Report - send.cm/d/kcu6

Report Overview

Visited public
2023-11-12 08:48:55
Tags
URL
send.cm/d/kcu6
Finishing URL
send.cm/d/kcu6
IP / ASN
104.26.0.171
#13335 CLOUDFLARENET
Title
hg0droczj53s

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
send.cm	338619	2019-03-18	2019-08-16 11:13:47	2023-11-11 17:41:29	13 kB	1.2 MB	104.26.0.171
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-11-12 07:34:31	340 B	942 B	54.230.218.11
professionalswebcheck.com	unknown	2022-04-01	2022-04-02 00:47:29	2023-11-12 05:19:07	420 B	414 B	35.157.63.144
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-11-12 00:39:19	393 B	28 kB	104.21.234.33
evidenceguidance.com	unknown	2023-09-27	2023-09-27 03:53:01	2023-11-11 03:24:43	458 B	1.1 kB	173.233.137.52
dismantlepenantiterrorist.com	17847	2021-11-01	2021-11-01 22:12:12	2023-11-11 16:07:28	745 B	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-11	medium	evidenceguidance.com	Sinkholed
2023-11-12	medium	dismantlepenantiterrorist.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	From	Size	First Seen	Last Seen
	send.cm/static/js/jquery.min.js	ScriptElement	93 kB	2023-03-07	2025-05-10
Pretty URL send.cm/static/js/jquery.min.js IP 104.26.0.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27 Last Seen2025-05-10 01:53 Times Seen879 Hash bdce12c949e78d570c8d44e9c2b23508 9afdc4fec954646bd6270caf82f107fdef605bc5 c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc Loading...

	unknown	ScriptElement	247 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 19:52 Last Seen2024-08-20 19:52 Times Seen1 Hash 7bd785d2f04170a3289d3efb2ca69986 476252a9fb96cde0bacab18068df065bd57d65f8 dc7134ceb0d9b933031c10c1a1a7ebc0900a32339ef6b58f4a5557199b702d49 Loading...

	unknown	ScriptElement	258 B	2023-03-09	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:17 Last Seen2024-08-21 09:31 Times Seen59 Hash 142706d0b3bdf389d89ca29074552cf4 30eb7f76871c57befd3689498c3786aa35bc0729 8dfddd06ce7e1a1eb0cc9c570c85b6f73a734e01e25e756d4625e69fcf98dd02 Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-08-25	2023-11-23
Pretty URL friendshipmale.com/sfp.js IP 104.21.234.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 12:30 Last Seen2023-11-23 01:47 Times Seen6642 Hash 2d0450888479d4ddda305bd96206b240 5b4595aab1cd3f854718e05db9be0c65a12ab2f6 44de073e74ff24c6b1c0fe1f3ac5b33d793560e85ef24fb6ce89e76c2cf90af6 Loading...

	send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.3 kB	2023-11-12	2023-11-12
Pretty URL send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.26.0.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-12 09:48 Last Seen2023-11-12 09:48 Times Seen1 Hash 1eda134d703a53b727aef8ef88339b37 b1f96c578e03da8bba74a0e1eb1ba7660d952bcf dfd8c7d70e27c38d23ebe65756d3b5a20590a0e2b4f47b26d5c2f0ad3c628c7a Loading...

	send.cm/assets/js/dashforge.js	ScriptElement	2.3 kB	2023-03-07	2024-10-04
Pretty URL send.cm/assets/js/dashforge.js IP 104.26.0.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:15 Last Seen2024-10-04 10:18 Times Seen131 Hash 6ede26a7d7238a4ed67bcbdb67b30bb6 581c80a8cfec9844478e3b99b7774221c78d2be9 ccc7d942a1cfa3c238044a4885889799d7b215b5b29b2c48f5db28bececc2040 Loading...

	send.cm/lib/perfect-scrollbar/perfect-scrollbar.min.js	ScriptElement	18 kB	2023-03-07	2025-05-09
Pretty URL send.cm/lib/perfect-scrollbar/perfect-scrollbar.min.js IP 104.26.0.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2025-05-09 21:58 Times Seen1997 Hash 4a10bcfa0a9c9fa9d503b5a498cac31e c4f6c403e99fb37cb496c3844b332823db7c5837 a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634 Loading...

	send.cm/js/share.js	ScriptElement	329 B	2023-03-07	2025-01-01
Pretty URL send.cm/js/share.js IP 104.26.0.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-01-01 04:31 Times Seen386 Hash e38522ef9b2fe6940894f9f35a29f407 d5227e21fbae55e23bd87bf084a4049e797d0775 59b3cd5e8d2207976f8f687c84eba22d83cf960318fa8f7a6f31022ef4e69208 Loading...

	send.cm/lib/bootstrap/js/bootstrap.bundle.min.js	ScriptElement	79 kB	2023-03-07	2025-05-08
Pretty URL send.cm/lib/bootstrap/js/bootstrap.bundle.min.js IP 104.26.0.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-08 06:28 Times Seen5191 Hash a454220fc07088bf1fdd19313b6bfd50 265a733cb7fbc481fd2510a659a85ad55c93c895 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c Loading...

	unknown	ScriptElement	70 kB	2023-11-07	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-07 03:59 Last Seen2024-08-20 20:36 Times Seen9 Hash 589218572a57c5c7ff05c6c46963f08d 1885d9b8d87ea07d10f55a34f5f35aff25ce195e a52d861d04844d4a3623e2930c8f04d79c918dce16e9a19e8e19e9597d899647 Loading...

	send.cm/static/js/clipboard.min.js	ScriptElement	9.0 kB	2023-03-07	2025-05-09
Pretty URL send.cm/static/js/clipboard.min.js IP 104.26.0.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41 Last Seen2025-05-09 21:10 Times Seen795 Hash ad98572d415d2f2452845a6068a913c0 6674f81dd01c76be986cf0a8172d1073e56d7ef4 baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1 Loading...

	send.cm/lib/feather-icons/feather.min.js	ScriptElement	66 kB	2023-03-07	2025-05-10
Pretty URL send.cm/lib/feather-icons/feather.min.js IP 104.26.0.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04 Last Seen2025-05-10 00:24 Times Seen151 Hash 44dee7fbafd7dc2404fa62713a8398c2 34f8691360e3548d1c9c18534cb0ec38b5c63154 a90582369e8cfed7b41dca4758e2fbe09fccf55b89f0cd0b7d46efd0745db831 Loading...

	send.cm/d/kcu6	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL send.cm/d/kcu6 IP 104.26.0.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 19:52 Last Seen2024-08-20 19:52 Times Seen1 Hash 26c3e8cc5b4bc3bc368c9a6973690c6e 8bcc2077aa813e77c47bbc5a5e362d00a05829e4 075fb13ad8d5bbc07400f5aa148debc03b4be22b8baab6e53f449aa72e8c7d07 Loading...

	send.cm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-05-10
Pretty URL send.cm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.26.0.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 09:34 Times Seen31250 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.4 kB	2023-11-12	2023-11-12
Pretty URL send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.26.0.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-12 09:48 Last Seen2023-11-12 09:48 Times Seen1 Hash c33f9f869af439e9ba3f197166fbf3d2 ac6fe4a88a8629b401f32f1fea237137fd852284 c8ee306391f8053961df1ad675b0a21d62a80a2a0e8afe7f92adf3e425005bcb Loading...

HTTP Transactions (28)

URL IP Response Size

send.cm/qr/6M6KE

104.26.0.171

200 OK

341 B

URL GET HTTP/3
send.cm/qr/6M6KE
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
PNG image data, 135 x 135, 1-bit grayscale, non-interlaced\012- data
Size
341 B (341 bytes)
Hash
33b015dcec28af315582ff2417d01340
8974c4c8cbd34cc01820cc2fc87b4872314f7fca
fb29f1246683d62f56ee0949ccfcc78dca8eef3e6595de1f8a28f5da4bba21c6

HTTP Headers

GET /qr/6M6KE HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/kcu6
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: image/png
content-length: 341
content-transfer-encoding: binary
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1V%2F%2FQ1MtO0y3ZZu1bE3NlPweTyglJ5wIzn7Oj2ccEU2ZoX%2FJAfrRGhgQ9cCulWii%2FCAUWUG4ojk6JejRRjTmU22SjAqlgs5zjKbEdFsEYFj4gEPSV%2FdehE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d845eb84ab4eb-OSL
alt-svc: h3=":443"; ma=86400

send.cm/static/css/auth.min.css

104.26.0.171

200 OK

105 kB

URL GET HTTP/3
send.cm/static/css/auth.min.css
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (789), with no line terminators
Size
105 kB (105208 bytes)
Hash
f095cdbc5703353ae870aa6fd1504bb8
395b5898fde4cb72dc30e7752bde4e68317fb299
d7091a28d7048b34315acc78d543eb1181751aec851df73f83da7d3b07081116

HTTP Headers

GET /static/css/auth.min.css HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/kcu6
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: text/css
last-modified: Tue, 23 Mar 2021 17:04:40 GMT
etag: W/"315-5be372d95fefb-gzip"
vary: Accept-Encoding
expires: Sun, 12 Nov 2023 08:42:51 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGQ7Ltj5lpI6pnT10dTB7v1VTWJ%2BkvijeJ6gJ9NA4kOo9XIg250QHodRU%2FwcsCKhGFh5%2BKrhrs5d5X0vyJ3s7Zah%2FeX544XyBWUnjTmHvIh9eQboyDN87mQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d845eb847b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/js/share.js

104.26.0.171

200 OK

74 kB

URL GET HTTP/3
send.cm/js/share.js
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text
Size
74 kB (74375 bytes)
Hash
e38522ef9b2fe6940894f9f35a29f407
d5227e21fbae55e23bd87bf084a4049e797d0775
59b3cd5e8d2207976f8f687c84eba22d83cf960318fa8f7a6f31022ef4e69208

HTTP Headers

GET /js/share.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/kcu6
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: application/javascript; charset=utf8
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-control: max-age=259200
cf-bgj: minify
cf-polished: origSize=354
etag: W/"162-5ae64b15a48c0-gzip"
expires: Sun, 12 Nov 2023 08:29:59 GMT
last-modified: Thu, 03 Sep 2020 08:39:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5S%2BKEhU6QgBjc6NhLh2BQpTvIWmGk2zhtnL0jI4ssJYVXxwKULY3Io%2FlfMVSjelZUBWgMqZmrfhN93K3L1SR0%2BjVcrOrBzZBnpgmaIvQT3CL3CvALNEWq80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d845f88ceb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/lib/perfect-scrollbar/perfect-scrollbar.min.js

104.26.0.171

200 OK

83 kB

URL GET HTTP/3
send.cm/lib/perfect-scrollbar/perfect-scrollbar.min.js
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (18216)
Size
83 kB (82884 bytes)
Hash
4a10bcfa0a9c9fa9d503b5a498cac31e
c4f6c403e99fb37cb496c3844b332823db7c5837
a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634

HTTP Headers

GET /lib/perfect-scrollbar/perfect-scrollbar.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/kcu6
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: application/javascript; charset=utf8
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5f50abca-4773"
expires: Sun, 13 Aug 2023 21:42:47 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1479543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2H4cDHCu99tSnPDaMLUzuUY5GbF7DdTIqJnCpGiV92Myup%2BO2ezjdD2ThmWT2GMuSijk%2Bhubyi2HtQjfckt36rp5digUGI%2Bw%2FsUEnH7b8455F%2F4UYM7SAZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d845eb852b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff

104.26.0.171

200 OK

82 kB

URL GET HTTP/3
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
Web Open Font Format, TrueType, length 81760, version 1.1\012- data
Size
82 kB (81760 bytes)
Hash
220843e2f1927e726e78ca63f426ce50
d86801f8452cda25025530f406773162decd1458
ae9310191397b69cd6dd015ba0c6f9d674f493d35384f29c9c7d23e3c7df0d24

HTTP Headers

GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Medium.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: font/woff
content-length: 81760
last-modified: Thu, 17 Sep 2020 12:29:20 GMT
vary: Accept-Encoding
etag: "5f6356a0-13f60"
expires: Thu, 12 Oct 2023 16:43:10 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1566937
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCLS6z2%2FCvuCHnlqTozH3Wf1EwDMvLHl68UlMVEGPTjHk4C55YIb6T8funvzhVMHV6OI0hOrU3c7zq9A3JBYaG3lE%2Fo0GOr9B5mH9kq9yqG3CgXlGxRU%2Fn0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d845ff95bb4eb-OSL
alt-svc: h3=":443"; ma=86400

send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff

104.26.0.171

200 OK

77 kB

URL GET HTTP/3
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
Web Open Font Format, TrueType, length 77420, version 1.1\012- data
Size
77 kB (77420 bytes)
Hash
2afba28a9ce96315436db858db163c47
550d4374a60527b4f68d4700019aaac11a9140a2
b51d665d9cfebb31a2b61491bf408a172a5791166a0eb99a57ae4a7acbcba0d4

HTTP Headers

GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-Regular.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: font/woff
content-length: 77420
last-modified: Thu, 17 Sep 2020 12:29:21 GMT
vary: Accept-Encoding
etag: "5f6356a1-12e6c"
expires: Sat, 11 Nov 2023 16:43:34 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1310628
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4l5P5W%2FeSSE94HDYuyiN3IT5fQ2NyVzzjeLb2vPPBx9U9w46YSXFZsAXu7v9WVEPGea7c%2FRQM3d2%2FzE6XNiU54r6YusUOgNW9%2FvZ6Ak64qePV23W3uh%2BT0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d8461aa7ab4eb-OSL
alt-svc: h3=":443"; ma=86400

send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff

104.26.0.171

200 OK

82 kB

URL GET HTTP/3
send.cm/static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
Web Open Font Format, TrueType, length 82076, version 1.1\012- data
Size
82 kB (82076 bytes)
Hash
dac78b0f1626eb1aa95d41b488e699c1
a377d0df34945fc45bdc030dc63139bd9cf28a2d
ee6d9467e82f91146b9f71f3ac572d66f4aeed0f261b30ef4765550edc11119d

HTTP Headers

GET /static/fonts/ibm-plex-sans/complete/woff/IBMPlexSans-SemiBold.woff HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/static/css/dl.min.css
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: font/woff
content-length: 82076
last-modified: Thu, 17 Sep 2020 12:29:20 GMT
vary: Accept-Encoding
etag: "5f6356a0-1409c"
expires: Sat, 11 Nov 2023 16:42:52 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1580067
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9mPlPmRwY%2BMzCMmIUyyZ8zvbtmfW9O%2B2jiLaoXozTbnaAI%2FFJpl1DspMYdn8OWuI8ARGo4Ci5yJtEZ75JyBMLaHzQTmEFHylXD1ypR7RexZ5lNORwVqsuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d84619a74b4eb-OSL
alt-svc: h3=":443"; ma=86400

send.cm/favicon.ico

104.26.0.171

200 OK

92 kB

URL GET HTTP/3
send.cm/favicon.ico
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 64x64, 32 bits/pixel\012- data
Size
92 kB (91848 bytes)
Hash
22dab3b36a487940c539e179b7edd7ea
ad1d193daab9eb56c4d27b10e0f0638307c262cc
b64c225956915ee8b619ea190276ebe838880d3a16793a5614487e8be5b5d3bf

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/kcu6
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: image/x-icon
last-modified: Thu, 03 Sep 2020 08:39:39 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5f50abcb-fcae"
expires: Sun, 13 Aug 2023 21:41:26 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1558624
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozauIDyYHPnEFEqwZqYfXHgU%2FHFkkr0oL13NE6w8IV0CpBLHwiMUsjiPnhPoe3et0Qi0RXdO0Xob9k3UfILFJWChrvrJXSoREGmJSuwm3kA2DMy1vJdPaYc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d8460398cb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6cf7a5345e4ec800674fe8fc5b932bb8
8176599f5644ac359fa696a60935e7a053c01560
5a6d911ee4b21bfd1ecb4eb90d938a2fa11b4a745b97e193edfb1f4d84bf38b0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 12 Nov 2023 08:48:38 GMT
Last-Modified: Sun, 12 Nov 2023 07:17:46 GMT
Server: ECAcc (ska/F790)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Z6szfO5j0ylQGlhE4xH9JdOp_wg4ucsReJZPb_NaPjiPJzhe-iJXUA==
Age: 5452

professionalswebcheck.com/stats

35.157.63.144

200 OK

40 B

URL GET HTTP/2
professionalswebcheck.com/stats
IP
35.157.63.144:443
ASN
#16509 AMAZON-02

Requested by
https://send.cm/d/kcu6
Certificate
IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
f840ea91e39a4087523335fef38ba4fd
778ddd97096c721eba2cc068c2196757b3af1696
55c97f2fd570071696ac36bb5310bc9d3707d77e8267c4f71bc45d1408d4200d

HTTP Headers

GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://send.cm
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=85745cb8-6b06-4c6e-8e9e-ae8702fc5493:2:1; expires=Wed, 09 Nov 2033 08:48:38 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.26.0.171

302 Found

408 B

URL GET HTTP/3
send.cm/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
JSON data\012- , ASCII text, with very long lines (408), with no line terminators
Size
408 B (408 bytes)
Hash
97f8d1e087ae7a645e52651c608571d2
f311de4d0740124d1dec0b8789bf95c08843719b
ae3c791a193b756d2c37eea1126c5363e35f4ba4223c1ce9fa7969fc4b5195cd

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sun, 12 Nov 2023 08:48:38 GMT
vary: accept-encoding
access-control-allow-origin: *
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtTUcEMBWXTGQN7e%2BD5vrOlHgOAyw0RsSP7gdJgIp4zF%2F0ssckw27XUSL6EcWE4RdbgE0KfFvPpCnBDVKFCDgmCLfbK%2FADg4cjynOJKWyxBYS3w1zrB2k4U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d8460297eb4eb-OSL
alt-svc: h3=":443"; ma=86400

friendshipmale.com/sfp.js

104.21.234.33

200 OK

27 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
104.21.234.33:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
27 kB (27176 bytes)
Hash
2d0450888479d4ddda305bd96206b240
5b4595aab1cd3f854718e05db9be0c65a12ab2f6
44de073e74ff24c6b1c0fe1f3ac5b33d793560e85ef24fb6ce89e76c2cf90af6

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 12 Nov 2023 08:48:39 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 5e4e81ce60bb2e9d954a3c1fdaa0479f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 12 Nov 2023 08:48:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIbVWX8BSgY%2F73XZwPsHLrvy0ibl0XJxuToDhvQtA1u7JWukToDBQaUuL32aAxLdZRqJtPb%2Bm7fNTPxGIWXDiCbmtwqrt06RkcnzrfI4oSdyS%2F%2BPrz56y3xAfuZEd%2Bw6CQzjdxs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 824d84689f08386e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

send.cm/lib/@fortawesome/fontawesome-free/css/fa.min.css

104.26.0.171

200 OK

6.8 kB

URL GET HTTP/3
send.cm/lib/@fortawesome/fontawesome-free/css/fa.min.css
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (7103), with no line terminators
Size
6.8 kB (6752 bytes)
Hash
3a4e6fe620850879f073fbeb7d915969
1ea842aabcf1d80ffd383b84c8da0650baefc68f
5a072970160446a139243170334741139bd414e1285dfd785bd552db7c263f80

HTTP Headers

GET /lib/@fortawesome/fontawesome-free/css/fa.min.css HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/kcu6
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 10:52:41 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"61f7bf79-1a60"
expires: Sun, 13 Aug 2023 21:42:22 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1314353
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTyUAoGIIIGEBV%2B4FL5UeiPsR0iRQ8Y7gB1awzVDASUo0LlHjlq%2BDMTYjxLuRxgNkugB1D4NK0CTUcbRQJGgBMhVZz53up%2Bzrr%2Fwe91Dg02ZSx7i3sopPmg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d845eb844b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/static/css/dl.min.css

104.26.0.171

200 OK

180 kB

URL GET HTTP/3
send.cm/static/css/dl.min.css
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
180 kB (179945 bytes)
Hash
3e85e3b581d51ddba21136119002fc2d
038a7216f7187936b4f4e5bee0975bf44e3e1449
dde25a807ebc087b35d1bbe9b3030ea528a52e414ce29a7894abd937bf67e7c6

HTTP Headers

GET /static/css/dl.min.css HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/kcu6
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: text/css
last-modified: Thu, 07 Sep 2023 13:24:21 GMT
etag: W/"2bee9-604c4c72211a7-gzip"
vary: Accept-Encoding
expires: Sun, 12 Nov 2023 08:26:50 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKSZ62zo015FAwZHze08pq%2F8%2FqGJCPBOgaBvaWTRHhNCQ9tTTjktcZH9ENAk%2BdmSLeK75VjorOBvKTozlagVba%2FQIp5qVxxgbJ41F%2FMywkiH8U%2FpkGTXxuU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d845eb846b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/lib/feather-icons/feather.min.js

104.26.0.171

200 OK

66 kB

URL GET HTTP/3
send.cm/lib/feather-icons/feather.min.js
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type

Size
66 kB (65962 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lib/feather-icons/feather.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/kcu6
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: application/javascript; charset=utf8
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5f50abca-101aa"
expires: Sun, 13 Aug 2023 21:42:42 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1385642
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IG8Hjklh41fa2Fhy0ZsQ7itT42foRbum0u1G3u2%2BS50t4pDtDPYxIL3VhNEMSTd1hRJzqbEMSHRgej99iBh4GQJ3i1MbDz79TbiZ9zULUe7ZH0dh31vFwgo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d845eb84cb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/static/js/clipboard.min.js

104.26.0.171

200 OK

9.0 kB

URL GET HTTP/3
send.cm/static/js/clipboard.min.js
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
Unicode text, UTF-8 text, with very long lines (9258), with no line terminators
Size
9.0 kB (9034 bytes)
Hash
db9c29b300b6e957b611f437fe482b0c
a7ca1b86b66aa417e5ded8bddf571bd28775d7d1
02b7776bbff33fa250331338c8a085b5447d8575283a7943519c56f72215b2b2

HTTP Headers

GET /static/js/clipboard.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/kcu6
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: application/javascript; charset=utf8
last-modified: Wed, 14 Dec 2022 18:00:20 GMT
etag: W/"234a-5efcd82834534-gzip"
vary: Accept-Encoding
expires: Sun, 12 Nov 2023 08:34:13 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xfwavZi3iDlexGe2%2BJFdS1PrS8ChTIt6AwqZPtk5l9ILdD%2B067qnUhYlED7SEoM9H5YLdDUd6BDoFGv%2FkTn8rNqTnTb0tgMg9bAK6y8zpwDLcEyKr3LHEc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d845f78c9b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/assets/js/dashforge.js

104.26.0.171

200 OK

2.3 kB

URL GET HTTP/3
send.cm/assets/js/dashforge.js
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (2286), with no line terminators
Size
2.3 kB (2271 bytes)
Hash
6c469db96744ab501de112c9fac8f15e
a9795764586d64d918bb8a433b1d3043a61a6a70
d7d2ab9143404f0500f004976b62f44516128747d69ef3994a9a18b479173efe

HTTP Headers

GET /assets/js/dashforge.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/kcu6
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: application/javascript; charset=utf8
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-control: max-age=259200
cf-bgj: minify
cf-polished: origSize=3370
etag: W/"d2a-5d2f044f765a3-gzip"
expires: Sun, 12 Nov 2023 08:38:44 GMT
last-modified: Sun, 12 Dec 2021 10:17:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFhrgrrj9MjG5KjTsI8u1WstQM5mOd8l9%2BqZ%2BaJTp4O5T22PB8KEoXJSON%2BLEJuTczjy8PVlH1zTRwNbwwW1N%2BXqEDuFS8Cwwqd1I1fHCwkwqr2gNOGePb8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d845eb850b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

evidenceguidance.com/9c/ed/24/9ced2453f41586bc39632e754938332a.json

173.233.137.52

200 OK

408 B

URL GET HTTP/1.1
evidenceguidance.com/9c/ed/24/9ced2453f41586bc39632e754938332a.json
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://send.cm/d/kcu6
Certificate
IssuerLet's Encrypt
Subjectevidenceguidance.com
Fingerprint38:01:65:F0:F8:72:F1:97:B1:4C:8B:99:F6:DD:5C:EE:DF:2F:EE:D4
ValidityWed, 27 Sep 2023 00:51:09 GMT - Tue, 26 Dec 2023 00:51:08 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (496), with no line terminators
Size
408 B (408 bytes)
Hash
a588ced3ff9b745d94d7206a547404f3
3830f912a2a17edf41c4777414b9533ee1c3daef
0d1cb4237164461fd8ddc7187f30fd48ffa8dbb76b68abeeebef5f079584701d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9c/ed/24/9ced2453f41586bc39632e754938332a.json HTTP/1.1
Host: evidenceguidance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 12 Nov 2023 08:48:39 GMT
Content-Type: application/json
Content-Length: 408
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7574fb2ab7501d97eb7a5dccc341ac2d
Strict-Transport-Security: max-age=0; includeSubdomains

send.cm/lib/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2

104.26.0.171

200 OK

74 kB

URL GET HTTP/3
send.cm/lib/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
Web Open Font Format (Version 2), TrueType, length 74256, version 329.-17761\012- data
Size
74 kB (74256 bytes)
Hash
418dad87601f9c8abd0e5798c0dc1feb
a6b003ef506e92d05cde73adf67487d7fd7ec6df
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

HTTP Headers

GET /lib/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://send.cm/lib/@fortawesome/fontawesome-free/css/fa.min.css
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: font/woff2
content-length: 74256
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
etag: "12210-5ae64b14b0680"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cache-control: max-age=259200
cf-cache-status: HIT
age: 3613
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODkBn36ONBrx8NCy1SDZ7cU50Or%2FdJsGOrRNMQjfId7pIRflVUFuZXcPfxnS6JnJ8cAMRgENt%2FrQejJ6w%2FzqZMl2AGxQ2sSd1lnxeJftXI4eMP3se315tKQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 824d845fb8ffb4eb-OSL
alt-svc: h3=":443"; ma=86400

send.cm/d/kcu6

104.26.0.171

200 OK

82 kB

URL User Request GET HTTP/2
send.cm/d/kcu6
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type

Size
82 kB (81641 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /d/kcu6 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=0;includeSubDomains;
expires: Sat, 11 Nov 2023 08:48:38 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0tCkq5roG0hBBBXdNdPjBQc2c2NfeHIqULn9p5Y%2FeGGrfOsZ88gFRF0TLbq9dDbIHZGUNrqSQSG3YDXfApJ1wOVEY2OZcsvdf4pStD7p8VGeZyUCNwAcXw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: c_7hyj5tegwm4sd1=hg0droczj53s; domain=.send.cm; path=/
aff=68359; domain=.send.cm; path=/; expires=Sun, 26-Nov-2023 08:48:38 GMT
lang=english; domain=.send.cm; path=/
__cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD; SameSite=None; Secure; path=/; expires=Sun, 12-Nov-23 09:18:38 GMT; HttpOnly
server: cloudflare
cf-ray: 824d84567a735684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

send.cm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.26.0.171

200 OK

12 kB

URL GET HTTP/3
send.cm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/kcu6
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: application/javascript
last-modified: Wed, 08 Nov 2023 16:16:02 GMT
etag: W/"654bb442-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqGLfQWVD0ygz04%2FjJ9sG77J2t2l%2F0g6i8aB5HLMn574teqh2xLrWGmqud1nbRY7b64HcIEMWRfyEdFYLo2jLYQGUehykRYkjOvLQGQqP2UmPiaeR6W9Y0E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 824d845ec855b4eb-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 14 Nov 2023 08:48:38 GMT
cache-control: max-age=172800, public
content-encoding: gzip

send.cm/cdn-cgi/challenge-platform/h/g/jsd/r/824d84567a735684

104.26.0.171

200 OK

0 B

URL POST HTTP/3
send.cm/cdn-cgi/challenge-platform/h/g/jsd/r/824d84567a735684
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/824d84567a735684 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12169
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/kcu6
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=q.DTXpjvfvYOlAAwKPxuX_l6ICXDKz_cG4Wtf2vzapU-1699778918-0-1-69b0ef05.6b0d8b6b.438cce4a-0.2.1699778918; path=/; expires=Mon, 11-Nov-24 08:48:38 GMT; domain=.send.cm; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCo0CelbKEJzUxq4FwMAkzdjjGfv8SlEs2hyJg44E0APRsDS866nX2Zr5qQgDTrkpS3ZSKAfzj%2FbX9prijmZHKEza6B%2FCBTlNBjpb2iB56Xeoj%2BPpxXEA9E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d84619a6eb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

104.26.0.171

200 OK

7.3 kB

URL GET HTTP/3
send.cm/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (7321), with no line terminators
Size
7.3 kB (7321 bytes)
Hash
1eda134d703a53b727aef8ef88339b37
b1f96c578e03da8bba74a0e1eb1ba7660d952bcf
dfd8c7d70e27c38d23ebe65756d3b5a20590a0e2b4f47b26d5c2f0ad3c628c7a

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD; cf_clearance=q.DTXpjvfvYOlAAwKPxuX_l6ICXDKz_cG4Wtf2vzapU-1699778918-0-1-69b0ef05.6b0d8b6b.438cce4a-0.2.1699778918
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7c181pZok9KVeEvcuhlZBWWnSIoOa47OKdUAx2M4xDic5ddUqUr3f0PMF8Uq5HmMfKzWMvFVIElnZE86O8a8LX5EjBVtY3cKvEF79SFOlJawJbIZ%2F1VNJ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d84626ae0b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/static/js/jquery.min.js

104.26.0.171

200 OK

93 kB

URL GET HTTP/3
send.cm/static/js/jquery.min.js
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (32072)
Size
93 kB (93064 bytes)
Hash
bdce12c949e78d570c8d44e9c2b23508
9afdc4fec954646bd6270caf82f107fdef605bc5
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

HTTP Headers

GET /static/js/jquery.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/kcu6
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: application/javascript; charset=utf8
last-modified: Sat, 26 Sep 2020 12:00:16 GMT
etag: W/"16b88-5b0362d29f400-gzip"
vary: Accept-Encoding
expires: Sun, 12 Nov 2023 08:37:08 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BOVbaX6KdlJlGXP%2BV6yKSY6idHYi4JX%2FSYCYEpLTUJFMolgglH2Nof5cZS6sbGifJyLGghY9TC7VJ4nx51CQDZD5gVvktdZS%2BXugyO%2BmUAx9Kx0xWc8GM8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d845eb849b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/lib/bootstrap/js/bootstrap.bundle.min.js

104.26.0.171

200 OK

79 kB

URL GET HTTP/3
send.cm/lib/bootstrap/js/bootstrap.bundle.min.js
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (65297)
Size
79 kB (78635 bytes)
Hash
a454220fc07088bf1fdd19313b6bfd50
265a733cb7fbc481fd2510a659a85ad55c93c895
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

HTTP Headers

GET /lib/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/kcu6
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: application/javascript; charset=utf8
last-modified: Thu, 03 Sep 2020 08:39:38 GMT
etag: W/"1332b-5ae64b14b0680-gzip"
vary: Accept-Encoding
expires: Sun, 12 Nov 2023 08:28:23 GMT
cache-control: max-age=259200
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: HIT
age: 1440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpF9PNdxVFVGDHzlg%2BCf5YD%2FV8ayhLWI97nAG%2BzMG9vzj40SNNt8JHJqleoovWFG%2FXqVmWWIKHUzvtsMxyxaOcKiAvwYUC3Q6dgAsTMzalbR%2FEzJH4WzdPQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d845f78cab4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

104.26.0.171

200 OK

7.4 kB

URL GET HTTP/3
send.cm/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type
ASCII text, with very long lines (7359), with no line terminators
Size
7.4 kB (7359 bytes)
Hash
c33f9f869af439e9ba3f197166fbf3d2
ac6fe4a88a8629b401f32f1fea237137fd852284
c8ee306391f8053961df1ad675b0a21d62a80a2a0e8afe7f92adf3e425005bcb

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4BrJboyXFBIenggHQiLIEaPxFUMCLrxlfxJesSEFo1oCHFe%2F3y4SyDedIg1pzsIaqXV2rjjKCqJTtg%2FrmAiVLUGvZqXRxEVeWqItQv%2BkuZYzww2YtybKzY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d846069a8b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

send.cm/cdn-cgi/challenge-platform/h/g/jsd/r/824d84567a735684

104.26.0.171

200 OK

0 B

URL POST HTTP/3
send.cm/cdn-cgi/challenge-platform/h/g/jsd/r/824d84567a735684
IP
104.26.0.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://send.cm/d/kcu6
Certificate
IssuerGoogle Trust Services LLC
Subjectsend.cm
Fingerprint4A:FF:4D:B2:CC:85:F4:52:F9:78:AF:EB:79:F3:A2:6A:66:3E:98:D1
ValidityThu, 05 Oct 2023 16:49:19 GMT - Wed, 03 Jan 2024 16:49:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/824d84567a735684 HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12168
Origin: https://send.cm
DNT: 1
Connection: keep-alive
Referer: https://send.cm/d/kcu6
Cookie: c_7hyj5tegwm4sd1=hg0droczj53s; aff=68359; lang=english; __cflb=04dToPXYGQwzSVHrRvdmaaKmJbS8hsdXBQ4PQQxZrD; cf_clearance=q.DTXpjvfvYOlAAwKPxuX_l6ICXDKz_cG4Wtf2vzapU-1699778918-0-1-69b0ef05.6b0d8b6b.438cce4a-0.2.1699778918; dom3ic8zudi28v8lr6fgphwffqoz0j6c=85745cb8-6b06-4c6e-8e9e-ae8702fc5493%3A2%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 12 Nov 2023 08:48:38 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=q.DTXpjvfvYOlAAwKPxuX_l6ICXDKz_cG4Wtf2vzapU-1699778918-0-1-69b0ef05.6b0d8b6b.438cce4a-0.2.1699778918; path=/; expires=Mon, 11-Nov-24 08:48:38 GMT; domain=.send.cm; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLi7Uv9AnHX%2BiyKD6k4tGXWXoAQd8tiQPXxtT56bfmShBKmUHgOQWe8HXxYx4Bzt4kobPRCSubU3YuiswdbqiQCW1M8Pv3gWi%2BRLL4lJqaoy46UqN2qTUD8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 824d84636b7cb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dismantlepenantiterrorist.com/pxf.gif?uuid=85745cb8-6b06-4c6e-8e9e-ae8702fc5493&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8

0.0.0.0

0 B

URL GET
dismantlepenantiterrorist.com/pxf.gif?uuid=85745cb8-6b06-4c6e-8e9e-ae8702fc5493&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
IP
0.0.0.0:0
ASN
#0

Requested by
https://send.cm/d/kcu6

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=85745cb8-6b06-4c6e-8e9e-ae8702fc5493&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=13.2079&b_frame=0&pk=9ced2453f41586bc39632e754938332a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: dismantlepenantiterrorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations