Report - wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/

Report Overview

Visited public
2024-05-24 21:48:46
Tags
URL
wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Finishing URL
wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Title
مشاهدة مسلسل Dom موسم 1 حلقة 2 - وى سيما wecima ماى سيما mycima

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-05-24 17:54:16	2.6 kB	62 kB	216.58.207.227
bz.britsratafee.com	unknown	2024-04-12	2024-04-12 15:27:31	2024-04-18 02:38:40	412 B	1.5 kB	23.109.170.98
bytogeticr.com	unknown	2022-05-19	2022-05-19 12:14:07	2024-04-03 21:46:05	469 B	963 B	172.67.178.81
wecima.show	unknown	2024-02-08	2024-03-08 15:42:46	2024-04-18 02:47:49	9.2 kB	3.0 MB	188.114.97.1
ptoakooph.net	unknown	unknown	No data	No data	1.8 kB	23 kB	139.45.197.245
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2024-05-24 17:41:59	405 B	32 kB	151.101.194.137
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2024-05-24 18:35:28	455 B	740 B	139.45.195.8
unpkg.com	11693	2016-01-06	2016-01-08 00:26:01	2024-05-24 18:12:09	2.6 kB	870 kB	104.17.245.203
wecima.tube	unknown	2023-02-02	2023-02-02 03:54:18	2024-04-15 08:49:27	1.4 kB	385 kB	188.114.97.1
tgb4.top15top.shop	unknown	2023-12-15	2024-02-03 20:23:25	2024-04-18 08:52:41	574 B	761 B	104.21.41.189
	unknown				619 B	8.9 MB	194.110.207.42
inklinkor.com	unknown	2022-04-01	2022-04-01 13:44:00	2024-05-22 08:45:59	396 B	92 kB	104.21.91.63
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-05-24 17:39:03	869 B	172 kB	142.250.74.168
site-assets.fontawesome.com	299062	2012-10-18	2022-02-10 07:20:21	2024-05-23 13:08:02	2.6 kB	1.2 MB	172.64.147.188
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2024-05-24 17:40:01	428 B	91 kB	104.17.25.14
aus5.mozilla.org	2548	1998-01-24	2015-10-27 08:06:24	2024-05-24 17:58:48	512 B	6.5 kB	35.244.181.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-24	medium	britsratafee.com	Sinkholed
2024-05-24	medium	bytogeticr.com	Sinkholed
2024-05-24	medium	inklinkor.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (20)

	URL	From	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3	ScriptElement	295 kB	2024-08-19	2024-08-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 21:53 Last Seen2024-08-19 21:53 Times Seen1 Hash 94e1643a77bb8e75452fbe35d653a07e 4e32329eaeaf9b23ccf92728efcf48a39173d5f0 7b79d80f4fe7fd79d5eed0cd905650e93cfe07961c1d52ba0463b308bdfd2519 Loading...

	unknown	ScriptElement	172 B	2024-08-19	2024-08-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 21:53 Last Seen2024-08-19 21:53 Times Seen1 Hash 3cb9e02d39b8de011b17b94938382d9e e059f4730024e872bdf6bba9089a6c303cf3ecce a7584185f4b98e39782de787a22321c37467966033df72844096471bf6e6698f Loading...

	wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/sandbox%20eval%20code		147 B	2023-04-11	2025-05-31
Pretty URL wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-31 00:32 Times Seen347604 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	unpkg.com/videojs-flash/dist/videojs-flash.js	ScriptElement	39 kB	2023-03-07	2025-05-26
Pretty URL unpkg.com/videojs-flash/dist/videojs-flash.js IP 104.17.245.203 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39 Last Seen2025-05-26 07:05 Times Seen184 Hash b671db9a73a06770313c1a05bcdc0b58 12280acce4192448e93e3b2ef9e1adf6c6eba94a 9162832cc3ed9507d8f869dd0d4fd0dacde05a078172d82a98b05e0aef1f1a34 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-31
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-31 00:32 Times Seen346827 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	wecima.show/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.4.3	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL wecima.show/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.4.3 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26 Last Seen2025-05-07 10:21 Times Seen271 Hash b4999cbb6a73a9b312f635cff75e5a53 c7b683fc72d06eac129185c3e60362f5c1adc2a8 736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302 Loading...

	wecima.show/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?872910027&ver=6.4.3	ScriptElement	153 kB	2023-03-25	2024-08-21
Pretty URL wecima.show/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?872910027&ver=6.4.3 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 21:52 Last Seen2024-08-21 08:31 Times Seen84 Hash 01d86e0593e8805ec600bce502493839 7de61d6bc3f856ed4643c4d9ed9d843ac3277b4e 4f7d4554a7292450b3ff6ae2142e033a0daf173134a052a6681921f8270ca9be Loading...

	inklinkor.com/tag.min.js	ScriptElement	90 kB	2024-05-23	2024-08-19
Pretty URL inklinkor.com/tag.min.js IP 104.21.91.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-23 20:59 Last Seen2024-08-19 21:59 Times Seen116 Hash 21cb2030609db3dab6f98b8686c024e8 75bc81df3a5c7d3a14ebc313bb48b96fa9b96ff6 cb6e540c66403707249d06b7ef0de5f4acbb5c33e974dbb132d8fd4be3122429 Loading...

	wecima.show/wp-content/themes/Mycima2021/js/vidjs-2.js	ScriptElement	27 kB	2023-06-08	2025-04-09
Pretty URL wecima.show/wp-content/themes/Mycima2021/js/vidjs-2.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 23:32 Last Seen2025-04-09 05:14 Times Seen30 Hash 406de09ea0c4fcf430d7892e791d4023 791aeaa7193be874b8afd390a0283d3118e79d44 f134a2cd798e0b14125b8b625c46317eb16a70e5032ad0029bae6f0c5c087e51 Loading...

	wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/	ScriptElement	0 B	0001-01-01	2025-05-31
Pretty URL wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-31 00:32 Times Seen4799886 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	bz.britsratafee.com/rWI5BbjWPhe73SeZ/40334	ScriptElement	0 B	0001-01-01	2025-05-31
Pretty URL bz.britsratafee.com/rWI5BbjWPhe73SeZ/40334 IP 23.109.170.98 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-31 00:32 Times Seen4799886 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c	ScriptElement	196 kB	2024-08-19	2024-08-19
Pretty URL www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 21:53 Last Seen2024-08-19 21:53 Times Seen1 Hash c3dd1764e08626009980c6c5a1b77f41 95fe98e35846ff9d8e2116db234ebd5cf844da7b e0c5af40532226a9b4f69e870e81ce078c51ae88fd06cbf5aa00093cc2b8ea93 Loading...

	code.jquery.com/jquery-3.5.1.min.js	ScriptElement	90 kB	2023-03-07	2025-05-30
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-30 23:57 Times Seen111170 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	cdnjs.cloudflare.com/ajax/libs/video.js/7.0.0/video.min.js	ScriptElement	396 kB	2023-06-08	2025-04-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/video.js/7.0.0/video.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 23:32 Last Seen2025-04-09 05:14 Times Seen33 Hash 32803413b97579648bb6d086fde72f08 8a7d229a24879f094e80b78e417c90d07cdc4f13 8636f49e04c3b2b95dbdc4bc2dfff6d5babbfd642eab954087deaa7c2c2fae11 Loading...

	wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474	ScriptElement	3.9 kB	2023-06-08	2025-04-09
Pretty URL wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-08 23:32 Last Seen2025-04-09 05:14 Times Seen30 Hash bb3e4f03b87b3b3a6de5024626ff1b00 9b89fdf8178bba86940ef981524e7ff6b900c86a 2dfad1dd618978e8aaea97be4ff1d7b750b6cf8c72854c68ca4d15734e050f6f Loading...

	wecima.show/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.4.3	ScriptElement	95 kB	2023-03-07	2025-04-09
Pretty URL wecima.show/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.4.3 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39 Last Seen2025-04-09 05:14 Times Seen125 Hash fcdee094e98d38fe380e1b5aad9bf444 d0ea8bb98673c7daa2da3af292eeea39a4f7479a ab97310577a6474ae4b0bd9bb8ef5267698bb9fa61127cb358d4512676d90488 Loading...

	unknown	Function	37 B	2023-04-11	2025-05-31
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-05-31 00:24 Times Seen267747 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474	ScriptElement	5.1 kB	2024-08-19	2024-08-19
Pretty URL wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 21:53 Last Seen2024-08-19 21:53 Times Seen1 Hash aa9ca40d27b9240a7f16bd37ee034f9e df2ac007380eed477ba202c462196bb861ce6c19 e227c666a2375549fce2880b18963fb6528ed258f66b254d81d565c1f71b0fac Loading...

	unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js	ScriptElement	717 kB	2023-03-07	2025-05-26
Pretty URL unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js IP 104.17.245.203 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-05-26 17:47 Times Seen70 Hash f4cfc74056724c22c4841e1d085e51e2 c9d7412fe37b091832074ee9c5656849e87ef41c aa938226e6eddc96da5a52d7a9aba85c6b4eed0e56ad1ca66fd8f5ee8bb0acd1 Loading...

	unknown	Function	79 B	2023-04-11	2025-05-30
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-30 23:57 Times Seen113593 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

HTTP Transactions (45)

URL IP Response Size

wecima.show/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.4.3

188.114.97.1

200 OK

31 kB

URL GET HTTP/3
wecima.show/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.4.3
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.show
Fingerprint73:0E:81:3E:C1:20:98:77:9F:96:BD:0E:3A:B4:AF:31:E2:19:01:89
ValiditySun, 07 Apr 2024 00:56:01 GMT - Sat, 06 Jul 2024 00:56:00 GMT

File type
gzip compressed data, from Unix
Size
31 kB (30889 bytes)
Hash
ba63aa111f299971cfee05ba8e9c886d
918fd68e2970afd16f66a9028f3ef1f383b5a5db
04483ae7de9d2969219627c13c8afb4928daa5bd13d4124a8dd1dd232655b474

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.4.3 HTTP/1.1
Host: wecima.show
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 24 May 2024 21:48:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 22 Aug 2021 16:57:00 GMT
etag: W/"612281dc-157fb"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1437
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZBzKxLSngi7ZIlk%2BqJq2hGtre86KEGXyWt71T5OORP9yxV7BNjt3PQUIboCYli1EAiFKBnh0ystDc8lCV4fSbdSph%2Fp%2BlJVbvfmGbfYgxvHlwiHoXP8N6KKAoHDU6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88907d3abbbb56b4-OSL
alt-svc: h3=":443"; ma=86400

wecima.show/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?872910027&ver=6.4.3

188.114.97.1

200 OK

34 kB

URL GET HTTP/3
wecima.show/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?872910027&ver=6.4.3
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.show
Fingerprint73:0E:81:3E:C1:20:98:77:9F:96:BD:0E:3A:B4:AF:31:E2:19:01:89
ValiditySun, 07 Apr 2024 00:56:01 GMT - Sat, 06 Jul 2024 00:56:00 GMT

File type
gzip compressed data, from Unix
Size
34 kB (34522 bytes)
Hash
e97de238581ae7670327b236474f9698
30f30867c13292ab49a5a2b46f232c6e4c1dcfc0
cc5050d830ed29c4727d9af3dbde4707183a33a987a8df1d76bcc876e0ea8ce5

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?872910027&ver=6.4.3 HTTP/1.1
Host: wecima.show
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 24 May 2024 21:48:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 13 Feb 2023 19:31:57 GMT
etag: W/"63ea902d-254b0"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=adKKWdRBEG6EsvMJfWNQSud2EZ1JmrEdUGccMNw9qTOr1dkFH6BAeDAeXY4hAX2ALuNtLrr7JTdSGyMfRPkgEZQCEKMEqS%2FqW%2BjLa10cp%2BYzP9kFNo%2FuQgBGKCEy5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88907d3abbbf56b4-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3

142.250.74.168

200 OK

99 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint8C:4A:82:1E:00:9B:5C:E8:2B:28:8C:2B:B1:77:07:74:60:4F:7D:5E
ValidityMon, 06 May 2024 13:42:09 GMT - Mon, 29 Jul 2024 13:42:08 GMT

File type
JavaScript source, ASCII text, with very long lines (4242)
Size
99 kB (99338 bytes)
Hash
94e1643a77bb8e75452fbe35d653a07e
4e32329eaeaf9b23ccf92728efcf48a39173d5f0
7b79d80f4fe7fd79d5eed0cd905650e93cfe07961c1d52ba0463b308bdfd2519

HTTP Headers

GET /gtag/js?id=G-6JHTFKY3P3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 24 May 2024 21:48:19 GMT
expires: Fri, 24 May 2024 21:48:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 99338
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2

216.58.207.227

200 OK

8.5 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE4:8A:04:4E:A9:40:14:A5:25:38:29:DB:90:36:5A:67:AE:85:31:6C
ValidityMon, 06 May 2024 14:43:26 GMT - Mon, 29 Jul 2024 14:43:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8488, version 1.0
Size
8.5 kB (8488 bytes)
Hash
b405dddf4639fdf946fed00d4b91139c
5df4eb97753c51715b996fcec1dec7e55877404b
b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.show
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8488
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 May 2024 02:17:36 GMT
expires: Fri, 23 May 2025 02:17:36 GMT
cache-control: public, max-age=31536000
age: 156643
last-modified: Tue, 16 Jul 2019 03:31:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE4:8A:04:4E:A9:40:14:A5:25:38:29:DB:90:36:5A:67:AE:85:31:6C
ValidityMon, 06 May 2024 14:43:26 GMT - Mon, 29 Jul 2024 14:43:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19984, version 1.0
Size
20 kB (19984 bytes)
Hash
0db10b5d1f471ef6c3a30158ff403106
ea993e87704687d1399a3b1fd79aa84c47659c82
e0e544b2864b4c3d7425f4eff9f9365b629abcbaf37f03d0bf5ba381f227d48a

HTTP Headers

GET /s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.show
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19984
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 May 2024 11:03:13 GMT
expires: Tue, 20 May 2025 11:03:13 GMT
cache-control: public, max-age=31536000
age: 384306
last-modified: Tue, 01 Sep 2020 03:51:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bz.britsratafee.com/rWI5BbjWPhe73SeZ/40334

23.109.170.98

200 OK

20 B

URL GET HTTP/1.1
bz.britsratafee.com/rWI5BbjWPhe73SeZ/40334
IP
23.109.170.98:443
ASN
#7979 SERVERS-COM

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerLet's Encrypt
Subjectbz.britsratafee.com
Fingerprint9C:20:C8:8D:71:DD:70:0A:1B:17:E6:CC:55:48:F4:1B:E7:93:E9:8E
ValidityFri, 12 Apr 2024 12:25:50 GMT - Thu, 11 Jul 2024 12:25:49 GMT

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rWI5BbjWPhe73SeZ/40334 HTTP/1.1
Host: bz.britsratafee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 May 2024 21:48:19 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://wecima.show
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sat, 25-May-2024 21:48:19 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sat, 25-May-2024 21:48:19 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2

216.58.207.227

200 OK

9.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE4:8A:04:4E:A9:40:14:A5:25:38:29:DB:90:36:5A:67:AE:85:31:6C
ValidityMon, 06 May 2024 14:43:26 GMT - Mon, 29 Jul 2024 14:43:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9864, version 1.0
Size
9.9 kB (9864 bytes)
Hash
9751651b345afc0e49ca1a302c19a294
05393c6e747f5e8a3c7fbee5fe15cad4c80837e1
d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.show
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9864
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 May 2024 13:08:24 GMT
expires: Fri, 23 May 2025 13:08:24 GMT
cache-control: public, max-age=31536000
age: 117595
last-modified: Tue, 16 Jul 2019 03:31:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2

216.58.207.227

200 OK

8.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE4:8A:04:4E:A9:40:14:A5:25:38:29:DB:90:36:5A:67:AE:85:31:6C
ValidityMon, 06 May 2024 14:43:26 GMT - Mon, 29 Jul 2024 14:43:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8948, version 1.0
Size
8.9 kB (8948 bytes)
Hash
3ca4aaa12ffa2e1f165db59f857ee5b0
1a72fa6677fa1b70f43d4a0abf3c309c211ee9fa
d404f987f0d261c3eff16cd778fb138d5c604af7f361e609ef0b91bac16d7e67

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.show
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 May 2024 05:52:06 GMT
expires: Sat, 24 May 2025 05:52:06 GMT
cache-control: public, max-age=31536000
age: 57373
last-modified: Tue, 16 Jul 2019 03:31:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2

216.58.207.227

200 OK

11 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE4:8A:04:4E:A9:40:14:A5:25:38:29:DB:90:36:5A:67:AE:85:31:6C
ValidityMon, 06 May 2024 14:43:26 GMT - Mon, 29 Jul 2024 14:43:25 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10580, version 1.0
Size
11 kB (10580 bytes)
Hash
245d8f75ea8c5799e5de85a8a7bd4172
7f546a6c551e87bb224124789c11fdb2f6429479
2f96f4fd6fe569f64e044e0409274b2f2d79976497a9b275deb497dbbfc542b0

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.show
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 May 2024 22:15:37 GMT
expires: Fri, 23 May 2025 22:15:37 GMT
cache-control: public, max-age=31536000
age: 84762
last-modified: Tue, 16 Jul 2019 03:31:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

wecima.show/wp-content/themes/Mycima2021/components/packs/%23header/netflix.png

188.114.97.1

200 OK

3.5 kB

URL GET HTTP/3
wecima.show/wp-content/themes/Mycima2021/components/packs/%23header/netflix.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.show
Fingerprint73:0E:81:3E:C1:20:98:77:9F:96:BD:0E:3A:B4:AF:31:E2:19:01:89
ValiditySun, 07 Apr 2024 00:56:01 GMT - Sat, 06 Jul 2024 00:56:00 GMT

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Size
3.5 kB (3533 bytes)
Hash
54110064037a44285faf10b2cbe55e87
b2677d46ed052bfda6eecbb61ee5539349f5603d
c5b633a4f58b811923c6d41cbe24939af6aebb02e6796169c1797f0eeb31bdd4

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23header/netflix.png HTTP/1.1
Host: wecima.show
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Cookie: _ga_6JHTFKY3P3=GS1.1.1716587299.1.0.1716587299.0.0.0; _ga=GA1.1.236236530.1716587299
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 24 May 2024 21:48:19 GMT
content-type: image/png
content-length: 3533
last-modified: Sun, 22 Aug 2021 16:56:59 GMT
etag: "612281db-dcd"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1437
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mHpbD9RiJ4qHKD%2FtjT6P35np0ENLVhY9uHVBQFJ0wl%2FIwfs1s89fj8r37Iqya6fjQVabeUJIKX9R9AuyeWs5tHLnVy4wSNyVKW8RP2yntYwSQy2m3hXsPy6ymL9b4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88907d3e6f2956b4-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c

142.250.74.168

200 OK

71 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint8C:4A:82:1E:00:9B:5C:E8:2B:28:8C:2B:B1:77:07:74:60:4F:7D:5E
ValidityMon, 06 May 2024 13:42:09 GMT - Mon, 29 Jul 2024 13:42:08 GMT

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
71 kB (70971 bytes)
Hash
c3dd1764e08626009980c6c5a1b77f41
95fe98e35846ff9d8e2116db234ebd5cf844da7b
e0c5af40532226a9b4f69e870e81ce078c51ae88fd06cbf5aa00093cc2b8ea93

HTTP Headers

GET /gtag/js?id=UA-128370636-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 24 May 2024 21:48:19 GMT
expires: Fri, 24 May 2024 21:48:19 GMT
cache-control: private, max-age=900
last-modified: Fri, 24 May 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70971
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

bytogeticr.com/split_track?action=check_overlay&dlShown=false&zone=4796941

172.67.178.81

200 OK

0 B

URL GET HTTP/2
bytogeticr.com/split_track?action=check_overlay&dlShown=false&zone=4796941
IP
172.67.178.81:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subjectbytogeticr.com
Fingerprint5C:A0:67:A8:E3:BB:8F:89:F8:BA:A6:29:53:9D:52:35:DF:15:2D:D2
ValiditySat, 06 Apr 2024 20:23:41 GMT - Fri, 05 Jul 2024 20:23:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /split_track?action=check_overlay&dlShown=false&zone=4796941 HTTP/1.1
Host: bytogeticr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.show/
Origin: https://wecima.show
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 24 May 2024 21:48:19 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5JAG81qCBpAAfqjXqobAAC8M81RzXhuUCJiZM5jD8pSRyVr3N%2BD%2BWh9SbdeMv9YzhgosUrjaCXPwNhLlOUMMRZBzBSj%2B7C87eNdZKkG5KoUhJB%2FOe4WZQET91O7gTLCxMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88907d3fdc06b4ee-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

wecima.show/wp-content/uploads/2021/06/Dom-S01-2021.jpg

188.114.97.1

200 OK

61 kB

URL GET HTTP/3
wecima.show/wp-content/uploads/2021/06/Dom-S01-2021.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.show
Fingerprint73:0E:81:3E:C1:20:98:77:9F:96:BD:0E:3A:B4:AF:31:E2:19:01:89
ValiditySun, 07 Apr 2024 00:56:01 GMT - Sat, 06 Jul 2024 00:56:00 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 404x602, components 3
Size
61 kB (61176 bytes)
Hash
b078d02169265c1590d6c2cc3779ec0e
4cb0cef90c25d4097293e3f411a5d417ea7d9db7
f08bfce0d11a1f21194e46c37ba40a4d07833e1c7655289a1ac955e2eab369dd

HTTP Headers

GET /wp-content/uploads/2021/06/Dom-S01-2021.jpg HTTP/1.1
Host: wecima.show
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.show/
DNT: 1
Connection: keep-alive
Cookie: _ga_6JHTFKY3P3=GS1.1.1716587299.1.0.1716587299.0.0.0; _ga=GA1.1.236236530.1716587299
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 24 May 2024 21:48:19 GMT
content-type: image/jpeg
content-length: 61176
last-modified: Fri, 04 Jun 2021 01:23:23 GMT
etag: "60b9808b-eef8"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2FxGNGD45JD84jHnBREOhWRw4wa9RW76L1neTHM1CgxOeCITNariWyi5bapPQx75VJX2iizqWy%2FCk1okuso3eS5xwqFyLFr1M0ptkAXxAlAFG754SC4nKo%2FhGHKliA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88907d3fa88156b4-OSL
alt-svc: h3=":443"; ma=86400

site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-brands-400.woff2

172.64.147.188

200 OK

105 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-brands-400.woff2
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 104740, version 768.256
Size
105 kB (104740 bytes)
Hash
27ed7b486bfe3163c0d312b6d2aa9069
97cb3773774b591841557c859b0f1b4b1b1cde09
fb347c28258cfeeb9b0904c469d8049fcb2ad4d1bb5e4c9601e0edda3b76bb69

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.show
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 24 May 2024 21:48:20 GMT
content-type: font/woff2
content-length: 104740
x-amz-id-2: WQhc7iefw+7n8tjesrCKJfuUjmpT+sVgEb9vFiXVC9f1FMzUoOpOC2hg2CdsuCqkGHgGnjPBYlGYPKMYhm7r8g==
x-amz-request-id: 1713ET5XKY9DAR56
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "27ed7b486bfe3163c0d312b6d2aa9069"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1727590
accept-ranges: bytes
server: cloudflare
cf-ray: 88907d4119e10b65-OSL
X-Firefox-Spdy: h2

site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-light-300.woff2

172.64.147.188

200 OK

392 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-light-300.woff2
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 392136, version 768.256
Size
392 kB (392136 bytes)
Hash
2cb9262f4870f225de120af23500828a
0330732496c970248a96c6df732b4b6e8407246f
d9c0c73c3e6a75d59ff20ce5e1d4bdec5ee8c6f2724ff0deb6cddb8f7f207dbe

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-light-300.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.show
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 24 May 2024 21:48:20 GMT
content-type: font/woff2
content-length: 392136
x-amz-id-2: IQmaexACsIbUtHsKMFWY2TFhmpnRBQZZTOdOalRfshTUzepYfQFlYLtHcWqLOIMGwcXIq8XIDupHWHcy8wvNqg==
x-amz-request-id: 171BJ5DFJF707JXS
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "2cb9262f4870f225de120af23500828a"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1727590
accept-ranges: bytes
server: cloudflare
cf-ray: 88907d4129ed0b65-OSL
X-Firefox-Spdy: h2

site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-solid-900.woff2

172.64.147.188

200 OK

304 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-solid-900.woff2
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 303544, version 768.256
Size
304 kB (303544 bytes)
Hash
78863e0f6e65fbe6175866e6d5b6f18a
8cda0fc2a701bd6dcfaa94261178fa78df1d15de
82877c6d33c5d786db4815f756437c3e853e08bf8c6c267fd246760d2a96d029

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.show
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 24 May 2024 21:48:20 GMT
content-type: font/woff2
content-length: 303544
x-amz-id-2: 70AFYw5W6X/6B+UZSIr10/JYfahYDHUxNUMInPomCbew3adJ1a4DSF9S954plWfYCrlapxXd1wg=
x-amz-request-id: 1718WVNTCARH9CZE
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "78863e0f6e65fbe6175866e6d5b6f18a"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1727590
accept-ranges: bytes
server: cloudflare
cf-ray: 88907d4129f00b65-OSL
X-Firefox-Spdy: h2

site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-regular-400.woff2

172.64.147.188

200 OK

358 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-regular-400.woff2
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 357732, version 768.256
Size
358 kB (357732 bytes)
Hash
aca950cc283a103f77e0001fb67043b7
bf0d2965fbc75a8a23ca081c7094a95535d46ca6
d2d786476ddb1827a07bc0ac83e78cee6d262a16092b6064c166091132f09b65

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.show
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 24 May 2024 21:48:20 GMT
content-type: font/woff2
content-length: 357732
x-amz-id-2: Br9dLqYU+N0M21J3AdD3adYutgDrGYL4/h2kL9hHFdENBbKCgS68fYnRzA9lfTKQEVSWKKTqUwm0p6STsQ5Q+A==
x-amz-request-id: 171DZT9BFWTJYKHF
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "aca950cc283a103f77e0001fb67043b7"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1727590
accept-ranges: bytes
server: cloudflare
cf-ray: 88907d4129ee0b65-OSL
X-Firefox-Spdy: h2

wecima.show/wp-content/uploads/2023/02/wecima-favicon-1.png

188.114.97.1

200 OK

5.5 kB

URL GET HTTP/3
wecima.show/wp-content/uploads/2023/02/wecima-favicon-1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.show
Fingerprint73:0E:81:3E:C1:20:98:77:9F:96:BD:0E:3A:B4:AF:31:E2:19:01:89
ValiditySun, 07 Apr 2024 00:56:01 GMT - Sat, 06 Jul 2024 00:56:00 GMT

File type
PNG image data, 271 x 211, 8-bit/color RGBA, non-interlaced
Size
5.5 kB (5499 bytes)
Hash
de6cab0eb34528ddc75c0bba91468367
805566b4421a52ccbc7ddea87282ce4df241f64e
ab33b59200764ca718a5f977d0eccf57c27d02560c59ba3a9b12af1819b1f7fa

HTTP Headers

GET /wp-content/uploads/2023/02/wecima-favicon-1.png HTTP/1.1
Host: wecima.show
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.show/
DNT: 1
Connection: keep-alive
Cookie: _ga_6JHTFKY3P3=GS1.1.1716587299.1.0.1716587299.0.0.0; _ga=GA1.1.236236530.1716587299
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 24 May 2024 21:48:20 GMT
content-type: image/png
content-length: 5499
last-modified: Mon, 13 Feb 2023 20:21:20 GMT
etag: "63ea9bc0-157b"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3769
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4W9b5DpI4UmAt3MTDJGuXd4dmVQg9PRR9OQkZ36Wgf%2BpjhiEjppgtbYgQ1RhOUHR9jexJDRz3p5zM9mc%2B6lSJyv3PFQY4CtYzBq3Y8AaqhJXwekFckuyAs6ZvME12Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88907d428ac456b4-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/video.js/7.0.0/video.min.js

104.17.25.14

200 OK

90 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/video.js/7.0.0/video.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65141)
Size
90 kB (89934 bytes)
Hash
32803413b97579648bb6d086fde72f08
8a7d229a24879f094e80b78e417c90d07cdc4f13
8636f49e04c3b2b95dbdc4bc2dfff6d5babbfd642eab954087deaa7c2c2fae11

HTTP Headers

GET /ajax/libs/video.js/7.0.0/video.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 24 May 2024 21:48:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 89934
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0401f-6092d"
last-modified: Mon, 04 May 2020 16:17:35 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 698610
expires: Wed, 14 May 2025 21:48:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jgkMFke4foM4G4ZK7oil3IP28R4b3j9f56vz%2B1IiRHxaNVLx1FEm%2FGnbfyYRo9gZrF54LzYTopnKNueW4Hf%2FAEVxdd%2BnKGHFUjOCMxnrujVWWt5ckzEhx2kXeS5cbbGWN1qJ3E9V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88907d42f888712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.5.1.min.js

151.101.194.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.5.1.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30879 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d84"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 May 2024 21:48:20 GMT
age: 2443472
x-served-by: cache-lga21981-LGA, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 64, 472429
x-timer: S1716587300.324269,VS0,VE0
vary: Accept-Encoding
content-length: 30879
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=008066167016401eeae65895c54864b8

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=008066167016401eeae65895c54864b8
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint90:47:5A:A5:5F:5F:FA:E6:7C:6F:AB:D2:06:D1:D9:BD:F3:54:9E:6E
ValiditySat, 11 May 2024 20:51:41 GMT - Fri, 09 Aug 2024 20:51:40 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
a23f5a728a7eb32ee51b0492a974b349
4022febf411a9d8bd9c67e1258a25914f8096980
36de3efd4fc4ec5103316bba494fb339610fe82d71e5104fd4cddf2c996ef796

HTTP Headers

GET /gid.js?userId=008066167016401eeae65895c54864b8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wecima.show
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 24 May 2024 21:48:20 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://wecima.show
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008066167016401eeae65895c54864b8; expires=Sat, 24 May 2025 21:48:20 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js

104.17.245.203

302 Found

61 kB

URL GET HTTP/2
unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js
IP
104.17.245.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type
ASCII text, with no line terminators
Size
61 kB (61412 bytes)
Hash
5daad76beef9a81dff11bddf0d9b65c3
7f6eb7561d339debcd2259b93bbc6ca8fe477303
ef533e8f223237b9901ab77086732014a71cdf2bed438c35c128c946a6ce333c

HTTP Headers

GET /videojs-contrib-hls/dist/videojs-contrib-hls.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 24 May 2024 21:48:20 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01HYP938DG0FRG8BTY78TX98RE-arn
cf-cache-status: HIT
age: 124
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88907d42eeb60b55-OSL
X-Firefox-Spdy: h2

wecima.tube/wp-content/uploads/2021/06/Dom-S01-2021.jpg

188.114.97.1

301 Moved Permanently

102 kB

URL GET HTTP/2
wecima.tube/wp-content/uploads/2021/06/Dom-S01-2021.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.tube
Fingerprint6E:85:09:0C:72:3E:31:9B:C9:90:BB:0A:B8:42:A8:93:A3:FB:E5:57
ValidityTue, 30 Apr 2024 02:50:39 GMT - Mon, 29 Jul 2024 02:50:38 GMT

File type
HTML document, ASCII text, with very long lines (65381)
Size
102 kB (101660 bytes)
Hash
a5ee60dbb30497989df5c9528630e80b
9033ca25a3edf664398a1db3d65a89f3cd625cf5
6bd86e4c216f5dc3d1fe3a514c6491925d0d79a9764d2112cb53fd4a7b8ab941

HTTP Headers

GET /wp-content/uploads/2021/06/Dom-S01-2021.jpg HTTP/1.1
Host: wecima.tube
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
date: Fri, 24 May 2024 21:48:19 GMT
content-type: text/html
location: https://wecima.show/wp-content/uploads/2021/06/Dom-S01-2021.jpg
cache-control: max-age=31536000
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bpX9336%2FMKGhHOlgRfLvBVVDuxbQxnCbEvv2mB2Jn8l6gpZSH0aeYpGSHouyuavKpYbRhYXxqS95e6isrV8xY3wl%2FuaUbFlimh52qfvjtwi4QvUqVaMUhLEprlXkdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88907d3e6dcd0b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tgb4.top15top.shop/mayihf5vup06/DOM.S01.E02.720p.WEBRip.MyCima.TO.mp4.html?Key=-CtrBBWkkP6xeppU1rDpHw&Expires=1716597413

104.21.41.189

302 Found

0 B

URL GET HTTP/2
tgb4.top15top.shop/mayihf5vup06/DOM.S01.E02.720p.WEBRip.MyCima.TO.mp4.html?Key=-CtrBBWkkP6xeppU1rDpHw&Expires=1716597413
IP
104.21.41.189:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
Certificate
IssuerGoogle Trust Services LLC
Subjecttop15top.shop
Fingerprint1C:79:5E:2F:07:C0:EC:06:B7:40:2D:C6:67:83:BC:06:58:DE:29:04
ValiditySat, 13 Apr 2024 18:46:21 GMT - Fri, 12 Jul 2024 18:46:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /mayihf5vup06/DOM.S01.E02.720p.WEBRip.MyCima.TO.mp4.html?Key=-CtrBBWkkP6xeppU1rDpHw&Expires=1716597413 HTTP/1.1
Host: tgb4.top15top.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 24 May 2024 21:48:20 GMT
content-length: 0
location: https://varcdnx20xvx2-12.erea12.shop:82/d/nnrtpzz7bgeyf3tk4moyz7iho75upqj6vgjjkrgyqjfwoxr3xb3ysqr5sdatj4b75dvcxvzm/DOM.S01.E02.720p.WEBRip.MyCima.TO.mp4
set-cookie: lang=english; domain=.tgb4.top15top.shop; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2F1sLyfAXqSd%2Fw6T45BGTdJc%2F7VKf66571yEzkscEppGnPJTQcyPW2QTPvekQeAOk2NI1vvjTzZ7566iWcxHb%2BCl%2FEhtuO4CVMWL5QOntmyaoLLulRAEQ28jAPyUFSVdmcZP%2FiI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88907d46291156bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

wecima.tube/wp-content/uploads/2021/06/Dom-S01-2021.jpg

188.114.97.1

301 Moved Permanently

61 kB

URL GET HTTP/2
wecima.tube/wp-content/uploads/2021/06/Dom-S01-2021.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.tube
Fingerprint6E:85:09:0C:72:3E:31:9B:C9:90:BB:0A:B8:42:A8:93:A3:FB:E5:57
ValidityTue, 30 Apr 2024 02:50:39 GMT - Mon, 29 Jul 2024 02:50:38 GMT

File type
data
Size
61 kB (61331 bytes)
Hash
6f571b5582bb3fe674eb6a810403f567
9ecd9379a658a75a600374821e24e16d74caad3c
7052cd32c5d465c59859d92842beb12df83183683bb4a55c0560ea56b234a10b

HTTP Headers

GET /wp-content/uploads/2021/06/Dom-S01-2021.jpg HTTP/1.1
Host: wecima.tube
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Fri, 24 May 2024 21:48:20 GMT
content-type: text/html
location: https://wecima.show/wp-content/uploads/2021/06/Dom-S01-2021.jpg
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0rdR%2FfeAIaQrZYgc3a0AdiJK5MYTBInQ4NOA9RG5h8c7gYII4eE8aaQybVem00TLh6rd9Gh5ni5WXdlST41k9JxPaGo%2B7urpIN4L1tDLgjua9Q%2BOOEggNZyfXpZZKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88907d469f3b0b49-OSL
alt-svc: h3=":443"; ma=86400

site-assets.fontawesome.com/releases/v6.0.0/css/all.css

172.64.147.188

200 OK

77 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/css/all.css
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
77 kB (77364 bytes)
Hash
6e22bbbba3eaaca0ef82233dac40a7fc
1f4194532cec68142d9a1aff2f1d008537e7956e
d65399793c1057e40f40cf7161b519fde0dee50e417a0db1059cdf805c6faa61

HTTP Headers

GET /releases/v6.0.0/css/all.css HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 24 May 2024 21:48:19 GMT
content-type: text/css
x-amz-id-2: kMts6lFk375420qO3pr8/pgncg9KdJXO2mycrjfjiw9JKdxKdw7G+FRNrNX/EjNilTSOj1jW0LG9ktV5W0uoEQ==
x-amz-request-id: WXY6M1MVYE64C3HD
last-modified: Mon, 07 Feb 2022 20:23:49 GMT
etag: W/"c8ccf9786058107114b343d52efb40bc"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2093328
vary: Accept-Encoding
server: cloudflare
cf-ray: 88907d3eec4b56a2-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ptoakooph.net/5/4796941/?oo=1&js_build=iclick-v1.803.1-auto

139.45.197.245

200 OK

11 kB

URL GET HTTP/2
ptoakooph.net/5/4796941/?oo=1&js_build=iclick-v1.803.1-auto
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerLet's Encrypt
Subjectptoakooph.net
Fingerprint1D:99:70:7B:9A:53:F6:20:53:14:51:B3:22:B4:E8:4C:42:CE:F8:BB
ValidityThu, 23 May 2024 12:22:53 GMT - Wed, 21 Aug 2024 12:22:52 GMT

File type
gzip compressed data, max speed, from Unix
Size
11 kB (10979 bytes)
Hash
4cc35efe2bf1ebbca10275b732397eb3
f344eb6d109b4f6440fa2fe9852aa830756f048e
152e7e1468410950eee216e7c6da6ec97e1f6b0f101c9d69ede92e2fd8b5bf37

HTTP Headers

GET /5/4796941/?oo=1&js_build=iclick-v1.803.1-auto HTTP/1.1
Host: ptoakooph.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wecima.show
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 24 May 2024 21:48:19 GMT
content-type: application/json
x-trace-id: cbc4770a5d7f4c8e1ecd198557133a06
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://wecima.show
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=008066167016401eeae65895c54864b8; expires=Sat, 24 May 2025 21:48:19 GMT; path=/; secure; SameSite=None
oaidts=1716587299; expires=Sat, 24 May 2025 21:48:19 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

ptoakooph.net/?rb=BL_5foH-_Ncqo5fvLwcEG5mKcOA8Bdg4LfBSQn-J-7IpMuGLRtQ1JnYoop3lcBMngBHSUDW8rIDBUDmS7erVcegvTyOIUFxVA0L117Be9lAJn1b1uku6AmOOSLHp_oGjtQzE4nhb67UZedxE-VgcPaLL_EObpsVE27nd1Y3yLXSAHgQ777GSoTpc6Icn97lTD5aeA5cn4gGhCPzHP1en106UbWxe9yQJawCkr8WVKbgr4I76C_R3rvJEH44QbK6b4kP_Vw%3D%3D&request_ab2=0&zoneid=4796941&js_build=iclick-v1.803.1-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=981&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fwecima.show%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25B3%25D9%2584%25D8%25B3%25D9%2584-dom-%25D9%2585%25D9%2588%25D8%25B3%25D9%2585-1-%25D8%25AD%25D9%2584%25D9%2582%25D8%25A9-2%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.803.1-auto&navlng=en-US&pnt=0&pnrc=0&bs=69874ae8-9fdf-4562-bf6f-dddb9aa02024&wasm=1&userId=008066167016401eeae65895c54864b8&m=link

139.45.197.245

200 OK

9.7 kB

URL GET HTTP/2
ptoakooph.net/?rb=BL_5foH-_Ncqo5fvLwcEG5mKcOA8Bdg4LfBSQn-J-7IpMuGLRtQ1JnYoop3lcBMngBHSUDW8rIDBUDmS7erVcegvTyOIUFxVA0L117Be9lAJn1b1uku6AmOOSLHp_oGjtQzE4nhb67UZedxE-VgcPaLL_EObpsVE27nd1Y3yLXSAHgQ777GSoTpc6Icn97lTD5aeA5cn4gGhCPzHP1en106UbWxe9yQJawCkr8WVKbgr4I76C_R3rvJEH44QbK6b4kP_Vw%3D%3D&request_ab2=0&zoneid=4796941&js_build=iclick-v1.803.1-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=981&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fwecima.show%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25B3%25D9%2584%25D8%25B3%25D9%2584-dom-%25D9%2585%25D9%2588%25D8%25B3%25D9%2585-1-%25D8%25AD%25D9%2584%25D9%2582%25D8%25A9-2%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.803.1-auto&navlng=en-US&pnt=0&pnrc=0&bs=69874ae8-9fdf-4562-bf6f-dddb9aa02024&wasm=1&userId=008066167016401eeae65895c54864b8&m=link
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerLet's Encrypt
Subjectptoakooph.net
Fingerprint1D:99:70:7B:9A:53:F6:20:53:14:51:B3:22:B4:E8:4C:42:CE:F8:BB
ValidityThu, 23 May 2024 12:22:53 GMT - Wed, 21 Aug 2024 12:22:52 GMT

File type
gzip compressed data, max speed, from Unix
Size
9.7 kB (9701 bytes)
Hash
10fa3ebfdeaecfd0edb6bf88c41c7933
b8b6e131d58c8a759fcc5739905a72ae7934ba0b
fba5dc8894af482a4f1684aa1c25073860530e931217e51bc4bedb088a8934d5

HTTP Headers

GET /?rb=BL_5foH-_Ncqo5fvLwcEG5mKcOA8Bdg4LfBSQn-J-7IpMuGLRtQ1JnYoop3lcBMngBHSUDW8rIDBUDmS7erVcegvTyOIUFxVA0L117Be9lAJn1b1uku6AmOOSLHp_oGjtQzE4nhb67UZedxE-VgcPaLL_EObpsVE27nd1Y3yLXSAHgQ777GSoTpc6Icn97lTD5aeA5cn4gGhCPzHP1en106UbWxe9yQJawCkr8WVKbgr4I76C_R3rvJEH44QbK6b4kP_Vw%3D%3D&request_ab2=0&zoneid=4796941&js_build=iclick-v1.803.1-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=981&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fwecima.show%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25B3%25D9%2584%25D8%25B3%25D9%2584-dom-%25D9%2585%25D9%2588%25D8%25B3%25D9%2585-1-%25D8%25AD%25D9%2584%25D9%2582%25D8%25A9-2%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.803.1-auto&navlng=en-US&pnt=0&pnrc=0&bs=69874ae8-9fdf-4562-bf6f-dddb9aa02024&wasm=1&userId=008066167016401eeae65895c54864b8&m=link HTTP/1.1
Host: ptoakooph.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.show/
Origin: https://wecima.show
DNT: 1
Connection: keep-alive
Cookie: OAID=008066167016401eeae65895c54864b8; oaidts=1716587299
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 24 May 2024 21:48:20 GMT
content-type: application/json
x-trace-id: 9f69a1e71b8231a9b07b80b30ea55413
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://wecima.show
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008066167016401eeae65895c54864b8; expires=Sat, 24 May 2025 21:48:20 GMT; path=/; secure; SameSite=None
oaidts=1716587300; expires=Sat, 24 May 2025 21:48:20 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 31 May 2024 21:48:20 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

wecima.show/AjaxCenter/RightBar/

188.114.97.1

200 OK

15 kB

URL GET HTTP/3
wecima.show/AjaxCenter/RightBar/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.show
Fingerprint73:0E:81:3E:C1:20:98:77:9F:96:BD:0E:3A:B4:AF:31:E2:19:01:89
ValiditySun, 07 Apr 2024 00:56:01 GMT - Sat, 06 Jul 2024 00:56:00 GMT

File type
JSON text data
Size
15 kB (15153 bytes)
Hash
db801fa4c7a872a8467738e2b2c71cb0
3fee7db85dfb08d4f28859cc213f156e168f4948
98581f9fd1a4bb5647446364b7645f5f03a90dccc8875c1f7dcb2faa9c85c0ca

HTTP Headers

GET /AjaxCenter/RightBar/ HTTP/1.1
Host: wecima.show
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Cookie: _ga_6JHTFKY3P3=GS1.1.1716587299.1.0.1716587299.0.0.0; _ga=GA1.1.236236530.1716587299
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 24 May 2024 21:48:19 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1TbM8cU63Rerc0%2BMwxi2QO2wBfOZg829WnoffC07Z5PFilXdl6J3UQDNGIwe6CGnGc8yznTdDsriU4lxlz73cuTJlb3qOeyuGkIBaJ3SmuAOOLnmophpWe0zZ7KdJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88907d3e4f0c56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

wecima.tube/wp-content/uploads/2023/02/wecima-favicon-1.png

188.114.97.1

301 Moved Permanently

220 kB

URL GET HTTP/2
wecima.tube/wp-content/uploads/2023/02/wecima-favicon-1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.tube
Fingerprint6E:85:09:0C:72:3E:31:9B:C9:90:BB:0A:B8:42:A8:93:A3:FB:E5:57
ValidityTue, 30 Apr 2024 02:50:39 GMT - Mon, 29 Jul 2024 02:50:38 GMT

File type
data
Size
220 kB (220250 bytes)
Hash
b315e83eeb0200ca33188b4e9f544562
70cd0a5c1a96eb63ddd49ba043b0a77573e0f33f
b630e616b99b8a430b0e3e69760f623fe99a6c0ada70d8350a902d11228bea9e

HTTP Headers

GET /wp-content/uploads/2023/02/wecima-favicon-1.png HTTP/1.1
Host: wecima.tube
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 24 May 2024 21:48:19 GMT
content-type: text/html
location: https://wecima.show/wp-content/uploads/2023/02/wecima-favicon-1.png
cache-control: max-age=31536000
cf-cache-status: HIT
age: 161
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tV%2ByncdcIvWMgR2PN6p%2BfQglpp3foZ%2BsuBisDBk1P8BZKQB9aF5rVHCeVi1frGQ%2BorHB%2BCnv5RabF18o3ow6Ge3sxpJfpA6rI2cfXkleQn8iPMO9o0FooyEepZAeRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88907d3e3db00b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

5.8 kB

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
gzip compressed data, max speed, from Unix
Size
5.8 kB (5763 bytes)
Hash
c2dd19e3dceef9f0967b27ed6ebd47e5
074a1959f881d0c78ea1c6fc4f844fabb0e2aa06
2c011dfe2229b0c31d58f3bd1c1ace3525928fcf7709a7d1c06b46aa0d11d179

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 24 May 2024 21:48:37 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/202402/aus.content-signature.mozilla.org-2024-07-04-09-28-34.chain; p384ecdsa=mabEIppd9NTD_JoeUKE0q5vsE54lxVpk7VrlVuVrbngrD1CPjxDaarbZnykcflVlOLhnuMlG1TKl2olqSB_T0itUVPdz2lJRZ-zw7q72Mspgylk9L-UCoCsrECHnkDbp
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

varcdnx20xvx2-12.erea12.shop:82/d/nnrtpzz7bgeyf3tk4moyz7iho75upqj6vgjjkrgyqjfwoxr3xb3ysqr5sdatj4b75dvcxvzm/DOM.S01.E02.720p.WEBRip.MyCima.TO.mp4

194.110.207.42

206 Partial Content

8.9 MB

URL GET HTTP/1.1
varcdnx20xvx2-12.erea12.shop:82/d/nnrtpzz7bgeyf3tk4moyz7iho75upqj6vgjjkrgyqjfwoxr3xb3ysqr5sdatj4b75dvcxvzm/DOM.S01.E02.720p.WEBRip.MyCima.TO.mp4
IP
194.110.207.42:82
ASN
#56655 TerraHost AS

Requested by
https://wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
Certificate
IssuerLet's Encrypt
Subject*.erea12.shop
Fingerprint43:CF:B3:4E:E1:4C:84:9E:FC:83:FA:57:0E:48:07:1B:60:C9:25:A0
ValidityFri, 29 Mar 2024 23:17:26 GMT - Thu, 27 Jun 2024 23:17:25 GMT

File type

Size
8.9 MB (8912503 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /d/nnrtpzz7bgeyf3tk4moyz7iho75upqj6vgjjkrgyqjfwoxr3xb3ysqr5sdatj4b75dvcxvzm/DOM.S01.E02.720p.WEBRip.MyCima.TO.mp4 HTTP/1.1
Host: varcdnx20xvx2-12.erea12.shop:82
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, identity
Range: bytes=0-
Referer: https://wecima.show/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Server: nginx
Date: Fri, 24 May 2024 21:42:29 GMT
Content-Type: application/octet-stream
Content-Length: 507110546
Last-Modified: Tue, 21 Mar 2023 07:35:10 GMT
Connection: close
Content-Disposition: attachment
ETag: "64195e2e-1e39e492"
Content-Range: bytes 0-507110545/507110546

wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474

188.114.97.1

200 OK

1.1 MB

URL GET HTTP/3
wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.show
Fingerprint73:0E:81:3E:C1:20:98:77:9F:96:BD:0E:3A:B4:AF:31:E2:19:01:89
ValiditySun, 07 Apr 2024 00:56:01 GMT - Sat, 06 Jul 2024 00:56:00 GMT

File type

Size
1.1 MB (1076301 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474 HTTP/1.1
Host: wecima.show
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
DNT: 1
Connection: keep-alive
Cookie: _ga_6JHTFKY3P3=GS1.1.1716587299.1.0.1716587299.0.0.0; _ga=GA1.1.236236530.1716587299
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 24 May 2024 21:48:19 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4NJX6zHuVzIAdugj7WbXrmyGC%2F5jjdMFiWiBAzV49SNF25T9OGcifkbl%2FBXUD3KoWXUqmHpTdLG%2FUaOLwao3LQ9JhhnyQi%2B5nZdWUjffB7zH2F3D49cICjW3Pkwfew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88907d3fc89a56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

wecima.show/insights.php

188.114.97.1

200 OK

35 B

URL POST HTTP/3
wecima.show/insights.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.show
Fingerprint73:0E:81:3E:C1:20:98:77:9F:96:BD:0E:3A:B4:AF:31:E2:19:01:89
ValiditySun, 07 Apr 2024 00:56:01 GMT - Sat, 06 Jul 2024 00:56:00 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
35 B (35 bytes)
Hash
6b652cac01878c3fd56eb6144f8ec758
2fb0dbad10a7c55b807ebc198e20ed61e8e1569f
95eff1092198a47f11a7261d5419945c9b7745f457589fc3c9f1cbac4cd5fe95

HTTP Headers

POST /insights.php HTTP/1.1
Host: wecima.show
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 12
Origin: https://wecima.show
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 24 May 2024 21:48:19 GMT
content-type: application/json
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LZxaQXqFUxrqMLroVIs4k7aZAgfj%2BkZFQl%2ByOxkPq6UGcx51qbh4K6tSw52xnuNE5qVA1qS9GqMD1yZXrpj2wT0mSfkd7j0pML96nkvG0ET9wVz%2BOsJ8lSY1GDktTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88907d3ced6e56b4-OSL
alt-svc: h3=":443"; ma=86400

wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/

188.114.97.1

200 OK

294 kB

URL User Request GET HTTP/2
wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.show
Fingerprint73:0E:81:3E:C1:20:98:77:9F:96:BD:0E:3A:B4:AF:31:E2:19:01:89
ValiditySun, 07 Apr 2024 00:56:01 GMT - Sat, 06 Jul 2024 00:56:00 GMT

File type

Size
294 kB (294460 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/ HTTP/1.1
Host: wecima.show
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 24 May 2024 21:48:18 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FFWqGVUpUiSOmCNYfK0Ct6PDAkNfLVgY%2FqpYhwrVQLJGMS7GIG%2BaSmPAASH5w%2BcjK%2B%2Bq3O8LfwcalSJkJjvisoGE7XL1MVovpDMrt%2B9vUx7feHyXypZn7U15epijsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88907d370c9cb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

wecima.show/wp-content/themes/Mycima2021/js/vidjs-2.js

188.114.97.1

200 OK

27 kB

URL GET HTTP/3
wecima.show/wp-content/themes/Mycima2021/js/vidjs-2.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.show
Fingerprint73:0E:81:3E:C1:20:98:77:9F:96:BD:0E:3A:B4:AF:31:E2:19:01:89
ValiditySun, 07 Apr 2024 00:56:01 GMT - Sat, 06 Jul 2024 00:56:00 GMT

File type

Size
27 kB (27283 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/Mycima2021/js/vidjs-2.js HTTP/1.1
Host: wecima.show
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
Cookie: _ga_6JHTFKY3P3=GS1.1.1716587299.1.0.1716587299.0.0.0; _ga=GA1.1.236236530.1716587299
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 24 May 2024 21:48:20 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 06 Jun 2023 18:43:27 GMT
etag: W/"647f7e4f-6a93"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 3707
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wJJ9LtZcoEUO6SN4HwfgrYjwDXX2%2BBf1w4pDy0hUZ5VlYQonzB5ARNTc9kZgGFFu00a1%2BVajAKHfkKD3F2xr0LFRAsUUdMt24CU5Hcf21lhHbARAZPOYr9TvLrqLjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88907d426aa956b4-OSL
alt-svc: h3=":443"; ma=86400

wecima.show/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.4.3

188.114.97.1

200 OK

95 kB

URL GET HTTP/3
wecima.show/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.4.3
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.show
Fingerprint73:0E:81:3E:C1:20:98:77:9F:96:BD:0E:3A:B4:AF:31:E2:19:01:89
ValiditySun, 07 Apr 2024 00:56:01 GMT - Sat, 06 Jul 2024 00:56:00 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
95 kB (95124 bytes)
Hash
fcdee094e98d38fe380e1b5aad9bf444
d0ea8bb98673c7daa2da3af292eeea39a4f7479a
ab97310577a6474ae4b0bd9bb8ef5267698bb9fa61127cb358d4512676d90488

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.4.3 HTTP/1.1
Host: wecima.show
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 24 May 2024 21:48:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 22 Aug 2021 16:57:00 GMT
etag: W/"612281dc-17394"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1437
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RsG4%2BPovovayy9tYnn6Hd0lL1UDNU83pZy6e%2FmkWaYZQoZsUyIe%2FIJMg6zsrIRVVK97jjZitv0XjW9c%2BKRkz0aMcf3FTMXM5SHna1EMhFU%2FmiiXmSXLtGJM9MohSNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88907d3abbbd56b4-OSL
alt-svc: h3=":443"; ma=86400

unpkg.com/videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js

104.17.245.203

200 OK

717 kB

URL GET HTTP/2
unpkg.com/videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js
IP
104.17.245.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type

Size
717 kB (717184 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.show/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 24 May 2024 21:48:20 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "af180-yddBL+N7CRgyB07pxWVoSeh+9Bw"
via: 1.1 fly.io
fly-request-id: 01HWR0WJH7DRSYX85E5APA6NX1-arn
cf-cache-status: HIT
age: 2089106
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88907d440f870b55-OSL
X-Firefox-Spdy: h2

unpkg.com/@videojs/themes@1/dist/forest/index.css

104.17.245.203

302 Found

4.7 kB

URL GET HTTP/2
unpkg.com/@videojs/themes@1/dist/forest/index.css
IP
104.17.245.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type

Size
4.7 kB (4705 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /@videojs/themes@1/dist/forest/index.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 24 May 2024 21:48:20 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /@videojs/themes@1.0.1/dist/forest/index.css
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01HYP938DBY80N42NJQ717C5F8-arn
cf-cache-status: HIT
age: 124
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88907d42eead0b55-OSL
X-Firefox-Spdy: h2

unpkg.com/videojs-flash/dist/videojs-flash.js

104.17.245.203

302 Found

39 kB

URL GET HTTP/2
unpkg.com/videojs-flash/dist/videojs-flash.js
IP
104.17.245.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type

Size
39 kB (39407 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /videojs-flash/dist/videojs-flash.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 24 May 2024 21:48:20 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /videojs-flash@2.2.1/dist/videojs-flash.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01HYP91JHVNQYPVV70ESPXAR6N-arn
cf-cache-status: HIT
age: 179
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88907d42feb80b55-OSL
X-Firefox-Spdy: h2

inklinkor.com/tag.min.js

104.21.91.63

200 OK

90 kB

URL GET HTTP/2
inklinkor.com/tag.min.js
IP
104.21.91.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subjectinklinkor.com
Fingerprint28:84:D7:8F:63:D7:99:15:D5:E8:2C:F5:74:62:0D:94:C1:0A:EF:95
ValidityWed, 17 Apr 2024 17:58:45 GMT - Tue, 16 Jul 2024 17:58:44 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
90 kB (90541 bytes)
Hash
21cb2030609db3dab6f98b8686c024e8
75bc81df3a5c7d3a14ebc313bb48b96fa9b96ff6
cb6e540c66403707249d06b7ef0de5f4acbb5c33e974dbb132d8fd4be3122429

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 24 May 2024 21:48:19 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 4d3e9a02d971e9209fa3712e0434d62d
cache-control: max-age=86400
last-modified: Thu, 23 May 2024 16:09:30 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 25 May 2024 20:12:47 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 5732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yx6I5KNnXZ2U2OOOkU6Q4yKM%2BxZJtcPTPKICbqh7ubaoX59hQpkgGq0XWZOzJsDuA3vs42aPh1xTcnEMvFrNn95abh2JaR46rfLbdI3zaQRtnTy7JVI83uLvAZjP7TEO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88907d3d4eaa56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

188.114.97.1

301 Moved Permanently

1.1 MB

URL GET HTTP/3
wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.show
Fingerprint73:0E:81:3E:C1:20:98:77:9F:96:BD:0E:3A:B4:AF:31:E2:19:01:89
ValiditySun, 07 Apr 2024 00:56:01 GMT - Sat, 06 Jul 2024 00:56:00 GMT

File type

Size
1.1 MB (1076301 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474 HTTP/1.1
Host: wecima.show
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%B3%D9%84%D8%B3%D9%84-dom-%D9%85%D9%88%D8%B3%D9%85-1-%D8%AD%D9%84%D9%82%D8%A9-2/
Cookie: _ga_6JHTFKY3P3=GS1.1.1716587299.1.0.1716587299.0.0.0; _ga=GA1.1.236236530.1716587299
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 301 Moved Permanently
date: Fri, 24 May 2024 21:48:19 GMT
content-type: text/html; charset=UTF-8
location: https://wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
x-redirect-by: WordPress
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C5GvC0DiQuay8xK8szAJu9lQw51AwcH%2BFctQojIpVwFqSGeAlOWeftNQs4fvtS%2B1dOd86eXt6RzJRex6n%2B9EBmEGfDeJBYQFO%2FDx%2B%2F29uhLfk4qjH4qXRQbg3lkBjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88907d3f1fd556b4-OSL
alt-svc: h3=":443"; ma=86400

wecima.show/wp-content/themes/Mycima2021/Style/fonts.css

188.114.97.1

404 Not Found

265 kB

URL GET HTTP/3
wecima.show/wp-content/themes/Mycima2021/Style/fonts.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.show
Fingerprint73:0E:81:3E:C1:20:98:77:9F:96:BD:0E:3A:B4:AF:31:E2:19:01:89
ValiditySun, 07 Apr 2024 00:56:01 GMT - Sat, 06 Jul 2024 00:56:00 GMT

File type

Size
265 kB (264813 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/Mycima2021/Style/fonts.css HTTP/1.1
Host: wecima.show
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
Cookie: _ga_6JHTFKY3P3=GS1.1.1716587299.1.0.1716587299.0.0.0; _ga=GA1.1.236236530.1716587299
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 24 May 2024 21:48:20 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MnCELqw9naCIiHTOfQycWR76ILKzZzfu72mz%2BfgSBoGGKlfVwkDrxdJT04MmGpNab%2Fgtr8ggVyVF2V1cZvboaxDEDAcjgrfLBzYlykueB33HgYbYPBxao0Tc2vEXyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88907d426aa756b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

unpkg.com/@videojs/themes@1.0.1/dist/forest/index.css

104.17.245.203

200 OK

4.7 kB

URL GET HTTP/2
unpkg.com/@videojs/themes@1.0.1/dist/forest/index.css
IP
104.17.245.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type
ASCII text, with very long lines (4713), with no line terminators
Size
4.7 kB (4705 bytes)
Hash
f4eae9a8afcd9abd6c0a15a152e1bce8
9ab77953e7fe073c1e4075e3196613b9c8a06d60
0dc7cd97035d0073354825aa89d32ad41d8c0a3422226be471831cc28d8d024d

HTTP Headers

GET /@videojs/themes@1.0.1/dist/forest/index.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.show/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 24 May 2024 21:48:20 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Wed, 28 Oct 2020 04:24:35 GMT
etag: "1261-TREtap8czYudjMboZWzHkoZFOgs"
via: 1.1 fly.io
fly-request-id: 01HWR0QYBF6EATHYC7RZE8QBHF-arn
cf-cache-status: HIT
age: 2089258
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88907d440f850b55-OSL
X-Firefox-Spdy: h2

unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js

104.17.245.203

200 OK

39 kB

URL GET HTTP/2
unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js
IP
104.17.245.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.show/run/34dce7228da3aa06e434f7a79d65d0da22660b3c79a99bd88c4dff9dd03f50e81a96f700e7a2df87cda01fcef5c7d2908a63eb85e9129a91a2355bc00f425d4647325a8c2eca77f5e7b7ca2a3b5dd9878a4116a0b38eed34ace4cfcb3b0ef317343362/?Key=kw4gmhFMm0VLi9-qyna0PQ&Expires=1716594474
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type
JavaScript source, ASCII text
Size
39 kB (39407 bytes)
Hash
b671db9a73a06770313c1a05bcdc0b58
12280acce4192448e93e3b2ef9e1adf6c6eba94a
9162832cc3ed9507d8f869dd0d4fd0dacde05a078172d82a98b05e0aef1f1a34

HTTP Headers

GET /videojs-flash@2.2.1/dist/videojs-flash.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.show/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 24 May 2024 21:48:20 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "99ef-EigKzOQZJEjpPjsu+eGt9sbrqUo"
via: 1.1 fly.io
fly-request-id: 01HWR0Y06M2QFE3HKPSJWHSD2M-arn
cf-cache-status: HIT
age: 2089059
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88907d440f8b0b55-OSL
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash