy=null&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFpg9TpVHlLwwgox272chYq5XxxVAPHAwvHtxGGl6er5%2F%2Flsq6kzgwlo80zcQuYBHX8vxveOQ8KvViGiealVi7TLPnQimS2%2BegP3v0%2BupOR%2FqxuqwnSXKH8O4nTLLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d24935c4db50b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
nedukeration.info/utx?cb=a625NRkKhe14&top=send.cm&tid=903813
54.230.111.79204 No Content 0 B URL GET HTTP/2 nedukeration.info/utx?cb=a625NRkKhe14&top=send.cm&tid=903813
IP 54.230.111.79:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerAmazon
Subjectnedukeration.info
Fingerprint95:45:18:1D:79:D5:0F:7B:46:CF:15:61:D4:43:EE:1E:2D:89:79:A3
ValiditySun, 16 Apr 2023 00:00:00 GMT - Tue, 14 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=a625NRkKhe14&top=send.cm&tid=903813 HTTP/1.1
Host: nedukeration.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Jun 2023 01:17:23 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://send.cm
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 05 Jun 2023 01:18:23 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nvFDm1Ld1YJYu-noszoRL2ohQ0ZRfXqZ9_zd4jLSz9XNiyp2v-3Waw==
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-3400026-25&l=dataLayer&cx=c
142.250.74.72200 OK 47 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=UA-3400026-25&l=dataLayer&cx=c
IP 142.250.74.72:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (2271)
Hash 9c9f0a041a19204d93aa463c98f211eb
5fc965ce11a430e02d4e1adcbe15adc8a00a6b82
e520e75f12f466fae665e1b4a34248a378d30c36f8565506d6f129dad3e955f4
GET /gtag/js?id=UA-3400026-25&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Jun 2023 01:17:23 GMT
expires: Mon, 05 Jun 2023 01:17:23 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Jun 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47420
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
simplewebanalysis.com/stats
52.58.93.188200 OK 40 B URL GET HTTP/2 simplewebanalysis.com/stats
IP 52.58.93.188:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 92037e6770ae6dada1c4f53a56ddd55b
438bd206ef74f6316fbd0b89519dd39654154e4e
a61d417607944b86b74a383f5173956fd9d8f43de73e53eaa2856b4c975b86e8
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://send.cm
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ba1086e4-631f-4c62-af46-91f0f00ba749:1:1; expires=Thu, 02 Jun 2033 01:17:23 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
thycantyoubelike.com/UDFaTEV/Djk/eB9mIj0WFGAVGxNpBx4dAzZpNHgHE3cyKiYRZHw4LDQMY3x2aABpajU5VWd9YyNFOzgwIwxraiw+VzVxYyYMa2J2ZB9pfmtiFy9xdHZFKi0ibQB8PDEkXWd9c2gEY35yaAVodHVg
104.21.27.111204 No Content 0 B URL GET HTTP/3 thycantyoubelike.com/UDFaTEV/Djk/eB9mIj0WFGAVGxNpBx4dAzZpNHgHE3cyKiYRZHw4LDQMY3x2aABpajU5VWd9YyNFOzgwIwxraiw+VzVxYyYMa2J2ZB9pfmtiFy9xdHZFKi0ibQB8PDEkXWd9c2gEY35yaAVodHVg
IP 104.21.27.111:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subjectthycantyoubelike.com
FingerprintEE:1F:4E:1B:ED:D1:D3:7C:D8:9A:87:62:4F:8A:C0:01:0C:0E:25:F4
ValidityThu, 01 Jun 2023 15:44:27 GMT - Wed, 30 Aug 2023 15:44:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UDFaTEV/Djk/eB9mIj0WFGAVGxNpBx4dAzZpNHgHE3cyKiYRZHw4LDQMY3x2aABpajU5VWd9YyNFOzgwIwxraiw+VzVxYyYMa2J2ZB9pfmtiFy9xdHZFKi0ibQB8PDEkXWd9c2gEY35yaAVodHVg HTTP/1.1
Host: thycantyoubelike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Mon, 05 Jun 2023 01:17:23 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQL4C7pUxuuc7Q4zg0%2BvywHy2i7Qgs7DDrqlax%2B4QQQppTVQZTG3j4QkF97mfu9rOLsfRdZX2vdYaX2r0lba32%2FGtYnwbxfXidVH0xXaSuea%2BDAQW%2BK8nIu2VzaonS8TRa0ex75hyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d24935c9e2eb523-OSL
alt-svc: h3=":443"; ma=86400
c3.a-mo.net/b?gdpr=0&gdpr_consent=&us_privacy=null&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D
104.19.159.19302 Found 0 B URL GET HTTP/2 c3.a-mo.net/b?gdpr=0&gdpr_consent=&us_privacy=null&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D
IP 104.19.159.19:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:9A:A5:22:8B:F5:F4:56:F1:AD:3B:51:E0:FC:76:DF:3C:9F:C4:26
ValidityFri, 31 Mar 2023 00:00:00 GMT - Fri, 29 Mar 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?gdpr=0&gdpr_consent=&us_privacy=null&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D HTTP/1.1
Host: c3.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Content-Type: text/plain
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
location: https://id.a-mx.com/set?uid=b7510511-d1b4-4af8-8bab-dc7e1a39b8a0&gdpr=0&gdpr_consent=&us_privacy=null
access-control-allow-origin: null
access-control-allow-credentials: true
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d24935d5fddb4f9-OSL
X-Firefox-Spdy: h2
nedukeration.info/YzlROUECWzJUfgIEMx80EVVsHHMlHGN/JVJMKQByAVwjADcPTiUXIg9WJF0nEVY/TW8NXCUccyUOM1MDAm0XbA87QwBIIAtJC2kvJUoJXg8KXwZjCDRQOlMOGw0fchMMQRhXDBVyK150IV49SAgxawRjchtDEFUEU3JjUQg1bQBPICUBBnY4BAoEThNbdhJsAzQLMg8OBFU3chIuVRYIGApYOHgRJ20yUw0UXTJ3KFJOCXEbFWA8bw0iVCFSDTUBE19yW2ECTgsScBVOADFqG0kbUgwYYC8McgZ4E0YLF185B3UQVC5GCxNwcRB9FgpwD28pDDA5YRNaACcUYUkPBG83X3JXbQl4AxFfFm8nIn4lSRtSDAZ0O1dOEn95ClgGWi4ibiUAJFINBnVyJVJ3UzIMVyEEMjVdHXo0BFQGDxI
54.230.111.79200 OK 1.2 kB URL GET HTTP/2 nedukeration.info/YzlROUECWzJUfgIEMx80EVVsHHMlHGN/JVJMKQByAVwjADcPTiUXIg9WJF0nEVY/TW8NXCUccyUOM1MDAm0XbA87QwBIIAtJC2kvJUoJXg8KXwZjCDRQOlMOGw0fchMMQRhXDBVyK150IV49SAgxawRjchtDEFUEU3JjUQg1bQBPICUBBnY4BAoEThNbdhJsAzQLMg8OBFU3chIuVRYIGApYOHgRJ20yUw0UXTJ3KFJOCXEbFWA8bw0iVCFSDTUBE19yW2ECTgsScBVOADFqG0kbUgwYYC8McgZ4E0YLF185B3UQVC5GCxNwcRB9FgpwD28pDDA5YRNaACcUYUkPBG83X3JXbQl4AxFfFm8nIn4lSRtSDAZ0O1dOEn95ClgGWi4ibiUAJFINBnVyJVJ3UzIMVyEEMjVdHXo0BFQGDxI
IP 54.230.111.79:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerAmazon
Subjectnedukeration.info
Fingerprint95:45:18:1D:79:D5:0F:7B:46:CF:15:61:D4:43:EE:1E:2D:89:79:A3
ValiditySun, 16 Apr 2023 00:00:00 GMT - Tue, 14 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3018), with no line terminators
Hash 26423975a688415394e6d84347ceb40c
39e87cad37be3316695e8516f73be6bd64d1d85d
e55aad1fef08941f3bf1c2677fea6a42f6820a9d13bac9658da626bbfb27d0bc
GET /YzlROUECWzJUfgIEMx80EVVsHHMlHGN/JVJMKQByAVwjADcPTiUXIg9WJF0nEVY/TW8NXCUccyUOM1MDAm0XbA87QwBIIAtJC2kvJUoJXg8KXwZjCDRQOlMOGw0fchMMQRhXDBVyK150IV49SAgxawRjchtDEFUEU3JjUQg1bQBPICUBBnY4BAoEThNbdhJsAzQLMg8OBFU3chIuVRYIGApYOHgRJ20yUw0UXTJ3KFJOCXEbFWA8bw0iVCFSDTUBE19yW2ECTgsScBVOADFqG0kbUgwYYC8McgZ4E0YLF185B3UQVC5GCxNwcRB9FgpwD28pDDA5YRNaACcUYUkPBG83X3JXbQl4AxFfFm8nIn4lSRtSDAZ0O1dOEn95ClgGWi4ibiUAJFINBnVyJVJ3UzIMVyEEMjVdHXo0BFQGDxI HTTP/1.1
Host: nedukeration.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1176
date: Mon, 05 Jun 2023 01:17:23 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LvlVl2h5-XwbNORhFoSNAWyVVp_XkLm45g22IPtyWsB-TuQVBlNeiA==
X-Firefox-Spdy: h2
send.cm/cdn-cgi/challenge-platform/h/g/cv/result/7d24934ebfa7b523
104.26.1.171200 OK 24 kB URL POST HTTP/3 send.cm/cdn-cgi/challenge-platform/h/g/cv/result/7d24934ebfa7b523
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /cdn-cgi/challenge-platform/h/g/cv/result/7d24934ebfa7b523 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12366
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1; __PPU___PPU_SESSION_URL=%2Frme53wzr0vbh; c_7hyj5tegwm4sd2=rme53wzr0vbh
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=AKHND3.Ulzkz6hsQwkTEHYv2.r1VRyeXPuRYRjY1P2E-1685927842-0-ASqr6NpsEoguD2vxqKqvTViz+mbRDu9xPNae11N60uhAs0gY/QtMvr/6PJrutXJPQd9l50kYnSO2sMiikvQaG33pJZ5N9oYD46vBWdr69aw4; path=/; expires=Mon, 05-Jun-23 01:47:22 GMT; domain=.send.cm; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkW0w5B6UXR5DN3fJue3T4nZTaKOlMgpiOJJN%2B0s4ntW2Sh7c3kkXQ2KnGuQ%2Ft5MpdLWknBko0X%2BpKp%2FBF84ui%2FaA72wUF3CWyBt4TjvZcUa2Y7g1pCUIqE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d24935958a40b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
my.rtmark.net/gid.js?userId=c9e9266de6914b04923c7478595b1c71
139.45.195.8200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=c9e9266de6914b04923c7478595b1c71
IP 139.45.195.8:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT
File type JSON data\012- , ASCII text
Hash 9afc2e277230c79d1a8a19fd95562aad
78a597eae0ecc5a4cfd48bcf8b715380f5b67c0e
b166f8bb155a5b2e8b333bbd1a81ae566dc18f80e99b8055c1024c75beff7c1b
GET /gid.js?userId=c9e9266de6914b04923c7478595b1c71 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://send.cm
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c9e9266de6914b04923c7478595b1c71; expires=Tue, 04 Jun 2024 01:17:23 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
d1ux93ber9vlwt.cloudfront.net/7bjBaTFUNXzQqahpZPnFsXgNifWZIWikjOx4NKRoxInMvKzg5BglqIRRUZ3xzAlE0K2hIVTQvaF8WOyg3UwR8OCUBW2c6OglfKSMlG1YiaiAPDTcjLwdcNi1wXHZvYmVLAmpkLV8Bf38XSwJqIDwARSJpZ15IYnoKWAR/fxdLAmo+I0sDG31lVx5qZXBcAD-0pNgVff34TXABrfGVfAGtpZ15WMz4wCF8iaWcoAWt9e14WL3Fk
54.230.245.177 492 B URL d1ux93ber9vlwt.cloudfront.net/7bjBaTFUNXzQqahpZPnFsXgNifWZIWikjOx4NKRoxInMvKzg5BglqIRRUZ3xzAlE0K2hIVTQvaF8WOyg3UwR8OCUBW2c6OglfKSMlG1YiaiAPDTcjLwdcNi1wXHZvYmVLAmpkLV8Bf38XSwJqIDwARSJpZ15IYnoKWAR/fxdLAmo+I0sDG31lVx5qZXBcAD-0pNgVff34TXABrfGVfAGtpZ15WMz4wCF8iaWcoAWt9e14WL3Fk
IP 54.230.245.177:0
File type ASCII text, with very long lines (667), with no line terminators
Hash 7e3af35daf4044e2e6de4851919eb72d
532c5c2f04191f1362c09c9e35a5d05fc3d165f3
5553be72451ee82f54d4fecbda32c5b3b4a7e49ddb15f11622387d9e8b2d1ecf
GET /7bjBaTFUNXzQqahpZPnFsXgNifWZIWikjOx4NKRoxInMvKzg5BglqIRRUZ3xzAlE0K2hIVTQvaF8WOyg3UwR8OCUBW2c6OglfKSMlG1YiaiAPDTcjLwdcNi1wXHZvYmVLAmpkLV8Bf38XSwJqIDwARSJpZ15IYnoKWAR/fxdLAmo+I0sDG31lVx5qZXBcAD-0pNgVff34TXABrfGVfAGtpZ15WMz4wCF8iaWcoAWt9e14WL3Fk HTTP/1.1
Host: d1ux93ber9vlwt.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nedukeration.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 492
date: Mon, 05 Jun 2023 01:17:23 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: e8JAI4tO5y0PiE-i0jIpdKttKxqVYIQKLmqkDCHTA5Fx4-lnMOYM4Q==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 400 B URL GET HTTP/3 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 67f29e98eeb5f0ca262d7188709f6a16
c16bf65b0d9d53247402681d5ba9ed068f09597a
669af2d4317f22d6234263b7cfe49e41814452a4d63f5be9c22e1086b88c2177
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
set-cookie: __Host-GAPS=1:m7lTHKltm9VdEalpkPxh4rvzRLWHmw:EUMIyNGKYdRB-5r0; Expires=Wed, 04-Jun-2025 01:17:23 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Jun 2023 01:17:23 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&ffgf=1&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFo2pfqDLmhf55ma1nwGG0eosd5g1-fYYIcwUzagRNyHi5NooRpMj17XNGiybFTUNxbo8MNLQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-Ccf4t6wo3gfV6MleuP1fMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
send.cm/cdn-cgi/challenge-platform/h/g/scripts/pica.js
104.26.1.171200 OK 3.5 kB URL GET HTTP/3 send.cm/cdn-cgi/challenge-platform/h/g/scripts/pica.js
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type ASCII text, with very long lines (5640), with no line terminators
Hash 996860ac0a805d2c63563ef41c8fa40d
45e5d0876d4095a3978a7e3191f2734495d81711
3aed09b6df34c1bab2d9ecfe14291f93648e532965e40d4b43f6b77729665d8c
GET /cdn-cgi/challenge-platform/h/g/scripts/pica.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1; __PPU___PPU_SESSION_URL=%2Frme53wzr0vbh; c_7hyj5tegwm4sd2=rme53wzr0vbh; __cf_bm=AKHND3.Ulzkz6hsQwkTEHYv2.r1VRyeXPuRYRjY1P2E-1685927842-0-ASqr6NpsEoguD2vxqKqvTViz+mbRDu9xPNae11N60uhAs0gY/QtMvr/6PJrutXJPQd9l50kYnSO2sMiikvQaG33pJZ5N9oYD46vBWdr69aw4; _lr_retry_request=true; _lr_env_src_ats=false; dom3ic8zudi28v8lr6fgphwffqoz0j6c=ba1086e4-631f-4c62-af46-91f0f00ba749%3A1%3A1
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EyHS8lngAdTkkhDohByeXJvmT%2FAD%2Bhyn5YRM6PV1n1eTzSvkVxGp5TJg8XAQFycz0mB1wSFLXCnSo%2BhKXlulZKwJ0jqWnHo5fEA80FDhWufpNTqtK8XoXs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d24935e09d70b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
pl15995674.highrevenuegate.com/9c/ed/24/9ced2453f41586bc39632e754938332a.json
173.233.137.44403 Forbidden 0 B URL GET HTTP/1.1 pl15995674.highrevenuegate.com/9c/ed/24/9ced2453f41586bc39632e754938332a.json
IP 173.233.137.44:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerLet's Encrypt
Subjecthighrevenuegate.com
FingerprintE3:83:9C:63:64:A5:46:F7:CE:7B:E1:4D:12:0F:29:C3:22:23:C0:14
ValidityTue, 02 May 2023 09:41:55 GMT - Mon, 31 Jul 2023 09:41:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9c/ed/24/9ced2453f41586bc39632e754938332a.json HTTP/1.1
Host: pl15995674.highrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Mon, 05 Jun 2023 01:17:23 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
accounts.google.com/v3/signin/identifier?dsh=S-1828040628%3A1685927843929294&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFotMXfhrNU2hBLFUBbcoMWJBFG4S5PHAMQohKmIGYBQpKmnNFfLA2vCr9ah-rag0C-NqCbFA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.109403 Forbidden 900 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S-1828040628%3A1685927843929294&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFotMXfhrNU2hBLFUBbcoMWJBFG4S5PHAMQohKmIGYBQpKmnNFfLA2vCr9ah-rag0C-NqCbFA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.109:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type gzip compressed data, max compression\012- data
Hash 1c1e92d2917478e21a4768edc8c3fcc4
4dbe70970c57cb22722076bb1f2d47c6444e927b
53e0913236fa2be893c3f2eb340690642c26766557d9eda3fe93d13745bab8d7
GET /v3/signin/identifier?dsh=S-1828040628%3A1685927843929294&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFotMXfhrNU2hBLFUBbcoMWJBFG4S5PHAMQohKmIGYBQpKmnNFfLA2vCr9ah-rag0C-NqCbFA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Jun 2023 01:17:23 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-9wj_9TSWAFm4CpVcEaFFxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
147.75.84.158 0 B URL prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
IP 147.75.84.158:0
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
Fingerprint86:27:A6:73:5B:D6:49:31:AD:38:AE:5D:D8:43:D7:59:83:60:76:B4
ValidityThu, 13 Apr 2023 07:33:05 GMT - Wed, 12 Jul 2023 07:33:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid= HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0, private, must-revalidate
date: Mon, 05 Jun 2023 01:17:37 GMT
server: envoy
x-envoy-upstream-service-time: 0
vary: Accept-Encoding
X-Firefox-Spdy: h2
send.cm/cdn-cgi/challenge-platform/h/g/cv/result/7d24934ebfa7b523
104.26.1.171200 OK 6 B URL POST HTTP/3 send.cm/cdn-cgi/challenge-platform/h/g/cv/result/7d24934ebfa7b523
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /cdn-cgi/challenge-platform/h/g/cv/result/7d24934ebfa7b523 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12366
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1; __PPU___PPU_SESSION_URL=%2Frme53wzr0vbh; c_7hyj5tegwm4sd2=rme53wzr0vbh; __cf_bm=AKHND3.Ulzkz6hsQwkTEHYv2.r1VRyeXPuRYRjY1P2E-1685927842-0-ASqr6NpsEoguD2vxqKqvTViz+mbRDu9xPNae11N60uhAs0gY/QtMvr/6PJrutXJPQd9l50kYnSO2sMiikvQaG33pJZ5N9oYD46vBWdr69aw4; _lr_retry_request=true; _lr_env_src_ats=false; dom3ic8zudi28v8lr6fgphwffqoz0j6c=ba1086e4-631f-4c62-af46-91f0f00ba749%3A1%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=wsMm_ArGoHdEBjcluvQ3KKDOedCkCcgHGpbQUkw55C4-1685927843-0-AZCcfwZNPVWgbMjbCeYe656thLyutKbzKKlGVTeiI0oF9uXyk3L8fZNGWKTPThDhT8aQQTjMsNpswkyfFH2k1U+0ERp8SWmf4LbZtAmhJ0Ii; path=/; expires=Mon, 05-Jun-23 01:47:23 GMT; domain=.send.cm; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcEqfJ0Tyngn%2FTh4wD3wdKQTyclR%2BAiTAebJIYM2nrnUMlw9Uzr%2FKw8ymHbBdd3F6ZOypelHI7G7CDkPgjKWZK4ojYHR1cvyGoi7gxgaxRtgbuOWb%2Fr98M0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d24935f6a240b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
s.seedtag.com/cs/st/s
34.149.50.64 0 B IP 34.149.50.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cs/st/s HTTP/1.1
Host: s.seedtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.seedtag.com/
Cookie: st_uid=b889e265-1d9b-4a19-baef-382a84a2fb6a; st_ssp=Y291bnRyeV9uYW1lPU5vcndheSZjb3VudHJ5X2lzbzI9Tk8mY291bnRyeV9pc28zPU5PUiZyZWdpb25fbmFtZT1Pc2xvIENvdW50eSZyZWdpb25faXNvMj0wMyZjaXR5X25hbWU9T3NsbyZsb25naXR1ZGU9MTAuODU5JmxhdGl0dWRlPTU5Ljk1NSZ6aXA9MTI5NA==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
server: openresty
date: Mon, 05 Jun 2023 01:17:38 GMT
set-cookie: st_csd=1685927858471:1685927858471; Max-Age=31104000; Domain=.seedtag.com; Path=/; Expires=Thu, 30 May 2024 01:17:38 GMT; Secure; SameSite=None
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cs.seedtag.com/cs.html?pt=9478-5022-01&pc=US
104.18.132.145 16 kB URL cs.seedtag.com/cs.html?pt=9478-5022-01&pc=US
IP 104.18.132.145:0
Hash 9b521f3428ed8d33a7522513dca0df36
605897547ddf24ed30f7fd72013c383f6fadb24c
3bf9caa58354de9eedff2b28e615a1902d351c320c261a78c948ddc51e3710dc
GET /cs.html?pt=9478-5022-01&pc=US HTTP/1.1
Host: cs.seedtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: st_uid=b889e265-1d9b-4a19-baef-382a84a2fb6a; st_ssp=Y291bnRyeV9uYW1lPU5vcndheSZjb3VudHJ5X2lzbzI9Tk8mY291bnRyeV9pc28zPU5PUiZyZWdpb25fbmFtZT1Pc2xvIENvdW50eSZyZWdpb25faXNvMj0wMyZjaXR5X25hbWU9T3NsbyZsb25naXR1ZGU9MTAuODU5JmxhdGl0dWRlPTU5Ljk1NSZ6aXA9MTI5NA==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 01:17:38 GMT
content-type: text/html
x-guploader-uploadid: ADPycdvcZfat-9zmjN3BLSxACa6UgUBssHb7baYaEMLW59uDn4Pinm_9UhddmuQpsLxUeiparLLyk1baGMk6RhNkRdCRIQ
cache-control: public, max-age=86400
expires: Tue, 06 Jun 2023 01:17:38 GMT
last-modified: Wed, 08 Mar 2023 10:28:58 GMT
etag: W/"5569cfba858088582379bf121d2d4bd2"
vary: Accept-Encoding
x-goog-generation: 1678271338915712
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 15362
x-goog-hash: crc32c=m1+WFQ==, md5=VWnPuoWAiFgjeb8SHS1L0g==
x-goog-storage-class: REGIONAL
cf-cache-status: HIT
age: 324
server: cloudflare
cf-ray: 7d2493ba4e2b0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
event.clientgear.com/cookie/seedtag?partner=seedtag&cookieid=
47.252.78.131 0 B URL event.clientgear.com/cookie/seedtag?partner=seedtag&cookieid=
IP 47.252.78.131:0
ASN #45102 Alibaba US Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie/seedtag?partner=seedtag&cookieid= HTTP/1.1
Host: event.clientgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.seedtag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 05 Jun 2023 01:17:38 GMT
content-length: 0
location: https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mk8be4728c5fdf41db9f4a9dba8c11826a
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
set-cookie: mkuuid=mk8be4728c5fdf41db9f4a9dba8c11826a; Domain=.clientgear.com; Expires=Sat, 02-Dec-2023 01:17:38 GMT; Path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mk8be4728c5fdf41db9f4a9dba8c11826a
34.149.50.64 0 B URL s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mk8be4728c5fdf41db9f4a9dba8c11826a
IP 34.149.50.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cs/cookiesync/yeahmobi?channeluid=mk8be4728c5fdf41db9f4a9dba8c11826a HTTP/1.1
Host: s.seedtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cs.seedtag.com/
DNT: 1
Connection: keep-alive
Cookie: st_uid=b889e265-1d9b-4a19-baef-382a84a2fb6a; st_ssp=Y291bnRyeV9uYW1lPU5vcndheSZjb3VudHJ5X2lzbzI9Tk8mY291bnRyeV9pc28zPU5PUiZyZWdpb25fbmFtZT1Pc2xvIENvdW50eSZyZWdpb25faXNvMj0wMyZjaXR5X25hbWU9T3NsbyZsb25naXR1ZGU9MTAuODU5JmxhdGl0dWRlPTU5Ljk1NSZ6aXA9MTI5NA==; st_csd=1685927858471:1685927858471
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
server: openresty
date: Mon, 05 Jun 2023 01:17:39 GMT
set-cookie: st_cs=qfAdZz1f+5BB4+eNouBUF5joFDJNA3CQ/Qm93Xn+X+RD2e1qAWs5wMXtVly5ACpBqmU4xNuxyRz3nEIC8TDnPg==; Max-Age=31104000; Domain=.seedtag.com; Path=/; Expires=Thu, 30 May 2024 01:17:39 GMT; Secure; SameSite=None
st_csd=1685927859041:1685927859041; Max-Age=31104000; Domain=.seedtag.com; Path=/; Expires=Thu, 30 May 2024 01:17:39 GMT; Secure; SameSite=None
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
addresseepaper.com/sfp.js
0.0.0.0 0 B URL GET addresseepaper.com/sfp.js
IP 0.0.0.0:0
Requested by https://send.cm/rme53wzr0vbh
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
send.cm/lib/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
104.26.1.171200 OK 74 kB URL GET HTTP/3 send.cm/lib/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type Web Open Font Format (Version 2), TrueType, length 74256, version 329.-17761\012- data
Hash 418dad87601f9c8abd0e5798c0dc1feb
a6b003ef506e92d05cde73adf67487d7fd7ec6df
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
GET /lib/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/lib/@fortawesome/fontawesome-free/css/fa.min.css
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1; __PPU___PPU_SESSION_URL=%2Frme53wzr0vbh; c_7hyj5tegwm4sd2=rme53wzr0vbh
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:22 GMT
content-length: 74256
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
etag: "12210-5ae64b14b0680"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cache-control: max-age=259200
cf-cache-status: HIT
age: 759
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRbCKdyWXNH5K7HwMsVsOk38B6ncVRC5TMJ8rVfkPc%2FfiJ7YJf0%2BzOukw0hApuMSc7uhDomWLjlozTyebaMexWg%2FPdfaviDcdP71s21I7dQEkisIpUkNroc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d2493556f890b3d-OSL
alt-svc: h3=":443"; ma=86400
godpvqnszo.com/get/1951167?zoneid=1951167&jp=_cl7f8pcuunw9813c05aq2f&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&cid=3769663664250089
62.122.171.6200 OK 3.7 kB URL GET HTTP/2 godpvqnszo.com/get/1951167?zoneid=1951167&jp=_cl7f8pcuunw9813c05aq2f&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&cid=3769663664250089
IP 62.122.171.6:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerBuypass AS-983163327
Subject
FingerprintA3:18:81:46:21:23:25:D9:B2:A0:C9:DF:CC:95:3B:39:2C:75:77:82
ValiditySun, 05 Feb 2023 10:50:47 GMT - Thu, 03 Aug 2023 21:59:00 GMT
File type ASCII text, with very long lines (4062), with no line terminators
Hash 73ec838e504a5e2362ddf1f17cdc8dc2
e54b0f52e2dd6b0fa3605efe5501e08317a3e135
de606135931b1ed56cf406338d3d0fa39c597483f25a0e157b9177cf7e17442e
GET /get/1951167?zoneid=1951167&jp=_cl7f8pcuunw9813c05aq2f&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&cid=3769663664250089 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: UID=23060420170df94f6757b942e3bf2b4a018d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
godpvqnszo.com/aas/r45d/vki/1951167/a6cdd247.js
62.122.171.6200 OK 85 kB URL GET HTTP/2 godpvqnszo.com/aas/r45d/vki/1951167/a6cdd247.js
IP 62.122.171.6:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerBuypass AS-983163327
Subject
FingerprintA3:18:81:46:21:23:25:D9:B2:A0:C9:DF:CC:95:3B:39:2C:75:77:82
ValiditySun, 05 Feb 2023 10:50:47 GMT - Thu, 03 Aug 2023 21:59:00 GMT
File type ASCII text, with very long lines (64959)
Hash 0812a8bf5c1c1e239ff337a622c7a89b
50eebe8ff4820f3553c38ef1f63dcf94bb8e9bfb
8f3aea3e305a912052f8c54fce21ca754f095ded9d35a9c1684b846376dc5e65
GET /aas/r45d/vki/1951167/a6cdd247.js HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: UID=23060420170df94f6757b942e3bf2b4a018d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: application/javascript
last-modified: Thu, 11 May 2023 08:36:45 GMT
vary: Accept-Encoding
etag: W/"645ca91d-14c36"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.107.19200 OK 102 kB IP 172.64.107.19:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3512
last-modified: Mon, 05 Jun 2023 00:18:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3saeBrsZwV%2FYRcrYbl2GqQKez3JSLkcy3rVIbUvMKic32pWIp78WJuVGXIleMajJX3PFdB%2B0e41Z2DeZzEX1NHyTkPByrWx3%2Bu04j5He2GJk5NrKmO4fmh2JTNt41Q1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d249359c93074e5-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
zaltaumi.net/tag.min.js
139.45.197.245200 OK 74 kB IP 139.45.197.245:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerLet's Encrypt
Subjectzaltaumi.net
Fingerprint57:47:89:EC:7A:08:33:7D:ED:F4:37:24:B3:24:91:B8:7C:84:94:61
ValiditySun, 02 Apr 2023 14:38:42 GMT - Sat, 01 Jul 2023 14:38:41 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 108831d56861ea0ee92dd3bbcb128e7c
35f1b3aae946f0ed3b5c607a30165f4eebfaed2b
ada0b5209a666e8a22bb806893202d4ce19cb37ce808654a9fcdfb3261310e1e
GET /tag.min.js HTTP/1.1
Host: zaltaumi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: text/javascript; charset=utf-8
content-length: 23674
content-encoding: br
x-trace-id: b5451fe8cb1a52c2dce7d5550172ca0c
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 02 Jun 2023 11:24:55 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
cloudflare.com/cdn-cgi/trace
104.16.132.229200 OK 260 B URL GET HTTP/2 cloudflare.com/cdn-cgi/trace
IP 104.16.132.229:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerCloudflare, Inc.
Subjectcloudflare.com
FingerprintE4:16:7D:83:53:22:5B:0A:33:45:12:04:A9:A5:19:F3:02:9E:5B:60
ValidityFri, 07 Apr 2023 00:00:00 GMT - Thu, 06 Jul 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash c87c69d7ba5244f81d06abd10a68c67e
55e950633230729b77e63755d3f92e716d0b76b0
33655ff619ee285cfe58edf07fd5b11bec8a930326366e2942718da8c27a6506
GET /cdn-cgi/trace HTTP/1.1
Host: cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 7d249352fcfcb51b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1275843394%3A1685927842865394&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneH-uJ5wECa5GhXTZcxUL_vj0dPcCswLcAeb2pOnc5KvDceHor0pzZzIFKHKIqULUPBEBNjmQQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.109403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S1275843394%3A1685927842865394&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneH-uJ5wECa5GhXTZcxUL_vj0dPcCswLcAeb2pOnc5KvDceHor0pzZzIFKHKIqULUPBEBNjmQQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.109:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?dsh=S1275843394%3A1685927842865394&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneH-uJ5wECa5GhXTZcxUL_vj0dPcCswLcAeb2pOnc5KvDceHor0pzZzIFKHKIqULUPBEBNjmQQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Jun 2023 01:17:22 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-DVhtjvCPsDyOj-ZMwC5n1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint7A:FE:A8:C4:0F:E7:3E:DE:00:43:83:43:39:F5:0A:1A:CC:D5:74:0E
ValidityFri, 19 May 2023 12:58:14 GMT - Fri, 11 Aug 2023 12:58:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:iJqfkygKHWu_qivnk-RaHg_dKAVQzA:vbh4dRUHchYvd_5V; Expires=Wed, 04-Jun-2025 01:17:22 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Jun 2023 01:17:22 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGYLI-XZcR36TrXyfEReHpVusj_BCCjl2DUTs1OQDDYB3s1QbnM9egfq5VWKmCULU7g-xschQ
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-XkbWMceBXn9l8-c2O0hq-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
send.cm/lib/@fortawesome/fontawesome-free/css/fa.min.css
104.26.1.171200 OK 6.8 kB URL GET HTTP/3 send.cm/lib/@fortawesome/fontawesome-free/css/fa.min.css
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type ASCII text, with very long lines (7103), with no line terminators
Hash 3a4e6fe620850879f073fbeb7d915969
1ea842aabcf1d80ffd383b84c8da0650baefc68f
5a072970160446a139243170334741139bd414e1285dfd785bd552db7c263f80
GET /lib/@fortawesome/fontawesome-free/css/fa.min.css HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: text/css
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Jan 2022 10:52:41 GMT
etag: W/"1a60-5d6de95650b32-gzip"
vary: Accept-Encoding
expires: Mon, 05 Jun 2023 01:34:28 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 759
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xD2R%2FXMqCsaICZ%2Fpdk7tegARbnl0G4D%2BAGnlj6hyVAOgBorr24LrILv927uuQkJYNa8B32WGPBpquARz4YHXF7kvWIB6y%2BC1ZuNaC0eDb0pVCXISnBnIboA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d249350ee1f0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGXV36ODAkxxCqeRs3t3NXE8rf3wZsr6H404KTzRJFiGbaeSN_5lanYLZ12-OJkKW1TtnVftg
142.250.74.109302 Found 0 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGXV36ODAkxxCqeRs3t3NXE8rf3wZsr6H404KTzRJFiGbaeSN_5lanYLZ12-OJkKW1TtnVftg
IP 142.250.74.109:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGXV36ODAkxxCqeRs3t3NXE8rf3wZsr6H404KTzRJFiGbaeSN_5lanYLZ12-OJkKW1TtnVftg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:8G1Ra7L1tR2-ZpIVM6MDmXkYe5CZ0Q:mUb5RYq2iTn9j2bR;Path=/;Expires=Wed, 04-Jun-2025 01:17:23 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Jun 2023 01:17:23 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1828040628%3A1685927843929294&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFotMXfhrNU2hBLFUBbcoMWJBFG4S5PHAMQohKmIGYBQpKmnNFfLA2vCr9ah-rag0C-NqCbFA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-RJEZ2_adiAdS9_AO-SXaVg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 402
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
send.cm/lib/feather-icons/feather.min.js
104.26.1.171200 OK 66 kB URL GET HTTP/3 send.cm/lib/feather-icons/feather.min.js
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lib/feather-icons/feather.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: application/javascript; charset=utf8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
etag: W/"101aa-5ae64b14b0680-gzip"
vary: Accept-Encoding
expires: Mon, 05 Jun 2023 01:30:46 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1mRXI%2FRRuH5dUTh1rltCsLsm3Hei4b8A2fnaKG1vikrbPFs%2FD2mMtJ6hPZVKczfZWboeWeoqbXTZU55LJ4fYjl5yl5hVvq2%2F5UQOEK6ARv8BVjSWj0%2Bz80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d249350fe290b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
send.cm/cdn-cgi/challenge-platform/scripts/invisible.js
104.26.1.171302 Found 27 kB URL GET HTTP/3 send.cm/cdn-cgi/challenge-platform/scripts/invisible.js
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1; __PPU___PPU_SESSION_URL=%2Frme53wzr0vbh; c_7hyj5tegwm4sd2=rme53wzr0vbh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Mon, 05 Jun 2023 01:17:22 GMT
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
cache-control: max-age=300, public
vary: accept-encoding
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3Ga4yEDMxMOcmNgy2L3MYQXzUkHDmcqjiYd%2FdboFVpOnAmUeQqXIeVpipcAVBCaZokoBdiOoRazoisIVyiR3dZnXX97BsgauA2bYitUAn%2Fl6m8FxO4YlJE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2493556f8a0b3d-OSL
alt-svc: h3=":443"; ma=86400
godpvqnszo.com/get/1951167?zoneid=1951167&jp=_clbzl6em6q1x9oq2hnrh8d&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&cid=6865888408059099
62.122.171.6200 OK 3.7 kB URL GET HTTP/2 godpvqnszo.com/get/1951167?zoneid=1951167&jp=_clbzl6em6q1x9oq2hnrh8d&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&cid=6865888408059099
IP 62.122.171.6:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerBuypass AS-983163327
Subject
FingerprintA3:18:81:46:21:23:25:D9:B2:A0:C9:DF:CC:95:3B:39:2C:75:77:82
ValiditySun, 05 Feb 2023 10:50:47 GMT - Thu, 03 Aug 2023 21:59:00 GMT
File type ASCII text, with very long lines (4062), with no line terminators
Hash 6a9f4d1f129fc0d86da22410197a8192
632eb47e99ef09ee27b2b8c983955342f787dc99
c235b6131ee49a42b6db329964526cc74a8a7f4fb5fed77b090d40453430fe2d
GET /get/1951167?zoneid=1951167&jp=_clbzl6em6q1x9oq2hnrh8d&nojs=0&ix=0&abvar=0&febuild=1.0.102&t=0&x=1280&y=1024&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=1&cid=6865888408059099 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=23060420170df94f6757b942e3bf2b4a018d; Path=/; Expires=Tue, 04 Jun 2024 01:17:21 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.107.19200 OK 27 B IP 172.64.107.19:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 1e30d6126a559db30ab5c334743b313f
4e67b9853778746b02b2837189091accba9e41ed
b9d3eb33eef13948641a1d0d4dacd83224491a5684adfb4e2507e49e8b05a8dd
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: text/plain
set-cookie: csu=2029701810478423@1@1685927842; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhTvCrHyex%2Ffj%2BhJ3DCYgqsbNFGQ3FEESqP5vdQcEIbLZcibDZEOCPs6JbEmP37H5N7moP3K5srQHbqKo7E1G3mrIt2fIvTAbMNPVVOUzhzmqxrKqg6g%2BKsckDOHp8fZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d249359c93374e5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ib.adnxs.com/openrtb2/prebid
37.252.171.22204 No Content 0 B URL POST HTTP/1.1 ib.adnxs.com/openrtb2/prebid
IP 37.252.171.22:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerDigiCert Inc
Subject*.adnxs.com
Fingerprint30:E1:57:C8:5A:77:64:AE:54:99:08:F7:2B:B8:C7:F4:28:85:56:08
ValidityMon, 13 Feb 2023 00:00:00 GMT - Fri, 15 Mar 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /openrtb2/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2930
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.21.3
Date: Mon, 05 Jun 2023 01:17:22 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://send.cm
AN-X-Request-Uuid: 28d8cb0e-73a2-4257-9f6b-20904795ee16
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
zaltaumi.net/5/4277204/?oo=1&aab=1
139.45.197.245200 OK 2.7 kB URL GET HTTP/2 zaltaumi.net/5/4277204/?oo=1&aab=1
IP 139.45.197.245:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerLet's Encrypt
Subjectzaltaumi.net
Fingerprint57:47:89:EC:7A:08:33:7D:ED:F4:37:24:B3:24:91:B8:7C:84:94:61
ValiditySun, 02 Apr 2023 14:38:42 GMT - Sat, 01 Jul 2023 14:38:41 GMT
File type troff or preprocessor input, ASCII text, with very long lines (2979), with no line terminators
Hash 9a8dce2fa267f84a9838ef7d9957e4cc
4e3b4f232932d726625785c9d9b96b182a67ff6e
9adfb559817033da35e47898ebe24d742326fe2d1ce824e94be3da6762638a99
GET /5/4277204/?oo=1&aab=1 HTTP/1.1
Host: zaltaumi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: application/json
x-trace-id: 22665a4fc0a4ea9745370b4e92ba4966
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=c9e9266de6914b04923c7478595b1c71; expires=Tue, 04 Jun 2024 01:17:23 GMT; path=/; secure; SameSite=None
oaidts=1685927843; expires=Tue, 04 Jun 2024 01:17:23 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
send.cm/static/js/clipboard.min.js
104.26.1.171200 OK 9.0 kB URL GET HTTP/3 send.cm/static/js/clipboard.min.js
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type Unicode text, UTF-8 text, with very long lines (9258), with no line terminators
Hash db9c29b300b6e957b611f437fe482b0c
a7ca1b86b66aa417e5ded8bddf571bd28775d7d1
02b7776bbff33fa250331338c8a085b5447d8575283a7943519c56f72215b2b2
GET /static/js/clipboard.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1; __PPU___PPU_SESSION_URL=%2Frme53wzr0vbh; c_7hyj5tegwm4sd2=rme53wzr0vbh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: application/javascript; charset=utf8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Dec 2022 18:00:20 GMT
etag: W/"234a-5efcd82834534-gzip"
vary: Accept-Encoding
expires: Mon, 05 Jun 2023 01:42:27 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hk71rJBdWXM4Yozgj6%2BZsh9d32m%2FlHqeBK0Ql0ey8yvwIN3bwSiL0bwbQ2knFMQqYJ1g4ltU97R%2BhhVDLydi8VE2P%2BzKfUYsGuMZbDUVDd0sbXSBfJtNEJc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2493556f860b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 0 B URL GET HTTP/3 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
set-cookie: __Host-GAPS=1:irM_edwFx558U50UYaf2aVsRl2Rw7g:htsnGzNqyC3bgQMP; Expires=Wed, 04-Jun-2025 01:17:23 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Jun 2023 01:17:23 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGXV36ODAkxxCqeRs3t3NXE8rf3wZsr6H404KTzRJFiGbaeSN_5lanYLZ12-OJkKW1TtnVftg
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-q8q6ErgtNlo5GplmnArrDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
dismantlepenantiterrorist.com/pxf.gif?uuid=ba1086e4-631f-4c62-af46-91f0f00ba749&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=1
0.0.0.0 0 B URL GET dismantlepenantiterrorist.com/pxf.gif?uuid=ba1086e4-631f-4c62-af46-91f0f00ba749&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=1
IP 0.0.0.0:0
Requested by https://send.cm/rme53wzr0vbh
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=ba1086e4-631f-4c62-af46-91f0f00ba749&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=1 HTTP/1.1
Host: dismantlepenantiterrorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
dismantlepenantiterrorist.com/pxf.gif?uuid=ba1086e4-631f-4c62-af46-91f0f00ba749&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=1
0.0.0.0 0 B URL GET dismantlepenantiterrorist.com/pxf.gif?uuid=ba1086e4-631f-4c62-af46-91f0f00ba749&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=1
IP 0.0.0.0:0
Requested by https://send.cm/rme53wzr0vbh
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=ba1086e4-631f-4c62-af46-91f0f00ba749&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=1 HTTP/1.1
Host: dismantlepenantiterrorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
send.cm/favicon.ico
104.26.1.171200 OK 65 kB IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 64x64, 32 bits/pixel\012- data
Hash 22dab3b36a487940c539e179b7edd7ea
ad1d193daab9eb56c4d27b10e0f0638307c262cc
b64c225956915ee8b619ea190276ebe838880d3a16793a5614487e8be5b5d3bf
GET /favicon.ico HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1; __PPU___PPU_SESSION_URL=%2Frme53wzr0vbh; c_7hyj5tegwm4sd2=rme53wzr0vbh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 03 Sep 2020 08:39:39 GMT
etag: W/"fcae-5ae64b15a48c0"
expires: Mon, 05 Jun 2023 01:36:08 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgkiRTuitdz3PhI5ZfgUC%2F5GQoy0TaOUfWd992BCClNZorP84Xqa1wFa%2Bi0Ft5cM%2Bu3IbFFeMOqTeKqpxjExgPzoDEe01wZP5pLHRJ1a%2BmuooopHOxd5rhA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d24935928960b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
id.hadron.ad.gt/api/v1/pbhid?partner_id=405&_it=prebid
172.67.23.234200 OK 141 B URL GET HTTP/2 id.hadron.ad.gt/api/v1/pbhid?partner_id=405&_it=prebid
IP 172.67.23.234:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB5:9E:06:D8:8A:F4:6D:CC:E3:9D:4E:09:8B:28:E7:06:4F:08:42:44
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash afd540bc532b5529e7ed041933991216
7e09d96e32d85de42a61d1880f91c9a4e3ae7e39
c7c9d2095142fa196181f2035aa45d3ece18f1c2f6ac870cd31d8be234e144db
GET /api/v1/pbhid?partner_id=405&_it=prebid HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: application/json
access-control-allow-origin: *
allow: POST, OPTIONS, GET
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d24935c8e1cb4fd-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
thycantyoubelike.com/popunder.gif
104.21.27.111200 OK 35 B URL GET HTTP/3 thycantyoubelike.com/popunder.gif
IP 104.21.27.111:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subjectthycantyoubelike.com
FingerprintEE:1F:4E:1B:ED:D1:D3:7C:D8:9A:87:62:4F:8A:C0:01:0C:0E:25:F4
ValidityThu, 01 Jun 2023 15:44:27 GMT - Wed, 30 Aug 2023 15:44:26 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /popunder.gif HTTP/1.1
Host: thycantyoubelike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 217540
last-modified: Fri, 02 Jun 2023 12:51:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Qn6DcYC4PBiMvHl%2BQwRY3ULK8KEK7BdmqZc670AJFjHqA%2BM0yUIUFeHpKgYEkpP3mwVy%2F%2FQ5J8%2FqFCwz59%2FW%2FH1d4nFbVQK3MXkvCDXXhLyuQZkrqYYOmKqL6b8KwDNaLOG2Q91Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d24935d3e71b523-OSL
alt-svc: h3=":443"; ma=86400
send.cm/lib/perfect-scrollbar/perfect-scrollbar.min.js
104.26.1.171200 OK 18 kB URL GET HTTP/3 send.cm/lib/perfect-scrollbar/perfect-scrollbar.min.js
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type ASCII text, with very long lines (18216)
Hash 4a10bcfa0a9c9fa9d503b5a498cac31e
c4f6c403e99fb37cb496c3844b332823db7c5837
a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634
GET /lib/perfect-scrollbar/perfect-scrollbar.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: application/javascript; charset=utf8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
etag: W/"4773-5ae64b14b0680-gzip"
vary: Accept-Encoding
expires: Mon, 05 Jun 2023 01:18:28 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRvxwwvS%2BcNyprlCGMHYsK1aQsHYhgPNivDN3dXxEBmbZb0Ik8ZWhZodx561qZqJk64ocC%2BuC9v%2BNz1yBpCKd%2B0j2US5JyKBddqr4vEz3Jypv01xdNotSbk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d249350fe2c0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
send.cm/static/css/auth.min.css
104.26.1.171200 OK 789 B URL GET HTTP/3 send.cm/static/css/auth.min.css
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type ASCII text, with very long lines (789), with no line terminators
Hash f095cdbc5703353ae870aa6fd1504bb8
395b5898fde4cb72dc30e7752bde4e68317fb299
d7091a28d7048b34315acc78d543eb1181751aec851df73f83da7d3b07081116
GET /static/css/auth.min.css HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: text/css
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Mar 2021 17:04:40 GMT
etag: W/"315-5be372d95fefb-gzip"
vary: Accept-Encoding
expires: Mon, 05 Jun 2023 01:25:01 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 759
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UoiQYqcnsAG8KDz0bEI1cGh6D%2FxWdInpUXcZ1sL6dRTvOs9aFnNVwh0m%2FEXOhzqI3LVZRjpBWfnuNdHBFlIm%2BB1KnI70S5vXSW%2FR8d8NyeoZ3%2FAkKpHQxB0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d249350ee220b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
send.cm/cdn-cgi/challenge-platform/scripts/invisible.js
104.26.1.171302 Found 24 kB URL GET HTTP/3 send.cm/cdn-cgi/challenge-platform/scripts/invisible.js
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1; __PPU___PPU_SESSION_URL=%2Frme53wzr0vbh; c_7hyj5tegwm4sd2=rme53wzr0vbh; __cf_bm=AKHND3.Ulzkz6hsQwkTEHYv2.r1VRyeXPuRYRjY1P2E-1685927842-0-ASqr6NpsEoguD2vxqKqvTViz+mbRDu9xPNae11N60uhAs0gY/QtMvr/6PJrutXJPQd9l50kYnSO2sMiikvQaG33pJZ5N9oYD46vBWdr69aw4; _lr_retry_request=true; _lr_env_src_ats=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Mon, 05 Jun 2023 01:17:23 GMT
cache-control: max-age=300, public
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjKeY0EiqklWiTTeHc0AJTBJB65B9TYUf3qBwMFb7J4O9fWwglb3WggzQPMDoTROQCOGxuG7iJtXTekb4zcU%2BKh49BuQEZOH4ojjy1szoogMwXs%2BzvYus%2FE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d24935cf9a00b3d-OSL
alt-svc: h3=":443"; ma=86400
send.cm/lib/bootstrap/js/bootstrap.bundle.min.js
104.26.1.171200 OK 79 kB URL GET HTTP/3 send.cm/lib/bootstrap/js/bootstrap.bundle.min.js
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type ASCII text, with very long lines (65297)
Hash a454220fc07088bf1fdd19313b6bfd50
265a733cb7fbc481fd2510a659a85ad55c93c895
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
GET /lib/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1; __PPU___PPU_SESSION_URL=%2Frme53wzr0vbh; c_7hyj5tegwm4sd2=rme53wzr0vbh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: application/javascript; charset=utf8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
etag: W/"1332b-5ae64b14b0680-gzip"
vary: Accept-Encoding
expires: Mon, 05 Jun 2023 01:30:57 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FwBGh222VbHUbeuGu6G%2B%2BmykZ%2FOQzvoTIhuv87Rn%2F423vQL%2FeJvDI3epxbFkS6a3aw2IpslcZTZMrspsDdwjdn7yp6MmW8kl3whj3%2Bi8986sZlMcTkCo3k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2493556f840b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
accounts.google.com/v3/signin/identifier?dsh=S-1509056279%3A1685927843882320&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFEo_panm6gI1pjXFaingaL_iVAcN2SRyWNTocwGeVdeXaWcXa0wmw_vsiw9s6qwCzaeXg2Tw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.109403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S-1509056279%3A1685927843882320&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFEo_panm6gI1pjXFaingaL_iVAcN2SRyWNTocwGeVdeXaWcXa0wmw_vsiw9s6qwCzaeXg2Tw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.109:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?dsh=S-1509056279%3A1685927843882320&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFEo_panm6gI1pjXFaingaL_iVAcN2SRyWNTocwGeVdeXaWcXa0wmw_vsiw9s6qwCzaeXg2Tw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Jun 2023 01:17:23 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-gL_LD3mEgVEH4XjTPfgwDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accounts.google.com/v3/signin/identifier?dsh=S-1358606532%3A1685927842910313&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFtjcC8xARaK7J9Rg-vjt1898ei7CpV1mhWoBO7SksU3eYWYCTpCDCWFIa9-YhYBU72pBxPDg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.109403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S-1358606532%3A1685927842910313&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFtjcC8xARaK7J9Rg-vjt1898ei7CpV1mhWoBO7SksU3eYWYCTpCDCWFIa9-YhYBU72pBxPDg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.109:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?dsh=S-1358606532%3A1685927842910313&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFtjcC8xARaK7J9Rg-vjt1898ei7CpV1mhWoBO7SksU3eYWYCTpCDCWFIa9-YhYBU72pBxPDg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Jun 2023 01:17:23 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-jlmqEQDGCx-ZJdTAdXGMjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
s.seedtag.com/c/hb/bid
34.149.50.64200 OK 7.3 kB IP 34.149.50.64:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerSectigo Limited
Subject*.seedtag.com
FingerprintD7:38:7D:87:90:5E:88:AC:D9:97:58:89:77:52:22:2C:08:05:47:92
ValidityWed, 29 Mar 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT
File type HTML document text\012- troff or preprocessor input, ASCII text, with very long lines (7337), with no line terminators
Hash 74ea50c36de219ae39c1fc3f1ca05d50
991d4b56c52a301677936d756c249da767557d9a
940288c94899dd1338e952e3bf19a08a25a29551cc8fce194341f3f8993e5c64
POST /c/hb/bid HTTP/1.1
Host: s.seedtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 542
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Mon, 05 Jun 2023 01:17:22 GMT
content-type: application/json; charset=utf-8
vary: X-HTTP-Method-Override
set-cookie: st_uid=b889e265-1d9b-4a19-baef-382a84a2fb6a; Max-Age=31536000; Domain=.seedtag.com; Path=/; Expires=Tue, 04 Jun 2024 01:17:22 GMT; Secure; SameSite=None
st_ssp=Y291bnRyeV9uYW1lPU5vcndheSZjb3VudHJ5X2lzbzI9Tk8mY291bnRyeV9pc28zPU5PUiZyZWdpb25fbmFtZT1Pc2xvIENvdW50eSZyZWdpb25faXNvMj0wMyZjaXR5X25hbWU9T3NsbyZsb25naXR1ZGU9MTAuODU5JmxhdGl0dWRlPTU5Ljk1NSZ6aXA9MTI5NA==; Max-Age=2592000; Domain=.seedtag.com; Path=/; Expires=Wed, 05 Jul 2023 01:17:22 GMT; HttpOnly; Secure; SameSite=None
etag: W/"1c66-lHjYgu4R90Pm/8Ielf3R1Mf0fe4"
access-control-allow-origin: https://send.cm
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.107.19200 OK 102 kB IP 172.64.107.19:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Cookie: csu=2029701810478423@1@1685927842
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5296
last-modified: Sun, 04 Jun 2023 23:49:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfNRNRxopUPhGfGLSJw3sS%2BgjbwC5eQiexM4aBuNo%2F0yDAPw9Qdaie2kptk%2BJ%2BnlM3x4e3BINf3pnM%2FvKeCVnukPXQgI28fv3sLFi1pibqWCAzCpegnpVk8HJ1fTKclN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d24935c9d120672-LHR
alt-svc: h3=":443"; ma=86400
pogothere.xyz/
172.64.107.19200 OK 27 B IP 172.64.107.19:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 1e30d6126a559db30ab5c334743b313f
4e67b9853778746b02b2837189091accba9e41ed
b9d3eb33eef13948641a1d0d4dacd83224491a5684adfb4e2507e49e8b05a8dd
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Cookie: csu=2029701810478423@1@1685927842
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: text/plain
set-cookie: csu=2029701810478423@2@1685927842; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://send.cm
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HmYE1un%2BPFrr6HftskSlf3GtxN9%2FL%2BGmMwdBZ9X8sa2rO0tB1d1XnSGNzv0cwg3Le7LSuQyglmZ8Ibl2MtVjW6kouT3OIciZsZCdmb7BbS7dZD%2BtS2z5ss8WZ%2FajiiK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d24935c9d110672-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
send.cm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.26.1.171200 OK 12 kB URL GET HTTP/3 send.cm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type ASCII text, with very long lines (12331)
Hash 88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 15:21:01 GMT
etag: W/"6476145d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHrGuxa1UsQ0m0VPpyqzI91s3rXF7K%2Fjcbjfo0V%2B0l0mAbd6v2MH7a1XZMQs1gb8LOAmyTjqgBvxnk8ZH9CTjIMpSLlZXWuguJ1zY7Zis8W%2BDQND9jvXMh8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d249350fe2d0b3d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 07 Jun 2023 01:17:21 GMT
cache-control: max-age=172800, public
content-encoding: gzip
send.cm/cdn-cgi/challenge-platform/scripts/invisible.js
104.26.1.171302 Found 25 kB URL GET HTTP/3 send.cm/cdn-cgi/challenge-platform/scripts/invisible.js
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz; _uc_referrer=direct; _pbjs_userid_consent_data=3524755945110770; _pk_id.1.43ee=c48c820d17e0627e.1685927841.; _pk_ses.1.43ee=1; __PPU___PPU_SESSION_URL=%2Frme53wzr0vbh; c_7hyj5tegwm4sd2=rme53wzr0vbh; __cf_bm=AKHND3.Ulzkz6hsQwkTEHYv2.r1VRyeXPuRYRjY1P2E-1685927842-0-ASqr6NpsEoguD2vxqKqvTViz+mbRDu9xPNae11N60uhAs0gY/QtMvr/6PJrutXJPQd9l50kYnSO2sMiikvQaG33pJZ5N9oYD46vBWdr69aw4; _lr_retry_request=true; _lr_env_src_ats=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Mon, 05 Jun 2023 01:17:23 GMT
cache-control: max-age=300, public
access-control-allow-origin: *
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKh5afCnYBQ2o5Gvnw3x5O0Cc%2BfDPThA9n6l%2BZur9IoAFHEQ9%2BomMsa%2BFdrP1j2gG4GOvEGhjBF%2FQ3RNO4Apiv7DJFjsHBvi8uetcDv5P3wcP2zexNbMQiQ%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=3R0HsA15sr2AePBTWDrpa7fEBhff0ABNFuJd6xZnl5w-1685927843-0-Aa7B28TEHS8SSOCjK3xprVY-39fb0tEBNmLjNUq_rr9qHiqnbYWvqo6_IOKthP1ETs0IhGXROiSY0sPIE_k7zzCq0gh7q4o51W1z1PbwnjRE5bjw6xdjsME2Xxs8e6TX8cmYg7IyNOLAXladHb1RdpU"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=3R0HsA15sr2AePBTWDrpa7fEBhff0ABNFuJd6xZnl5w-1685927843-0-Aa7B28TEHS8SSOCjK3xprVY-39fb0tEBNmLjNUq_rr9qHiqnbYWvqo6_IOKthP1ETs0IhGXROiSY0sPIE_k7zzCq0gh7q4o51W1z1PbwnjRE5bjw6xdjsME2Xxs8e6TX8cmYg7IyNOLAXladHb1RdpU; report-to cf-csp-endpoint
server: cloudflare
cf-ray: 7d24935cf99f0b3d-OSL
alt-svc: h3=":443"; ma=86400
addresseepaper.com/sfp.js
0.0.0.0 0 B URL GET addresseepaper.com/sfp.js
IP 0.0.0.0:0
Requested by https://send.cm/rme53wzr0vbh
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
godpvqnszo.com/aas/r45d/vki/1951167/a6cdd247.js
62.122.171.6200 OK 85 kB URL GET HTTP/2 godpvqnszo.com/aas/r45d/vki/1951167/a6cdd247.js
IP 62.122.171.6:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerBuypass AS-983163327
Subject
FingerprintA3:18:81:46:21:23:25:D9:B2:A0:C9:DF:CC:95:3B:39:2C:75:77:82
ValiditySun, 05 Feb 2023 10:50:47 GMT - Thu, 03 Aug 2023 21:59:00 GMT
File type ASCII text, with very long lines (64959)
Hash 0812a8bf5c1c1e239ff337a622c7a89b
50eebe8ff4820f3553c38ef1f63dcf94bb8e9bfb
8f3aea3e305a912052f8c54fce21ca754f095ded9d35a9c1684b846376dc5e65
GET /aas/r45d/vki/1951167/a6cdd247.js HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: application/javascript
last-modified: Thu, 11 May 2023 08:36:45 GMT
vary: Accept-Encoding
etag: W/"645ca91d-14c36"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
id.a-mx.com/set?uid=b7510511-d1b4-4af8-8bab-dc7e1a39b8a0&gdpr=0&gdpr_consent=&us_privacy=null
188.114.97.1200 OK 99 B URL GET HTTP/3 id.a-mx.com/set?uid=b7510511-d1b4-4af8-8bab-dc7e1a39b8a0&gdpr=0&gdpr_consent=&us_privacy=null
IP 188.114.97.1:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerLet's Encrypt
Subjecta-mx.com
Fingerprint93:1B:3E:6F:0C:42:D4:9E:E2:06:0B:31:BD:11:83:9D:CF:0D:0C:67
ValidityMon, 01 May 2023 03:57:58 GMT - Sun, 30 Jul 2023 03:57:57 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 721cedce0ea79ef6a4d8f9e4a7f78b06
03a8f9b2ac1fed902c30cfd17c668f4b25fdedf1
4ac1e78b035065b1c069ebb0db0cd4cc17bb532fbe257f8df21beb462ae44fd2
GET /set?uid=b7510511-d1b4-4af8-8bab-dc7e1a39b8a0&gdpr=0&gdpr_consent=&us_privacy=null HTTP/1.1
Host: id.a-mx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Content-Type: text/plain
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: application/json
access-control-allow-origin: null
set-cookie: amuid2=b7510511-d1b4-4af8-8bab-dc7e1a39b8a0; Domain=a-mx.com; Path=/; Expires=Tue, 04 Jun 2024 01:17:23 GMT; Secure; SameSite=None
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBmchfp80FQNzjPjHpIPc%2BCPEjMbnKF2A6CA02UKBXdY9JOzpt5dyz3d%2BFpc5rJGRDsOlrgnMpPSQzvba0YP6efXYGYM%2F55UmRn7JfLp8lGX9lgAufhidt0z0AHkWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d24935e0a8fb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&ffgf=1&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGn5CFsH3xwnlWLsfzNHuA_rZs2wKmSu7ej9hYh6xLZMh-BJWVXh6RvAVtp2-ESOQ6nHpF0Yw
142.250.74.109302 Found 0 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&ffgf=1&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGn5CFsH3xwnlWLsfzNHuA_rZs2wKmSu7ej9hYh6xLZMh-BJWVXh6RvAVtp2-ESOQ6nHpF0Yw
IP 142.250.74.109:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&ffgf=1&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneGn5CFsH3xwnlWLsfzNHuA_rZs2wKmSu7ej9hYh6xLZMh-BJWVXh6RvAVtp2-ESOQ6nHpF0Yw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:ZkUqij_f8ztmzqPYRRjth8X0upCosQ:hiBhUnPGzzL419jA;Path=/;Expires=Wed, 04-Jun-2025 01:17:22 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Jun 2023 01:17:22 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1275843394%3A1685927842865394&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneH-uJ5wECa5GhXTZcxUL_vj0dPcCswLcAeb2pOnc5KvDceHor0pzZzIFKHKIqULUPBEBNjmQQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-u-qE-aa2awRkQKD9X-Q16w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 401
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
barnes.send.cm/s.js
104.26.1.171200 OK 66 kB IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type ASCII text, with very long lines (63519)
Hash e5461eb0cef4256771e360d6306c3033
f31a23f1e2d15a7a03992010c359833efba3e6b8
78c25da6082dd620e0fe7f12d7ef6e3c6015304575d9ced465b4e84e15a7d82a
GET /s.js HTTP/1.1
Host: barnes.send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=65842
etag: W/"10132-5fa39a5b1cdd7"
last-modified: Wed, 26 Apr 2023 09:13:03 GMT
strict-transport-security: max-age=15768000; includeSubDomains
cache-control: max-age=259200
cf-cache-status: HIT
age: 4614
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0TFbccXPiR%2FEaGC%2FqohsjR7CaB5VlhGXlCdjktpddPkyy6YANi8s%2BWZ0dihAWb7EmYMblxpugung3AnlgydvdB0M0t1GInfmyYcKaUnZgRtUvVcOi8U%2BAbXZBZAY%2FZy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d2493523e780b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.googletagmanager.com/gtag/js?id=UA-3400026-25
142.250.74.72200 OK 122 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=UA-3400026-25
IP 142.250.74.72:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (2271)
Size 122 kB (122128 bytes)
Hash 9e8d20fb011df019b041b768ac406e9a
4884d56580ea678be1161303b427f1a8dab5c6c7
e6dc7e2f255940bb5d7537726e856701ee4133837249eea5a22a9f5b6f9fc934
GET /gtag/js?id=UA-3400026-25 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Jun 2023 01:17:22 GMT
expires: Mon, 05 Jun 2023 01:17:22 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Jun 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47373
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
api.hostip.info/get_json.php
172.67.129.45200 OK 102 B URL GET HTTP/2 api.hostip.info/get_json.php
IP 172.67.129.45:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerLet's Encrypt
Subjecthostip.info
FingerprintB2:23:7B:16:C8:AC:B7:DC:3A:6F:4B:8F:3D:F9:DB:B4:E3:FC:B6:84
ValidityTue, 16 May 2023 04:51:55 GMT - Mon, 14 Aug 2023 04:51:54 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 498534132300725e25df970e7ed16c98
c7952a865346582558a9301e461c3a3127b2594e
76fd08fc6780ba0c9001bb03ce8af924da37d2d60e5d021054ec1c41e95a60b0
GET /get_json.php HTTP/1.1
Host: api.hostip.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 01:17:23 GMT
content-type: application/json; charset=iso-8859-1
expires: Tue, 06 Jun 2023 01:17:23 GMT
last-modified: Mon, 05 Jun 2023 01:17:23 GMT
cache-control: public, max-age=86400
pragma: !invalid
access-control-allow-origin: *
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggwnw2zLNfTBZi%2FhLQrrPxr9bjJo6KH5rj8S2hZaWDkNRnJiRgQaSdFcWulDC2nabppsdF4wcKu9pJMaPZF5FZr3MiuSN78ZfvZnzCui083Mvn%2BSXIgXWYb9xJ3FMKbLFqc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d24935c8c6d0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&ffgf=1&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFo2pfqDLmhf55ma1nwGG0eosd5g1-fYYIcwUzagRNyHi5NooRpMj17XNGiybFTUNxbo8MNLQ
142.250.74.109302 Found 0 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&ffgf=1&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFo2pfqDLmhf55ma1nwGG0eosd5g1-fYYIcwUzagRNyHi5NooRpMj17XNGiybFTUNxbo8MNLQ
IP 142.250.74.109:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&ffgf=1&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFo2pfqDLmhf55ma1nwGG0eosd5g1-fYYIcwUzagRNyHi5NooRpMj17XNGiybFTUNxbo8MNLQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://send.cm/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:AcgScFrADmf_5nSLU-zYkRrSoEcWpA:APrFIfxOcOLGPC0s;Path=/;Expires=Wed, 04-Jun-2025 01:17:23 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Jun 2023 01:17:23 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1509056279%3A1685927843882320&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneFEo_panm6gI1pjXFaingaL_iVAcN2SRyWNTocwGeVdeXaWcXa0wmw_vsiw9s6qwCzaeXg2Tw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-gdQU2IGGZ_c2cANx7p0Xpw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 400
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
send.cm/assets/js/dashforge.js
104.26.1.171200 OK 2.3 kB URL GET HTTP/3 send.cm/assets/js/dashforge.js
IP 104.26.1.171:443
Requested by https://send.cm/rme53wzr0vbh
Certificate IssuerGoogle Trust Services LLC
Subject*.send.cm
Fingerprint50:C3:E8:96:62:05:A0:39:C9:71:ED:17:C6:B6:F5:41:DA:FB:B7:49
ValidityTue, 11 Apr 2023 02:10:53 GMT - Mon, 10 Jul 2023 02:10:52 GMT
File type ASCII text, with very long lines (2286), with no line terminators
Hash 6c469db96744ab501de112c9fac8f15e
a9795764586d64d918bb8a433b1d3043a61a6a70
d7d2ab9143404f0500f004976b62f44516128747d69ef3994a9a18b479173efe
GET /assets/js/dashforge.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/rme53wzr0vbh
Cookie: aff=36954; lang=english; c_7hyj5tegwm4sd1=rme53wzr0vbh; __cflb=0H28uocK7xWY9ysKPCPVtXhRTgymPZnDmvxmhR3CyKz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:17:21 GMT
content-type: application/javascript; charset=utf8
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-control: max-age=259200
cf-bgj: minify
cf-polished: origSize=3370
etag: W/"d2a-5d2f044f765a3-gzip"
expires: Mon, 05 Jun 2023 01:30:57 GMT
last-modified: Sun, 12 Dec 2021 10:17:54 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVbVSZdapxya3STNhnWdnvq%2BkXHD9951ZrzX9yid%2BstDq4kxE8sqCY0sKOWHogzN7Ws5NedzS2vVPUw4HJnolgBG%2B7SvdOaAWi7atxYMp69A1curdZxniXc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d249350fe2b0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400