Report - mycima.mx/profile/admin/

Report Overview

Visited public
2023-10-28 10:00:27
Tags
URL
mycima.mx/profile/admin/
Finishing URL
mycima18.wecima.watch/
IP / ASN
104.21.1.124
#13335 CLOUDFLARENET
Title
مشاهدة ماى سيما MYCIMA وى سيما WECIMA افلام و مسلسلات اون لاين - وى سيما wecima ماى سيما mycima

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
nutsmargaret.com	unknown	2023-09-23	2023-09-27 07:23:37	2023-10-26 17:41:44	491 B	467 B	192.243.61.227
gishejuy.com	unknown	2023-10-25	2023-10-25 15:14:32	2023-10-27 19:32:43	406 B	45 kB	139.45.197.242
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2023-10-27 18:36:19	745 B	423 B	192.243.59.20
mycima.mx	unknown	2021-01-23	2021-02-25 21:02:42	2023-10-28 11:59:58	482 B	352 kB	104.21.1.124
tzegilo.com	unknown	2022-01-14	2022-01-14 16:27:15	2023-10-27 18:28:51	406 B	20 kB	104.21.11.245
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-10-27 19:07:13	893 B	155 kB	142.250.74.168
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-10-27 18:12:03	2.0 kB	4.2 kB	142.250.74.99
inklinkor.com	unknown	2022-04-01	2022-04-01 13:44:00	2023-10-27 22:02:01	406 B	29 kB	172.67.211.29
mycima18.wecima.watch	unknown	unknown	No data	No data	23 kB	2.2 MB	188.114.97.1
wecima.tube	unknown	2023-02-02	2023-02-02 03:54:18	2023-10-24 15:26:09	462 B	855 B	188.114.97.1
fleraprt.com	unknown	2022-01-14	2022-01-14 23:55:14	2023-10-27 18:28:54	543 B	491 B	139.45.195.254
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-10-27 18:28:13	477 B	750 B	139.45.195.8
banquetunarmedgrater.com	unknown	2022-08-04	2022-08-04 17:12:50	2023-10-27 18:36:17	421 B	841 B	172.67.219.12
cameesse.net	unknown	2023-10-18	2023-10-18 14:31:33	2023-10-27 20:21:56	2.2 kB	572 kB	139.45.197.242
lr.bezoarschrysid.com	unknown	2023-09-21	2023-09-21 14:20:55	2023-10-24 15:25:38	425 B	1.4 kB	23.109.248.115
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-10-27 19:42:10	340 B	942 B	143.204.53.97
site-assets.fontawesome.com	299062	2012-10-18	2022-02-10 07:20:21	2023-10-27 19:16:06	2.7 kB	1.6 MB	104.18.40.68
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-10-27 18:36:17	407 B	133 kB	172.64.162.2
ocsp.sectigo.com	487	2018-08-16	2019-11-29 12:50:24	2023-10-27 18:37:07	330 B	963 B	104.18.38.233
alteredyacht.com	unknown	2023-08-22	2023-08-22 03:51:26	2023-10-25 15:12:37	445 B	61 kB	173.233.137.44
mycima14.wecima.watch	unknown	2023-02-02	2023-10-17 10:58:08	2023-10-24 15:25:37	494 B	352 kB	188.114.97.1
groorsoa.net	unknown	2023-10-23	2023-10-24 03:50:52	2023-10-27 22:03:13	1.6 kB	7.0 kB	139.45.197.245
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-10-27 18:55:07	2.7 kB	62 kB	216.58.207.227
mycima15.wecima.watch	unknown	2023-02-02	2023-10-21 14:55:47	2023-10-24 15:25:37	506 B	24 kB	188.114.97.1
professionalswebcheck.com	unknown	2022-04-01	2022-04-02 00:47:29	2023-10-27 18:28:13	448 B	428 B	3.73.202.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-10-28	medium	nutsmargaret.com	Sinkholed
2023-10-27	medium	cameesse.net	Sinkholed
2023-10-27	medium	gishejuy.com	Sinkholed
2023-10-27	medium	cameesse.net	Sinkholed
2023-10-27	medium	cameesse.net	Sinkholed
2023-10-28	medium	unseenreport.com	Sinkholed
2023-10-27	medium	cameesse.net	Sinkholed
2023-10-28	medium	fleraprt.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (20)

	URL	From	Size	First Seen	Last Seen
	mycima18.wecima.watch/	ScriptElement	158 B	2023-03-25	2025-06-12
Pretty URL mycima18.wecima.watch/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-25 21:52 Last Seen2025-06-12 17:37 Times Seen117 Hash d8df6d4045b4e1124661b5df5086c10e c17b97603a604f539a451c6d001308b0654b909c b9848daa1b8d843e20a1540f95910ea8e5190b6e22ba895ed2d1ab380f7c48d1 Loading...

	lr.bezoarschrysid.com/rYwzTSZUOMXA4Xx/40334	ScriptElement	0 B	0001-01-01	2025-06-13
Pretty URL lr.bezoarschrysid.com/rYwzTSZUOMXA4Xx/40334 IP 23.109.248.115 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-06-13 04:40 Times Seen4939084 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	Function	79 B	2023-04-11	2025-06-13
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-06-13 03:38 Times Seen114719 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	unknown	Function	37 B	2023-04-11	2025-06-13
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-06-13 04:30 Times Seen271493 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3	ScriptElement	266 kB	2023-10-28	2023-10-28
Pretty URL www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 12:00 Last Seen2023-10-28 12:00 Times Seen1 Hash 4eb81ec158d769165898e14333cd7e9f e74acf8bae541b9ed175ed88a2f9fa71fe8d333d b50a19ac2379533f545454eb59eaa6f2272ff2e179289d90d193da59cd868d2b Loading...

	cameesse.net/27/1a35f96fe99c6fb6ce26f56167ed6e04	ScriptElement	412 kB	2023-10-19	2024-08-21
Pretty URL cameesse.net/27/1a35f96fe99c6fb6ce26f56167ed6e04 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-19 14:32 Last Seen2024-08-21 04:07 Times Seen290 Hash e3d10345a5e4f16d7842e70768393edd 96f2cc5910d6179f94a71eb9710d24504bb4b5c8 105cdd8ee1488423586ad4e289970eafc093376355ecc88bfc3eaed4ea3f2432 Loading...

	tzegilo.com/stattag.js	ScriptElement	19 kB	2023-09-07	2024-08-21
Pretty URL tzegilo.com/stattag.js IP 104.21.11.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-07 20:07 Last Seen2024-08-21 07:20 Times Seen2395 Hash 89e89aea544ea2785d49cc4cd9cf26f6 7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b 86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9 Loading...

	mycima18.wecima.watch/	ScriptElement	815 B	2023-10-28	2024-08-20
Pretty URL mycima18.wecima.watch/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-28 12:00 Last Seen2024-08-20 22:04 Times Seen5 Hash c72a96cbf849c2c906117b2a0a5ff599 d769a0401c8f549410879242a2c996f9d2ac7cb0 cc7eba7acb2260a29c8c1a914e283a86cd6cb3058c1fd2e817982f9f7324f751 Loading...

	mycima18.wecima.watch/	ScriptElement	193 B	2023-05-27	2025-06-11
Pretty URL mycima18.wecima.watch/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-27 13:08 Last Seen2025-06-11 21:33 Times Seen145 Hash 82455ac64431deea965cf4b1ffc05c92 9f35df08bd07430163df6795cb73e39c98848019 2b084b56d488c9519ac67d0da4aa9d1488d51fbb731ecf657cd231975213ed51 Loading...

	mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.2.2	ScriptElement	88 kB	2023-03-07	2025-06-12
Pretty URL mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.2.2 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26 Last Seen2025-06-12 17:37 Times Seen285 Hash b4999cbb6a73a9b312f635cff75e5a53 c7b683fc72d06eac129185c3e60362f5c1adc2a8 736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302 Loading...

	alteredyacht.com/5a/ab/22/5aab22948fc5f2edc2ca37dff2cd916f.js	ScriptElement	60 kB	2023-10-28	2023-10-28
Pretty URL alteredyacht.com/5a/ab/22/5aab22948fc5f2edc2ca37dff2cd916f.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 12:00 Last Seen2023-10-28 12:00 Times Seen1 Hash f6096844f09ac08b823a15ee0dc2104e 78dcf4d41df2339bcd2eced62e3a8cb96b05283c b4dde445711f239c3c6f956e56e84fd148408c2d2243a27a1bf96a1891903fb0 Loading...

	www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c	ScriptElement	177 kB	2023-10-28	2023-10-28
Pretty URL www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 12:00 Last Seen2023-10-28 12:00 Times Seen1 Hash 2198c8ba1f3df834430e57ae7cbf8612 af1360328da010acfb9cc6839a12fba73eef3882 e58bc04472f4909c8c6cdcb3192d627ee75f94a946bee341c3f1fa221f47474c Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-08-25	2023-11-23
Pretty URL friendshipmale.com/sfp.js IP 172.64.162.2 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 12:30 Last Seen2023-11-23 01:47 Times Seen6642 Hash 2d0450888479d4ddda305bd96206b240 5b4595aab1cd3f854718e05db9be0c65a12ab2f6 44de073e74ff24c6b1c0fe1f3ac5b33d793560e85ef24fb6ce89e76c2cf90af6 Loading...

	cameesse.net/1?z=4807448	ScriptElement	43 kB	2024-08-20	2024-08-20
Pretty URL cameesse.net/1?z=4807448 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 22:04 Last Seen2024-08-20 22:04 Times Seen1 Hash f55ab2956fa0a244466aa386b5421a6b aaed1f35543f846a34b43d0102f0bd6f789eb58b 33800c9c133bb35e77d6c3e987d1c9e81d4d32a964e230669a669b091259de92 Loading...

	mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.2.2	ScriptElement	95 kB	2023-03-07	2025-06-12
Pretty URL mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.2.2 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39 Last Seen2025-06-12 17:37 Times Seen136 Hash fcdee094e98d38fe380e1b5aad9bf444 d0ea8bb98673c7daa2da3af292eeea39a4f7479a ab97310577a6474ae4b0bd9bb8ef5267698bb9fa61127cb358d4512676d90488 Loading...

	mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?1659366893&ver=6.2.2	ScriptElement	153 kB	2023-03-25	2024-08-21
Pretty URL mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?1659366893&ver=6.2.2 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 21:52 Last Seen2024-08-21 08:31 Times Seen84 Hash 01d86e0593e8805ec600bce502493839 7de61d6bc3f856ed4643c4d9ed9d843ac3277b4e 4f7d4554a7292450b3ff6ae2142e033a0daf173134a052a6681921f8270ca9be Loading...

	inklinkor.com/tag.min.js	ScriptElement	81 kB	2023-10-27	2023-11-01
Pretty URL inklinkor.com/tag.min.js IP 172.67.211.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-27 12:46 Last Seen2023-11-01 02:14 Times Seen277 Hash dcdb74a84033cb062fac67d00d2131b9 de814a6a30d0a96261ace16dfe5c199140c575ca 0cc86e2557d9500456d230530757b5b333957497426d58f24f5af7d88d9ed066 Loading...

	mycima18.wecima.watch/sandbox%20eval%20code		147 B	2023-04-11	2025-06-13
Pretty URL mycima18.wecima.watch/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-13 04:37 Times Seen353398 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-06-13
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-13 04:37 Times Seen352660 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	gishejuy.com/400/5097541	ScriptElement	82 kB	2024-08-20	2024-08-20
Pretty URL gishejuy.com/400/5097541 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 22:04 Last Seen2024-08-20 22:04 Times Seen1 Hash e7fc468ad3e45bb7214d28e257cb10fe dc8cdb00597f1c84186d49ccb353d269785a8c04 46a06a66e63af6e1674081ba74cdc9b6b16ce50ca968a26825affe3cb6c25ef1 Loading...

HTTP Transactions (81)

URL IP Response Size

mycima18.wecima.watch/profile/admin/

188.114.97.1

302 Found

23 kB

URL User Request GET HTTP/3
mycima18.wecima.watch/profile/admin/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
data
Size
23 kB (23410 bytes)
Hash
f233e5bf6f9fc7c4a0eb5b1f79135a76
cffdd6c5b50f3fcfb005f8702c72ca45a0828784
fde85cb17aa84a35160166471be68a6c4063bb55d6ab6ce6ee046d7a08888320

HTTP Headers

GET /profile/admin/ HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 28 Oct 2023 10:00:06 GMT
content-type: text/html; charset=UTF-8
location: https://mycima18.wecima.watch
x-redirect-by: WordPress
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BMKrHblNmSFx%2BawOP%2FaVoqwh%2FNi1q8EB%2FCybdcH5jVENl210iAMtzzePOpuaDmS1pFm9dm%2BfuV1hsLGgT1dya%2FpNsJL6qudbAC%2FjAaATFxfwte3%2B1T3uo9S1Q2FRmhXHWbMH78Yuak%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d25471ac875696-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3

142.250.74.168

200 OK

89 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint97:15:34:CA:DF:1A:DF:2E:7B:EF:E9:6E:44:21:30:2B:ED:13:54:AE
ValidityMon, 09 Oct 2023 08:03:58 GMT - Mon, 01 Jan 2024 08:03:57 GMT

File type
ASCII text, with very long lines (3651)
Size
89 kB (89130 bytes)
Hash
4eb81ec158d769165898e14333cd7e9f
e74acf8bae541b9ed175ed88a2f9fa71fe8d333d
b50a19ac2379533f545454eb59eaa6f2272ff2e179289d90d193da59cd868d2b

HTTP Headers

GET /gtag/js?id=G-6JHTFKY3P3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Oct 2023 10:00:07 GMT
expires: Sat, 28 Oct 2023 10:00:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89130
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.99

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5e768ebd9fb7a8a64306f39a90ecaa96
6b59211730342198008c305acfb463def4a7b6c6
894a3b5d8365305169424212970ab4e67064a6bcd4ca39370733cbf7f7cd375c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Oct 2023 10:00:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.99

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b6171b622e9f59a26be9ee77ccc24b9b
dc82a2156684a22eb055c9f4eeb80b8e87e776a1
5484ebbfd19a496e2eba8bd96f320bbe7bc6c8810e1d8d307bf48b34d0ace5f5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Oct 2023 10:00:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2

216.58.207.227

200 OK

9.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9864, version 1.0\012- data
Size
9.9 kB (9864 bytes)
Hash
9751651b345afc0e49ca1a302c19a294
05393c6e747f5e8a3c7fbee5fe15cad4c80837e1
d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9864
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Oct 2023 10:31:10 GMT
expires: Sat, 26 Oct 2024 10:31:10 GMT
cache-control: public, max-age=31536000
age: 84537
last-modified: Tue, 16 Jul 2019 03:31:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.99

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b6171b622e9f59a26be9ee77ccc24b9b
dc82a2156684a22eb055c9f4eeb80b8e87e776a1
5484ebbfd19a496e2eba8bd96f320bbe7bc6c8810e1d8d307bf48b34d0ace5f5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Oct 2023 10:00:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2

216.58.207.227

200 OK

8.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8948, version 1.0\012- data
Size
8.9 kB (8948 bytes)
Hash
3ca4aaa12ffa2e1f165db59f857ee5b0
1a72fa6677fa1b70f43d4a0abf3c309c211ee9fa
d404f987f0d261c3eff16cd778fb138d5c604af7f361e609ef0b91bac16d7e67

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Oct 2023 15:28:53 GMT
expires: Sun, 20 Oct 2024 15:28:53 GMT
cache-control: public, max-age=31536000
age: 585074
last-modified: Tue, 16 Jul 2019 03:31:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.99

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b6171b622e9f59a26be9ee77ccc24b9b
dc82a2156684a22eb055c9f4eeb80b8e87e776a1
5484ebbfd19a496e2eba8bd96f320bbe7bc6c8810e1d8d307bf48b34d0ace5f5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Oct 2023 10:00:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.99

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b6171b622e9f59a26be9ee77ccc24b9b
dc82a2156684a22eb055c9f4eeb80b8e87e776a1
5484ebbfd19a496e2eba8bd96f320bbe7bc6c8810e1d8d307bf48b34d0ace5f5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Oct 2023 10:00:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19984, version 1.0\012- data
Size
20 kB (19984 bytes)
Hash
0db10b5d1f471ef6c3a30158ff403106
ea993e87704687d1399a3b1fd79aa84c47659c82
e0e544b2864b4c3d7425f4eff9f9365b629abcbaf37f03d0bf5ba381f227d48a

HTTP Headers

GET /s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19984
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Oct 2023 01:27:49 GMT
expires: Sun, 27 Oct 2024 01:27:49 GMT
cache-control: public, max-age=31536000
age: 30738
last-modified: Tue, 01 Sep 2020 03:51:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2

216.58.207.227

200 OK

8.5 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8488, version 1.0\012- data
Size
8.5 kB (8488 bytes)
Hash
b405dddf4639fdf946fed00d4b91139c
5df4eb97753c51715b996fcec1dec7e55877404b
b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8488
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Oct 2023 22:21:21 GMT
expires: Sat, 26 Oct 2024 22:21:21 GMT
cache-control: public, max-age=31536000
age: 41926
last-modified: Tue, 16 Jul 2019 03:31:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2

216.58.207.227

200 OK

11 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10580, version 1.0\012- data
Size
11 kB (10580 bytes)
Hash
245d8f75ea8c5799e5de85a8a7bd4172
7f546a6c551e87bb224124789c11fdb2f6429479
2f96f4fd6fe569f64e044e0409274b2f2d79976497a9b275deb497dbbfc542b0

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Oct 2023 11:06:38 GMT
expires: Sat, 26 Oct 2024 11:06:38 GMT
cache-control: public, max-age=31536000
age: 82409
last-modified: Tue, 16 Jul 2019 03:31:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.99

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b6171b622e9f59a26be9ee77ccc24b9b
dc82a2156684a22eb055c9f4eeb80b8e87e776a1
5484ebbfd19a496e2eba8bd96f320bbe7bc6c8810e1d8d307bf48b34d0ace5f5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Oct 2023 10:00:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lr.bezoarschrysid.com/rYwzTSZUOMXA4Xx/40334

23.109.248.115

200 OK

20 B

URL GET HTTP/1.1
lr.bezoarschrysid.com/rYwzTSZUOMXA4Xx/40334
IP
23.109.248.115:443
ASN
#7979 SERVERS-COM

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectlr.bezoarschrysid.com
FingerprintAA:74:92:8E:74:AC:52:42:E8:8F:17:9F:F3:75:7A:BE:68:26:94:FA
ValidityThu, 21 Sep 2023 11:19:49 GMT - Wed, 20 Dec 2023 11:19:48 GMT

File type
gzip compressed data, from Unix\012- data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /rYwzTSZUOMXA4Xx/40334 HTTP/1.1
Host: lr.bezoarschrysid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Oct 2023 10:00:07 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mycima18.wecima.watch
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Sun, 29-Oct-2023 10:00:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 29-Oct-2023 10:00:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

mycima18.wecima.watch/wp-content/uploads/2022/01/%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D9%85%D9%86-%D8%A3%D9%86%D8%AA-%D8%A3%D9%8A%D9%87%D8%A7-%D8%A7%D9%84%D9%85%D9%82%D9%86%D8%B9-190x213.jpg

188.114.97.1

200 OK

13 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2022/01/%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D9%85%D9%86-%D8%A3%D9%86%D8%AA-%D8%A3%D9%8A%D9%87%D8%A7-%D8%A7%D9%84%D9%85%D9%82%D9%86%D8%B9-190x213.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 190x213, components 3\012- data
Size
13 kB (12711 bytes)
Hash
e7bf63a945e02ec5104652b19e5e9591
3a0d04bceee54e6a86345a800cdfb0dbbf81b8b0
e94795c7c33a70a41a75edc3c2c0ff9fa544cbc5fc60f3f43cc90b6a69e5dd16

HTTP Headers

GET /wp-content/uploads/2022/01/%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D9%85%D9%86-%D8%A3%D9%86%D8%AA-%D8%A3%D9%8A%D9%87%D8%A7-%D8%A7%D9%84%D9%85%D9%82%D9%86%D8%B9-190x213.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 12711
last-modified: Sun, 02 Jan 2022 21:31:46 GMT
etag: "61d219c2-31a7"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTSXxmlUxSsQ%2FDEMKTzKZ5r4YNHN0CqLgOdh9g4GpMTZx0V4Jo6%2FD6kqTv2YBPY3DyDsRX%2F2XKkRzTP%2BHlxlZ9OslGmQgiOu4A72BI7N%2FQ2pR%2Br9BSgEzhARCPfwWxm%2BqwEqJueSRiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d2547768c75696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2020/04/MV5BMDlmMjBjZTgtYzdmNS00OTFmLWI0YjktMTM0ZWJlOWFmN2UwXkEyXkFqcGdeQXVyNjM0MTMyNjc@._V1_UY1200842382472-175x230.jpg

188.114.97.1

200 OK

13 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2020/04/MV5BMDlmMjBjZTgtYzdmNS00OTFmLWI0YjktMTM0ZWJlOWFmN2UwXkEyXkFqcGdeQXVyNjM0MTMyNjc@._V1_UY1200842382472-175x230.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 175x230, components 3\012- data
Size
13 kB (13014 bytes)
Hash
a11439d7cb4dfa46224057206285d00a
f0d3e2571be0c78fdadfffeb56017a89706ddc98
b5e16494e8906f1685aa6d60c3fcd64a66bc8cb5ad5d43a2b6409b013ca999fa

HTTP Headers

GET /wp-content/uploads/2020/04/MV5BMDlmMjBjZTgtYzdmNS00OTFmLWI0YjktMTM0ZWJlOWFmN2UwXkEyXkFqcGdeQXVyNjM0MTMyNjc@._V1_UY1200842382472-175x230.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 13014
last-modified: Wed, 12 May 2021 23:03:10 GMT
etag: "609c5eae-32d6"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwEAvqMwoXPVnGOZJmTNjZZO9gsrz4kFwWUhBgFLCVboL%2Fjtqvqg%2FksJCnLttIg8cmVwRU6abmIQ%2Bm%2BDMlw5Y9PetZfX93TYidflz4Zqy7cM1QhDA4yJkOi51aX4WNAclVFovxtq3JM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d2547768c65696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2020/04/MV5BMjAzYzUwYmQtNDg5ZC00ZDk5LTgwNmUtOGQwYzMzZmVmYzBkXkEyXkFqcGdeQXVyMzkwMTMxNDQ@._V1_UY12001829870114-160x230.jpg

188.114.97.1

200 OK

11 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2020/04/MV5BMjAzYzUwYmQtNDg5ZC00ZDk5LTgwNmUtOGQwYzMzZmVmYzBkXkEyXkFqcGdeQXVyMzkwMTMxNDQ@._V1_UY12001829870114-160x230.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 160x230, components 3\012- data
Size
11 kB (10751 bytes)
Hash
5c10b9f12a3fece56f5d97af5bf98286
da7c67fa9b2d6d0bcbb97c0d292720cdd69a763e
cca27b22b031817832cffcf77e5fec71ed9994646bd66292c20bb40db0351953

HTTP Headers

GET /wp-content/uploads/2020/04/MV5BMjAzYzUwYmQtNDg5ZC00ZDk5LTgwNmUtOGQwYzMzZmVmYzBkXkEyXkFqcGdeQXVyMzkwMTMxNDQ@._V1_UY12001829870114-160x230.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 10751
last-modified: Wed, 12 May 2021 23:03:26 GMT
etag: "609c5ebe-29ff"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysL9gjdGpb%2BWtt8xHYGSwCa5drxuqNOqfuveNNWB0eoAqfMTdBvkDzxyQQcumfAm5SdFuAs87MVjV4VXcJQwN5nMK%2FlWW5k4yNkjDvWB5%2FalScp3QAVI%2BuWjN1v7eZndmUmtsCwdvjA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d2547768c95696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2019/07/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-Easy-Virtue-2008-%D9%85%D8%AA%D8%B1%D8%AC%D9%85-206x300.jpg

188.114.97.1

200 OK

11 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2019/07/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-Easy-Virtue-2008-%D9%85%D8%AA%D8%B1%D8%AC%D9%85-206x300.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 206x300, components 3\012- data
Size
11 kB (11025 bytes)
Hash
8d86325b59adebbd2d6ea02ea1c228e4
8c8dacdce14e73bbe790611e7c98a1d60557a1ff
d7e40a619c424f15076931e268394119f2dfc60d3235209b3204e46e62c542ec

HTTP Headers

GET /wp-content/uploads/2019/07/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-Easy-Virtue-2008-%D9%85%D8%AA%D8%B1%D8%AC%D9%85-206x300.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 11025
last-modified: Sat, 08 Feb 2020 22:49:23 GMT
etag: "5e3f3af3-2b11"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkWDv1AB6yLTKyrr15DSABRobq%2Bjr%2Fm9faOYMQCy2OsmRLSCJGRkQzczw0JKz1YaQWpEN2vtz09uV3k%2Btp7CynCdOYojoEQRPwqVMveXvo5MXfKhESqVn8SikesJTmuALq2vFrhghpg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d2547768ca5696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/02/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A8%D8%A7%D9%84%D8%B7%D9%88-2023-161x230.jpg

188.114.97.1

200 OK

10 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/02/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A8%D8%A7%D9%84%D8%B7%D9%88-2023-161x230.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 161x230, components 3\012- data
Size
10 kB (10126 bytes)
Hash
6040acacdb10e7e62d804fdd354adec4
78236fdc48577de04e806b3274a1e4e59ddb475d
a4c3b0133433ef1d7ecf6dcffb53cc3aced0ebcfe3d5ed09dfea06e6516e5679

HTTP Headers

GET /wp-content/uploads/2023/02/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A8%D8%A7%D9%84%D8%B7%D9%88-2023-161x230.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 10126
last-modified: Wed, 22 Feb 2023 09:41:35 GMT
etag: "63f5e34f-278e"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLCKx%2Fg3EZMPcTeeGchcXPA9PiEfoiRxXl7NNurNDseoz8D3CkvgZtIp5Qb1JaX6PphW%2FqR%2Bf5QwInS2CXeF7RMv5kdq3iW5Xj%2Ff7gKdyUilbQCDFt6RA9yyUwz3o0ll2D4GbUwwVZQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d2547778cb5696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/01/%D9%85%D8%B3%D9%84%D8%B3%D9%84-The-Last-of-Us-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%A7%D9%88%D9%84-156x230.jpg

188.114.97.1

200 OK

7.8 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/01/%D9%85%D8%B3%D9%84%D8%B3%D9%84-The-Last-of-Us-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%A7%D9%88%D9%84-156x230.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 156x230, components 3\012- data
Size
7.8 kB (7787 bytes)
Hash
99ab040939bffa5901fd39d871b18ff2
8a7cba6308bc1e5a44fc6531b72d0d47bcad1e7f
773e18cfee121c4a67741af4c977f3d594b316fe6b34866cd549efa565db1191

HTTP Headers

GET /wp-content/uploads/2023/01/%D9%85%D8%B3%D9%84%D8%B3%D9%84-The-Last-of-Us-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%A7%D9%88%D9%84-156x230.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 7787
last-modified: Sun, 15 Jan 2023 08:30:49 GMT
etag: "63c3b9b9-1e6b"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbMEpYFLtTBfHve4qdp9iv5HxGNlkfWSY457tcNJ%2FLwqPXkZkekGJVaYglMCMdWtzrqAOYVXYijGY5YjNcYZVZfJPVPjK%2FUTeBOIEx%2BBFeA%2FzxRUuN9xB%2FdGRjD%2FZ3ZGvfAUtJk2rr8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d2547778cd5696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2019/04/tt8578458--219x300.jpg

188.114.97.1

200 OK

9.2 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2019/04/tt8578458--219x300.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 219x300, components 3\012- data
Size
9.2 kB (9220 bytes)
Hash
d69100191535c930a3a5b1a54e8360f8
8819b5ee51635e7aa5d6e4c25edc041ea62b8fa4
924eb4af2c37369d59e228926a2d5e845aabe7790b01ee32e6055dd4a51bf46c

HTTP Headers

GET /wp-content/uploads/2019/04/tt8578458--219x300.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 9220
last-modified: Sat, 08 Feb 2020 23:05:21 GMT
etag: "5e3f3eb1-2404"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XOcHRhMsJxG7I0qimS48OufTPK%2FNIDAZCXYJz9xOPA5iuCXi3YRtmijpX91BCyf1ckxhfdRUuinjsNri1JgPaM7h9u1NQOgJBnj%2BCAIO5bDrdSkwlrq3WimyhxnH%2BbueRJrrfxQjkk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d2547778cf5696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2020/04/Rising-High-2020-190x120.jpg

188.114.97.1

200 OK

5.4 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2020/04/Rising-High-2020-190x120.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 190x120, components 3\012- data
Size
5.4 kB (5412 bytes)
Hash
20191a9c7596328ba7f743ca2f45c001
8563c49905de8c23eaf4814ded30d06fe34d3d2c
13fcba22591fb76da91f0cec2fafcf20c50c469c0b502534eff9b0ab091a9bfd

HTTP Headers

GET /wp-content/uploads/2020/04/Rising-High-2020-190x120.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 5412
last-modified: Wed, 12 May 2021 23:03:15 GMT
etag: "609c5eb3-1524"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpHsHI30Mm%2BrJYoRqE3C7ga4Zv8MWMD0jvjrtE0PNQ07O%2Bzjw2X368ZFzsiUx2kOqWjUMY1XS%2BHR9JQeOxCq7%2BZQPcZTVyTKChnpOpBp2bVALGrE%2FUbEThK4WE19N1zUHc3%2BjNKI91o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d2547778d05696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2019/04/5c4c495ed0ea4--236x300.jpg

188.114.97.1

200 OK

8.4 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2019/04/5c4c495ed0ea4--236x300.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 236x300, components 3\012- data
Size
8.4 kB (8371 bytes)
Hash
40e5620f1188ae4fe9f509719575f439
bc4a85a0477f5e4f90a40b9a8ffe551ca9fce1fe
45255efd526ecb5e7191005223e56c9eb36b7f3fc71b4af652a8cb049d1698d5

HTTP Headers

GET /wp-content/uploads/2019/04/5c4c495ed0ea4--236x300.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 8371
last-modified: Sat, 08 Feb 2020 23:26:45 GMT
etag: "5e3f43b5-20b3"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZP%2FO%2Fxu4ec6ft3hyhtyugf6tvI2oSrrGXZKPJT01GcOaZMFvGCzbM6tfSXbzdXBzN5gzPE9cIwknKtFTSkEBCptjf28R%2FfnixP4zadPtM9zt9z2qTNJLZloi4z%2FisTdZvqRd%2F1d8u4s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d2547778d35696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2021/03/My-Roommate-Is-a-Detective-s01-153x230.jpg

188.114.97.1

200 OK

12 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2021/03/My-Roommate-Is-a-Detective-s01-153x230.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 153x230, components 3\012- data
Size
12 kB (11466 bytes)
Hash
261c5288bf3f726b36594a19b1f76b37
897cec4a7f65e9bbe7ddd3a10bb9d93d0787435e
687d6a2ede1621351e02ce50d2842a94dca4b69d2b176e3f886677c11ade434a

HTTP Headers

GET /wp-content/uploads/2021/03/My-Roommate-Is-a-Detective-s01-153x230.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 11466
last-modified: Wed, 12 May 2021 23:00:48 GMT
etag: "609c5e20-2cca"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MF5ym4UpCm03hw6SS13OP4ykAwpdyjAiZk4TusW5Vu96aEhn3i98pE%2F0X%2FkGXvZMwTWbDC8ijB9nu%2F3ud%2B9%2FQeY0mCrDl4qSUPn7%2BtPn2xO1AUf4k41o%2BlN7TVZ639%2BYyGJi%2Bw7QYGQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d2547788e65696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/Killers-of-the-Flower-Moon-2023-347x520.jpg

188.114.97.1

200 OK

31 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/Killers-of-the-Flower-Moon-2023-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
31 kB (30589 bytes)
Hash
c26c99918b2afb5ebb8d898bbe9a312c
2393c1f97bd04829a530e6830fce69dc297916a5
d59bce8d39d9c8214228442afe82d25d711d7e031d2ae7b4834c49e15d32dcd0

HTTP Headers

GET /wp-content/uploads/2023/10/Killers-of-the-Flower-Moon-2023-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 30589
last-modified: Mon, 23 Oct 2023 13:20:45 GMT
etag: "6536732d-777d"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfIaICs7iAwmydz9oDluWkayP2Lh7Fn8um%2FdYp3dmArBUHxt8DpdR%2Fb3oxDQgdGLjSGLZ9hK%2Fz2ihY5v3v8NkstlQ1Wj3Iwd%2BqKer2a3hjupt9p%2BdIjfLcPbQwPu%2BFxwqnMULY81gE8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254794a1b5696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/%D8%A7%D8%A8%D9%86-%D8%A7%D9%84%D8%AD%D8%A7%D8%AC-%D8%A7%D8%AD%D9%85%D8%AF-351x520.jpg

188.114.97.1

200 OK

41 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/%D8%A7%D8%A8%D9%86-%D8%A7%D9%84%D8%AD%D8%A7%D8%AC-%D8%A7%D8%AD%D9%85%D8%AF-351x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 351x520, components 3\012- data
Size
41 kB (41444 bytes)
Hash
8e1a7ba40ebccf98607a52ed01099d59
11fa68dd7d574c0d4978a9edb04c9969280b3978
8c62e05eebc31d967e89266ef7cbc4c5a3df25ecb9c566dbc4b785e399ebf83f

HTTP Headers

GET /wp-content/uploads/2023/10/%D8%A7%D8%A8%D9%86-%D8%A7%D9%84%D8%AD%D8%A7%D8%AC-%D8%A7%D8%AD%D9%85%D8%AF-351x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 41444
last-modified: Thu, 19 Oct 2023 00:11:57 GMT
etag: "6530744d-a1e4"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70B4g%2BuRRwxYVNlKc%2F%2FGPUpgT%2B3N7so89phaJfAMPXnrvWHSvOwrwz8TwYqfAw0HCoxj81vKDNRg3ejV2DzJu89ziHBs5NvZrf8Er9NgGOCLIP53FDms7B%2FOfqZaRCucV4xcgn23fe4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254795a315696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/Jemputan-Ke-Neraka-2023-347x520.jpg

188.114.97.1

200 OK

43 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/Jemputan-Ke-Neraka-2023-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
43 kB (42630 bytes)
Hash
08481de7b5b10a028edcb2fdc077a028
b21201931ca085490d6361f35ae699770151f244
d36eef0da2168beb3bebefb2df8bea48e07767ffa28f809b6348d9e59b550b68

HTTP Headers

GET /wp-content/uploads/2023/10/Jemputan-Ke-Neraka-2023-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 42630
last-modified: Fri, 27 Oct 2023 02:15:55 GMT
etag: "653b1d5b-a686"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HDs%2B8FWJDf0AUel226giyEVNxCUteFKFZlg7V6Njzu89QiKfWEdghfirKnuJj14%2Fd1PhbDOAAkkKLh2v4bt3BsNKQcWzWNshrmbxZ8bKWcc1Ku4xX%2Bg2nujNeZEu2VfSnY2c7AC2Oc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d2547919f55696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/Alena-Anak-Ratu-Iblis-2023-347x520.jpg

188.114.97.1

200 OK

28 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/Alena-Anak-Ratu-Iblis-2023-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
28 kB (28156 bytes)
Hash
5e2f5cd626011da2f28d02d5db5065c5
af6f788ef249e692109e9f89f2da31d570d56993
65eb4906e85c60d40dafa7707db0efa4bc1befcf79ed14b2a01fcc567f9a61fe

HTTP Headers

GET /wp-content/uploads/2023/10/Alena-Anak-Ratu-Iblis-2023-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 28156
last-modified: Fri, 27 Oct 2023 02:10:22 GMT
etag: "653b1c0e-6dfc"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfWwaSoR0qkOI6d%2BipoTjQlyvkwFKW4UX7o74Ue%2FLtZI8%2FSZltjs5UCOzgaQrHORdNPGOBN8FQNHdahglNT6Hel4lnahSDFmwkeNGqez1BbeHrsBCfXAt1u60COgwo2dkLfotvhOLTU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254792a035696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/09/Ben-Bu-Cihana-Sigmazam-%D9%85%D9%88%D8%B3%D9%85-2-1-356x520.jpg

188.114.97.1

200 OK

28 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/09/Ben-Bu-Cihana-Sigmazam-%D9%85%D9%88%D8%B3%D9%85-2-1-356x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 356x520, components 3\012- data
Size
28 kB (28520 bytes)
Hash
8c783664506e085889015726884ce439
ee30db4ac496da8c42b097e779267299b98fa4f1
9bbf700cb2c48071b1483f061ee84d44b8468d5f5ac80565aae8b3e9fbef87dc

HTTP Headers

GET /wp-content/uploads/2023/09/Ben-Bu-Cihana-Sigmazam-%D9%85%D9%88%D8%B3%D9%85-2-1-356x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 28520
last-modified: Wed, 13 Sep 2023 19:02:51 GMT
etag: "6502075b-6f68"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qaF99vBzy9Bp4otcV1cTm7qxYb9mhxJ41rtwHAyNHW8gxPCWMHWctfW3gw46M1WBn3b6cqkg%2BeUWBH1taI2mCXjtyq9aNILulqsM3lB1FuCCwJX8pKw%2FbX%2BmVUOmKTxIZjUkRNrqx5Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254792a045696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/09/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%B9%D9%85%D8%B1-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-347x520.jpg

188.114.97.1

200 OK

39 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/09/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%B9%D9%85%D8%B1-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
39 kB (38697 bytes)
Hash
8982a81a6837550365dd7fcce562f470
e9e23e622e517a66dd1f8ac898f3893812263cdf
3bed454d902070596c062829364dc7e4bcc3347d62322777049c0ed0f73a7fa8

HTTP Headers

GET /wp-content/uploads/2023/09/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%B9%D9%85%D8%B1-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 38697
last-modified: Tue, 12 Sep 2023 15:32:21 GMT
etag: "65008485-9729"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iOJVsaWjs9xwLghM%2FAcAcfYdEawsSfTCl44gV0vqB5Luw0TVCT0m5nRhmDeW4c%2FKdy60ze8yDjIMKzj%2BnxtqBsdUbyOw4ZpAE%2BBOk6aC6%2FY7SofIK8dKij8pqTdUcviIiABEbkd%2FoY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254793a175696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/07/%D8%B9%D8%B1%D8%B6-WWE-Smackdown-370x414.jpg

188.114.97.1

200 OK

48 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/07/%D8%B9%D8%B1%D8%B6-WWE-Smackdown-370x414.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 370x414, components 3\012- data
Size
48 kB (48194 bytes)
Hash
b800b4948b12699b76badfef794aae05
8efd66955642284ae008176e94260872b98afad5
0bc12f1af00ed9158976888f720b187f4149428a5054f7d9e7b988c7f2646c41

HTTP Headers

GET /wp-content/uploads/2023/07/%D8%B9%D8%B1%D8%B6-WWE-Smackdown-370x414.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 48194
last-modified: Sat, 22 Jul 2023 06:59:36 GMT
etag: "64bb7e58-bc42"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1376
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbniVt9pBp6HLcJj%2BZLSYV0Ep6Jln2Wj5suQyRmh47bmgi6Q2GbZ1eCi0B1w0UrLn4OLtJAYgBa7cl%2F7TIWWUafgb1I%2Brv1TXoYfVMGa1GgSp3UWOx6uYbQzgJc%2BBVcAW7w87l%2BSwBA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254798a7e5696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/Mercy-Road-2023-347x520.jpg

188.114.97.1

200 OK

44 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/Mercy-Road-2023-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
44 kB (43906 bytes)
Hash
064c1262c6e9704832a4896aad3c590e
892ad6d078a455f68db9fa11ec847114e93a507a
669eb9b9abfeab970fb09b79b11aecefed4efbeed8499887b8d9150ed46c5276

HTTP Headers

GET /wp-content/uploads/2023/10/Mercy-Road-2023-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 43906
last-modified: Sat, 21 Oct 2023 12:33:11 GMT
etag: "6533c507-ab82"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFYJgDirR43UE4OjHGXWVvfxbPpcSBvy1XzyBvOFnskyqA3DezXwyQyjTYEjRHHK69V3jN5ejpZaHRUC2HnXhLEpQMxEjacltWB73LJgMcAhiEQ5fAQ5ztM%2BHoiaFTjUJPCOT3P%2B9wc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254795a245696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/Rahsia-2023-347x520.jpg

188.114.97.1

200 OK

34 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/Rahsia-2023-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
34 kB (33742 bytes)
Hash
d6df7d569120750f17be453c4be250aa
2cd2920da01e700e6e14652cc83b2de136eb1f21
04d33e4506d764d9ccf19226b4155c1685cfd355af0457fb9060f6540291c545

HTTP Headers

GET /wp-content/uploads/2023/10/Rahsia-2023-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 33742
last-modified: Wed, 18 Oct 2023 18:06:46 GMT
etag: "65301eb6-83ce"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vU68BJOPNhlD4jSgn6Gk7KHQOSVnrZEF21a%2FuD1sSiAJ27CM8UVKIorFzxU8qvybCZvyPfUsnCsXcwakkviSHFoOmQfqCpE9uGP5k1ggx5LRaYGQwc2nLn24AuMxm1RqEG%2FlWtS6NY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254796a355696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/08/%D9%85%D8%B3%D9%84%D8%B3%D9%84-Billions-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B3%D8%A7%D8%A8%D8%B9-347x520.jpg

188.114.97.1

200 OK

47 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/08/%D9%85%D8%B3%D9%84%D8%B3%D9%84-Billions-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B3%D8%A7%D8%A8%D8%B9-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
47 kB (46582 bytes)
Hash
9cc2884f862b74f03b39b8e024cfdfde
bb280b24e13649536f5c3788c838dc2b8fd85401
78e5a4818c72ee683a1680f0c24712170a549d2de4552e4c90ae679f7d913ad0

HTTP Headers

GET /wp-content/uploads/2023/08/%D9%85%D8%B3%D9%84%D8%B3%D9%84-Billions-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B3%D8%A7%D8%A8%D8%B9-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 46582
last-modified: Thu, 10 Aug 2023 23:27:49 GMT
etag: "64d57275-b5f6"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2871
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1IsuQG69nKOhOZYRLx1CkSINFrv6e5vAfr7941dmatMEuKrZ5%2FCH0xmTp5R9iz9GQ%2BssZghiiCYPlSOqOZMcm24YE662vn3uvA5xzbWCZFgpxANGa%2BevnKOP3J%2B51XrN%2FKsaRp21i0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d25479aa985696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/Virodh.jpg

188.114.97.1

200 OK

35 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/Virodh.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Size
35 kB (35146 bytes)
Hash
e20489a3af557eb936e0dbc0d725adbd
0d850364bf0708f34f4ef921d9c09ca3209d8799
370c96723eff55d090844243faba8317b04391d07bcdab64c97accf17e26863c

HTTP Headers

GET /wp-content/uploads/2023/10/Virodh.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 35146
last-modified: Fri, 27 Oct 2023 16:55:32 GMT
etag: "653beb84-894a"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1809
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RrvRJNKbAwLzcuSuwibX0SllvzzKXOzTo4R04PTQSHIkErXUn%2Biu34jh6LrnYjyrioGNV9kOMa9A97%2B24WxnH0e3TXCpYz5HaZ%2FomSM85Bxt6OnJjFENq%2FwKBKFT9IEqMMEjdAON8k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d25479aa995696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/Spirit-Doll-2023-347x520.jpg

188.114.97.1

200 OK

28 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/Spirit-Doll-2023-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
28 kB (28131 bytes)
Hash
7fe12992569eb92a6095fdb64acf81aa
3da080ffa4450e5201c1d86c81242b69df572809
7acf86d2599ced4e2113c2c3129b23bbc93a3238bfd42c4906c6603913acddad

HTTP Headers

GET /wp-content/uploads/2023/10/Spirit-Doll-2023-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 28131
last-modified: Wed, 18 Oct 2023 18:03:57 GMT
etag: "65301e0d-6de3"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgU5e9VR2cARohBHCYEihqXPgUdTyObRxx56FtLYfyxAxS%2Br4HfZ3ADjyIbWVTDN%2FaqooZwJ9EICcmehrTPy%2FQabHkI9HwoOY0gS%2B98POkb8WCXsfXU2QKdpI%2B8uwT0ZLSuY6K13cnY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254796a525696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/08/%D9%85%D8%B3%D9%84%D8%B3%D9%84-My-Dearest-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%A7%D9%88%D9%84-354x520.jpg

188.114.97.1

200 OK

22 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/08/%D9%85%D8%B3%D9%84%D8%B3%D9%84-My-Dearest-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%A7%D9%88%D9%84-354x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 354x520, components 3\012- data
Size
22 kB (21607 bytes)
Hash
8aa2f94d65469a5cbc129428bdb5304c
b72b1a3afb22adc32cb9e4b307a02a25712773e9
30acb97df5bdd4a219d0c7879e766453b3cfebe0a5526067a27ae3dcac5b407e

HTTP Headers

GET /wp-content/uploads/2023/08/%D9%85%D8%B3%D9%84%D8%B3%D9%84-My-Dearest-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%A7%D9%88%D9%84-354x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 21607
last-modified: Mon, 07 Aug 2023 11:08:52 GMT
etag: "64d0d0c4-5467"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QklHEycQ3TNwoJ3DbBhAtSaOMcOrAc%2BfUL0hULgxGMHSoZ8IdEdul8cIcyIbOPhxlvSHjWalcZrrR6%2B00dPnmnZOHjlxjc9Xp2C6csbm1jGV%2BKyQHP6yXlQXDFJ5NAsDfocn3HMreu8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d25479ba9f5696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23header/netflix.png

188.114.97.1

200 OK

3.5 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23header/netflix.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3533 bytes)
Hash
54110064037a44285faf10b2cbe55e87
b2677d46ed052bfda6eecbb61ee5539349f5603d
c5b633a4f58b811923c6d41cbe24939af6aebb02e6796169c1797f0eeb31bdd4

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23header/netflix.png HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/png
content-length: 3533
last-modified: Sun, 22 Aug 2021 16:56:59 GMT
etag: "612281db-dcd"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5164
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qX%2FEdQalt%2FlVLjteLTQ1ERyoNgUNYPfdTPQYLAIuvZv9dyYSCi%2Fg54Da7EiF43l6zPZCXdX33SKNdUmaB1eHDoAeXlKud6D8hzH%2B8lzaANGCXEly1KPgl5LWmuwPfX6HYWCJtl5EeHM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d25479baa35696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2022/12/%D8%B1%D8%AC%D9%84-%D8%A7%D9%84%D8%B9%D8%B5%D8%A7-347x520.jpg

188.114.97.1

200 OK

36 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2022/12/%D8%B1%D8%AC%D9%84-%D8%A7%D9%84%D8%B9%D8%B5%D8%A7-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
36 kB (36264 bytes)
Hash
933216ae031fcf0933aa70047992cd8a
9f65049ae327c30c6bcb8c757307055d813be59e
1c7d5ff60a6d23445f6eb52ea3b93d6e27a05a33b2bc2dc66a41ecc4f1d29649

HTTP Headers

GET /wp-content/uploads/2022/12/%D8%B1%D8%AC%D9%84-%D8%A7%D9%84%D8%B9%D8%B5%D8%A7-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 36264
last-modified: Thu, 01 Dec 2022 15:57:21 GMT
etag: "6388cee1-8da8"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0rn9ZPJv84ja49B1lyHUZNWYgrOHgCa55UAkjYpzN1%2FHLr0I53g3s0aYtapBZ4bNj9K%2BEh3vwM7blMOFRWWaK5n0X83YzrG3C39ihGru7yFEoNo1jSV6hgUKQx%2BfeNaf0%2FzY%2BQIpR4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254796a5b5696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D9%85%D9%88%D8%B3%D9%85-5-%D9%85%D8%AA%D8%B1%D8%AC%D9%85-346x520.jpg

188.114.97.1

200 OK

41 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D9%85%D9%88%D8%B3%D9%85-5-%D9%85%D8%AA%D8%B1%D8%AC%D9%85-346x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 346x520, components 3\012- data
Size
41 kB (41317 bytes)
Hash
8460ee1ca7561f8d685f6a8e21d33ac8
9b31446305757ea3c417d61a493bf47ffc4c13e6
72c171f7090aee222aa4aed13528a7fb22fb9c5ccad6d7a28658e7207233c9f8

HTTP Headers

GET /wp-content/uploads/2023/10/%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D9%85%D9%88%D8%B3%D9%85-5-%D9%85%D8%AA%D8%B1%D8%AC%D9%85-346x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/jpeg
content-length: 41317
last-modified: Wed, 04 Oct 2023 21:49:41 GMT
etag: "651dddf5-a165"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUdrbIoVoAFyAJBwz224hfixhdwxH5ZiSQuyV0jqk4SxFaO3H%2B%2FjDti4tuAlV8LTN4GWySM%2F9Vy4JDDz03VZMR8NC8mCtgHikjm2fIppZ7Oa5PrqmRYFDORPcjLKPUEKhM1%2BvUlpDzo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254797a785696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/%D8%A5%D8%AA%D9%86%D9%8A%D9%86-%D9%84%D9%84%D8%A5%D9%8A%D8%AC%D8%A7%D8%B1-370x463.png

188.114.97.1

200 OK

318 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/%D8%A5%D8%AA%D9%86%D9%8A%D9%86-%D9%84%D9%84%D8%A5%D9%8A%D8%AC%D8%A7%D8%B1-370x463.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
PNG image data, 370 x 463, 8-bit/color RGBA, non-interlaced\012- data
Size
318 kB (317920 bytes)
Hash
ca6b1181c47cbca0fac6ab96cceccd4a
c63705f575591cc76170b0801ecc19d81ce9e923
8984cf69986e5ad3b2da6bbf7c4b5624d9141603fd5525c819e9fd4f79bf3172

HTTP Headers

GET /wp-content/uploads/2023/10/%D8%A5%D8%AA%D9%86%D9%8A%D9%86-%D9%84%D9%84%D8%A5%D9%8A%D8%AC%D8%A7%D8%B1-370x463.png HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: image/png
content-length: 317920
last-modified: Wed, 04 Oct 2023 23:10:14 GMT
etag: "651df0d6-4d9e0"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avFirRcT39nmknxPvYpJu1IPb6wLi8IQ7%2F3t9Sxk1gi9EsgNoqv5PclzIISkxHr2cHEsyoIYK585vNOieI7F1xX7%2FbKj8yeVCVaWIBuF1dSNAIW7QCBJL5pl4pJyqc%2F79VPihTTIxcU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254797a7b5696-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c

142.250.74.168

200 OK

65 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint97:15:34:CA:DF:1A:DF:2E:7B:EF:E9:6E:44:21:30:2B:ED:13:54:AE
ValidityMon, 09 Oct 2023 08:03:58 GMT - Mon, 01 Jan 2024 08:03:57 GMT

File type
ASCII text, with very long lines (3026)
Size
65 kB (64695 bytes)
Hash
2198c8ba1f3df834430e57ae7cbf8612
af1360328da010acfb9cc6839a12fba73eef3882
e58bc04472f4909c8c6cdcb3192d627ee75f94a946bee341c3f1fa221f47474c

HTTP Headers

GET /gtag/js?id=UA-128370636-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Oct 2023 10:00:07 GMT
expires: Sat, 28 Oct 2023 10:00:07 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Oct 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64695
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mycima18.wecima.watch/wp-content/uploads/2023/10/%D8%B9%D9%86%D8%A8%D8%B1-351x520.jpg

188.114.97.1

200 OK

31 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/%D8%B9%D9%86%D8%A8%D8%B1-351x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 351x520, components 3\012- data
Size
31 kB (31027 bytes)
Hash
96cce6bc6bd524522b297bc10d3a0a04
3ced316567f6d0cc08f9484b4163061dadd8dcfc
9401447ef201759a5b0085aad1807cc978563fc72465e521c6c9a8ee1be2875c

HTTP Headers

GET /wp-content/uploads/2023/10/%D8%B9%D9%86%D8%A8%D8%B1-351x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:08 GMT
content-type: image/jpeg
content-length: 31027
last-modified: Wed, 11 Oct 2023 22:00:24 GMT
etag: "65271af8-7933"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44UHD5Kzrb3vY3CV91CFoG7NMFm%2F2Z7CUfuVP%2BGIFY4swDx99Ha95HIME%2BDQgO6cveqmRVjON2y7KdXaCDivJwfOiWLaj%2FbAZAK%2FnKi6KJ0qJzckrCemwIqJHh0X96iNhlIQJJytv3M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d25479baa05696-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/Masterpeace-347x520.jpg

188.114.97.1

200 OK

42 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/Masterpeace-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
42 kB (41902 bytes)
Hash
3cf8a844821407b2fb1e249c0acf94ff
4040d74750fab930e98154b07fd847de08fddb36
9bcc4ef167bdca2b47091f2cf9462cf86e11d4fed9a65deed181c2ff6c170be6

HTTP Headers

GET /wp-content/uploads/2023/10/Masterpeace-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:08 GMT
content-type: image/jpeg
content-length: 41902
last-modified: Fri, 27 Oct 2023 22:16:48 GMT
etag: "653c36d0-a3ae"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onuYrKjImz0YS4vB4HtbAc4T%2FPX3T5Lj4TZiPxrydnK5aQa6hZeXYzbDs3CslBf8Vwgf9HnVRb9BzbrJF9foPTbeMJD9k3znssmhA7ryssSc90SOmE59lrjNYSlRpHvMDaAZzXp3jZk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d25479baa15696-OSL
alt-svc: h3=":443"; ma=86400

mycima15.wecima.watch/profile/admin/

188.114.97.1

301 Moved Permanently

24 kB

URL User Request GET HTTP/3
mycima15.wecima.watch/profile/admin/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
data
Size
24 kB (23675 bytes)
Hash
026d751fedb2b7de20097d7d03dcc517
fa07cf683ee4b1b715f1db69447ba170c5454bc0
cbf18d56647cfbc61e3a350d195b025a8f65f4807ea1a6c383a686640ed94a10

HTTP Headers

GET /profile/admin/ HTTP/1.1
Host: mycima15.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Sat, 28 Oct 2023 10:00:06 GMT
content-type: text/html
location: https://mycima18.wecima.watch/profile/admin/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQLeWB%2Bv44vBGkmAk64uP1lKkYJdS0X8kRMiCBTCWzlT0TDQt%2BeDko2al5LLF7nXk2DZamU28DWEDvvnzxIPO8zSvHaqbgGYaL5KVjX%2FwhYzcQbtoEOxh8Owg%2Br6xOnUpB7XSkKuV74%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254715c575696-OSL
alt-svc: h3=":443"; ma=86400

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
38ca03d608887f3e3858150c4fada171
5f5e322f720c2bc6fddb119c7cc268c9eb081ca7
e4bf9930417d7df2da3db9f5ac8eac12380d58099ae940f7bc7d87c684ba0122

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 28 Oct 2023 10:00:08 GMT
Last-Modified: Sat, 28 Oct 2023 09:05:42 GMT
Server: ECAcc (ska/F7A3)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FnOnifYLxyj0R5AboXK67eP9KwiSGXwu3_WM0F2VQiIp9V81V3K_LQ==
Age: 3266

professionalswebcheck.com/stats

3.73.202.184

200 OK

40 B

URL GET HTTP/2
professionalswebcheck.com/stats
IP
3.73.202.184:443
ASN
#16509 AMAZON-02

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
dd2bfadadb6c9b452a05a3aa7b116708
5851f073bdd3275624dc38cfd7195c88834387ad
0078af3d85606dbf47f3c1ddafed2ee148ea3d416e1e220dec286821129375ad

HTTP Headers

GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mycima18.wecima.watch
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=6e9d8467-7c33-484f-9d0f-1d620a84fc41:3:1; expires=Tue, 25 Oct 2033 10:00:08 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

site-assets.fontawesome.com/releases/v6.0.0/css/all.css

104.18.40.68

200 OK

469 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/css/all.css
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
469 kB (468818 bytes)
Hash
dd423c1ec219cbac0fa2cb9d3af87353
6235b1259a261f2b7dde04da1686acfd21200e5b
5c7e3c736d20682ce46bcbe8bbf6ae320fe486d72678cabfdcf245d2c3ae7dc4

HTTP Headers

GET /releases/v6.0.0/css/all.css HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:08 GMT
content-type: text/css
x-amz-id-2: 337fVZ4ZdAKxyzLnKE2d+X71JOK4Oe9XxTBYW44KQJLUzI1Pgj+HvUUa7hlvsA8Uwn/cBkw1fX0=
x-amz-request-id: G4RKZP5PY830TVGW
last-modified: Mon, 07 Feb 2022 20:23:49 GMT
etag: W/"c8ccf9786058107114b343d52efb40bc"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 119574
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d2547a48430afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-regular-400.woff2

104.18.40.68

200 OK

358 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-regular-400.woff2
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 357732, version 768.256\012- data
Size
358 kB (357732 bytes)
Hash
aca950cc283a103f77e0001fb67043b7
bf0d2965fbc75a8a23ca081c7094a95535d46ca6
d2d786476ddb1827a07bc0ac83e78cee6d262a16092b6064c166091132f09b65

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:08 GMT
content-type: font/woff2
content-length: 357732
x-amz-id-2: D897C38fvQ6akHiQjxPcSfuCCl2AWtJBzIDeA0eCx7hCZ9TlnYD2/9T0xNla6WUCHnP59IgDZXYDX+pDAHt8yQ==
x-amz-request-id: 9FKEB2TJFKWGHD68
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "aca950cc283a103f77e0001fb67043b7"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 25943
accept-ranges: bytes
server: cloudflare
cf-ray: 81d2547d2ea35690-OSL
X-Firefox-Spdy: h2

inklinkor.com/tag.min.js

172.67.211.29

200 OK

28 kB

URL GET HTTP/2
inklinkor.com/tag.min.js
IP
172.67.211.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectinklinkor.com
Fingerprint5D:E8:2B:4E:1D:87:E7:D0:24:0C:11:4B:6D:AF:1B:8A:38:CB:A3:6E
ValidityMon, 23 Oct 2023 14:48:09 GMT - Sun, 21 Jan 2024 14:48:08 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
28 kB (27794 bytes)
Hash
dcdb74a84033cb062fac67d00d2131b9
de814a6a30d0a96261ace16dfe5c199140c575ca
0cc86e2557d9500456d230530757b5b333957497426d58f24f5af7d88d9ed066

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 4f07813acc0aec6f3199a33d05f77ce9
cache-control: max-age=86400
last-modified: Fri, 27 Oct 2023 10:30:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Sun, 29 Oct 2023 08:57:56 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 3731
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5vBDxuDtJtCJ03v9oKTWsyLQNo2bOaqRoIGGt0OVE1HNSfSLm%2FdswwqGC6VAJn01rZVOR5VDjxWLg%2Bsr4vOLyf2OkPAC7IoDlotOoOC6ktw81Per26vteKPl0xMnHuy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d25477eaba5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.162.2

200 OK

132 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
172.64.162.2:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
132 kB (131826 bytes)
Hash
2d0450888479d4ddda305bd96206b240
5b4595aab1cd3f854718e05db9be0c65a12ab2f6
44de073e74ff24c6b1c0fe1f3ac5b33d793560e85ef24fb6ce89e76c2cf90af6

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:08 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e416d8182803b33cedc79386700f7d15
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 28 Oct 2023 10:00:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cO0OQ3g7VZ6wV4bBlw2TA48qDUPtkqzRQnWo9fT6qqLdLApMGIkJqaspgUA1uGgUIdnvSOcYUP414Qe6DT%2Fudo3%2FswgXmqQyoPyVdR1inZ8gpaj1%2FPrDfjjP4hXMRzkC44JJHRY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d2547c1f3d60f7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

nutsmargaret.com/pixel/purst?dl=0&th=0&sc=0&rs=1693&rd=1693&fd=957&bv=23.10.v.29&tmpl=70

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
nutsmargaret.com/pixel/purst?dl=0&th=0&sc=0&rs=1693&rd=1693&fd=957&bv=23.10.v.29&tmpl=70
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectnutsmargaret.com
Fingerprint11:3F:CA:B1:C6:D7:00:98:5A:27:52:C9:43:06:8A:EA:06:32:CC:21
ValiditySat, 23 Sep 2023 00:43:09 GMT - Fri, 22 Dec 2023 00:43:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1693&rd=1693&fd=957&bv=23.10.v.29&tmpl=70 HTTP/1.1
Host: nutsmargaret.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 28 Oct 2023 10:00:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

my.rtmark.net/gid.js?userId=1f6792cdb425498abb0c0b91c12ec584

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=1f6792cdb425498abb0c0b91c12ec584
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
a38006de4e8eaf22e37b91551c3b7d72
0f0b103199078e229bca1ec6bd599b8eff7945ad
d7a5dc98fec4d9f0a43c9e9e64942f66522d4620bf29ce0f4ebe16df3f005487

HTTP Headers

GET /gid.js?userId=1f6792cdb425498abb0c0b91c12ec584 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 28 Oct 2023 10:00:08 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://mycima18.wecima.watch
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=1f6792cdb425498abb0c0b91c12ec584; expires=Sun, 27 Oct 2024 10:00:08 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

banquetunarmedgrater.com/advertisers.js

172.67.219.12

200 OK

0 B

URL GET HTTP/2
banquetunarmedgrater.com/advertisers.js
IP
172.67.219.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint77:2B:76:51:D0:51:70:02:2E:BF:B7:9B:02:8B:5A:A4:91:FA:0B:9E
ValidityMon, 11 Sep 2023 08:34:11 GMT - Sun, 10 Dec 2023 08:34:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:08 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: 4d2991218c48fc0b4c0d99b6c5673842
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 28 Oct 2023 10:00:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5sYHj9Zly9ME1T28jaJGuf1QRx8a%2BlcOcYtHkSsAiSE6gJOvYB58sseq62lEBOuqM%2BQ5TUCGtq4QROhsu5DULSoJXSz%2FuCQJdODo6g8pchUt7iREqXlicSVgaccwLebrRB5JdGK7w%2BYPmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d2547dd9a856b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cameesse.net/1?z=4967771

139.45.197.242

404 Not Found

7 B

URL GET HTTP/2
cameesse.net/1?z=4967771
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6
ValidityWed, 18 Oct 2023 10:27:53 GMT - Tue, 16 Jan 2024 10:27:52 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
3b66fb7a307f3ca29bd59b2f354055bd
d6ae6ccb37eb272d94d4a5191fa50372f4d06bba
de68e8f959bc131328db7581860711517d6ae1eb03aa047043dc7f826906e5a4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1?z=4967771 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: scm=1; OAID=3a94411aaf0449c8854dacdd69b290ec; oaidts=1698487208
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sat, 28 Oct 2023 10:00:08 GMT
content-type: text/plain; charset=utf-8
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 19b276da67175934e8a11fe0fe9a453a
access-control-expose-headers: X-Sc
X-Firefox-Spdy: h2

gishejuy.com/400/5097541

139.45.197.242

200 OK

44 kB

URL GET HTTP/2
gishejuy.com/400/5097541
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectgishejuy.com
Fingerprint99:91:AA:4E:BA:FC:75:A0:0A:79:EE:F6:15:64:FA:15:B2:BC:61:31
ValidityWed, 25 Oct 2023 09:21:45 GMT - Tue, 23 Jan 2024 09:21:44 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
44 kB (44302 bytes)
Hash
0f70d36bb5db396ae67838dd72169fa9
aa6923b63fffa99b309366e64861caaabd3e03d5
702abcaf9bf1cce4fc36d8e55de522f6f895757b505c411c5acda34892278527

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /400/5097541 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 28 Oct 2023 10:00:08 GMT
content-type: application/javascript
x-trace-id: beaabb528307e68a0902c6e98dd7b24b
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=3bc9f0c1623e4d478da4a5895a1fc502; expires=Sun, 27 Oct 2024 10:00:08 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

wecima.tube/wp-content/uploads/2023/02/wecima-favicon-1.png

188.114.97.1

301 Moved Permanently

155 B

URL GET HTTP/2
wecima.tube/wp-content/uploads/2023/02/wecima-favicon-1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint38:85:67:EA:CB:D5:AA:EA:AA:13:D8:8E:A0:F9:5E:3A:EC:0B:54:66
ValidityThu, 02 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
155 B (155 bytes)
Hash
42c394b8f0152b372537ace9acc3f7bb
1219c55c4e3ea109c473aab65deb81f09a0fe0a6
6aaad3365c30c4f8d2504e569527e588d33eeae66dd7045bcfeef7413820db2a

HTTP Headers

GET /wp-content/uploads/2023/02/wecima-favicon-1.png HTTP/1.1
Host: wecima.tube
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 28 Oct 2023 10:00:09 GMT
content-type: text/html
location: https://mycima18.wecima.watch/wp-content/uploads/2023/02/wecima-favicon-1.png
cache-control: max-age=31536000
cf-cache-status: HIT
age: 714
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3pQ1otTUX6kTh6mR5dshockNV5PVPSE3P7O6%2BVtd0C8tCZFpkEeYWzjWS%2F84%2FhVKK4EKQB%2BrVTMqSuhJuI0cSG8Z1Kh65m3c4DG1jRkrF3u6z%2B3c%2ByijQiYHIKOjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d25480c9efb4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cameesse.net/9?z=4807448&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmycima18.wecima.watch%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=1f6792cdb425498abb0c0b91c12ec584

139.45.197.242

200 OK

7 B

URL POST HTTP/2
cameesse.net/9?z=4807448&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmycima18.wecima.watch%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=1f6792cdb425498abb0c0b91c12ec584
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6
ValidityWed, 18 Oct 2023 10:27:53 GMT - Tue, 16 Jan 2024 10:27:52 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /9?z=4807448&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmycima18.wecima.watch%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=1f6792cdb425498abb0c0b91c12ec584 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 429
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: scm=1; OAID=3a94411aaf0449c8854dacdd69b290ec; oaidts=1698487208
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 28 Oct 2023 10:00:09 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://mycima18.wecima.watch
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 48e9e95b9b952b26d8a58e5494f66777
access-control-expose-headers: X-Sc
set-cookie: OAID=1f6792cdb425498abb0c0b91c12ec584; expires=Sun, 27 Oct 2024 10:00:09 GMT; secure; SameSite=None
oaidts=1698487208; expires=Sun, 27 Oct 2024 10:00:09 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

mycima18.wecima.watch/page/2/

188.114.97.1

200 OK

357 kB

URL GET HTTP/3
mycima18.wecima.watch/page/2/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (51164)
Size
357 kB (357309 bytes)
Hash
e12387dd0a9506baca37547fbf673b14
96249321ff6f8fdf7db5aa745e1953692e466125
1bdfa2da34e8b09a21ff35e10c0b10d911288b014c4e37626128e21aa7634be1

HTTP Headers

GET /page/2/ HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1; pp_main_5aab22948fc5f2edc2ca37dff2cd916f=1; pp_exp_5aab22948fc5f2edc2ca37dff2cd916f=1698490809492; dom3ic8zudi28v8lr6fgphwffqoz0j6c=6e9d8467-7c33-484f-9d0f-1d620a84fc41%3A3%3A1; prefetchAd_4796941=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:09 GMT
content-type: text/html; charset=utf-8
last-modified: Sat, 28 Oct 2023 09:39:29 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S44At020lh8Fxb13%2FQNPSQ4hfCJA%2BVPldDIRstuUsXRjky%2BtegpRAOd6a6FzL1rfu%2B%2Ba2IHG2Ikc9OrdyX1Ne7MeLEGZ1hMqNJRxCU2RwjM9gKJgfNsygPAL9I6Pv5x7PXBOeHH2UAw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d25481e9b35696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ocsp.sectigo.com/

104.18.38.233

471 B

URL
ocsp.sectigo.com/
IP
104.18.38.233:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6c02bf94763b496de027adf28b04c6d8
390fd6962fd36c85c96444368fccd33870f1c254
0a3e0a82a33637a137608e06e11219d73920787c82fd833f6dd14225fb1af1fa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 28 Oct 2023 10:00:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Oct 2023 15:49:38 GMT
Expires: Wed, 01 Nov 2023 15:49:37 GMT
Etag: "390fd6962fd36c85c96444368fccd33870f1c254"
Cache-Control: max-age=366169,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 81d2548308aab52d-OSL

cameesse.net/1?z=4807448

139.45.197.242

200 OK

157 kB

URL GET HTTP/2
cameesse.net/1?z=4807448
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6
ValidityWed, 18 Oct 2023 10:27:53 GMT - Tue, 16 Jan 2024 10:27:52 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
157 kB (156658 bytes)
Hash
d9a31f7a5feea3a764f0c24ead5d3fc2
9cf900fa1d2727576d3346a1729bb4e2509d89bb
a3a1c4ed11a5f5e0198e4d428879a7026fc282f87815e579a1b365330c56ef91

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1?z=4807448 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 28 Oct 2023 10:00:08 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 88a60e46aa86fda9867a70fd66ea3f92
access-control-expose-headers: X-Sc
x-sc: Srtflj6WgyzAmuuxyDAtzdZYDU0fGx7_X5STD3PsBDjBsWqs7dNWW6AsQgeyschRBixD4Uv4u7AeXlBgi86tb7kBtiY=
set-cookie: scm=1; expires=Sun, 27 Oct 2024 10:00:08 GMT; secure; SameSite=None
OAID=3a94411aaf0449c8854dacdd69b290ec; expires=Sun, 27 Oct 2024 10:00:08 GMT; secure; SameSite=None
oaidts=1698487208; expires=Sun, 27 Oct 2024 10:00:08 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=6e9d8467-7c33-484f-9d0f-1d620a84fc41&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=5aab22948fc5f2edc2ca37dff2cd916f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=6e9d8467-7c33-484f-9d0f-1d620a84fc41&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=5aab22948fc5f2edc2ca37dff2cd916f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintBE:8C:78:D1:BA:58:B8:88:10:09:32:1D:31:7A:D9:4A:09:BF:6C:7A
ValiditySat, 23 Sep 2023 07:33:12 GMT - Fri, 22 Dec 2023 07:33:11 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=6e9d8467-7c33-484f-9d0f-1d620a84fc41&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=5aab22948fc5f2edc2ca37dff2cd916f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 28 Oct 2023 10:00:10 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fa781cda70fd89ccb64633d0abf8a0f7
Strict-Transport-Security: max-age=0; includeSubdomains

alteredyacht.com/5a/ab/22/5aab22948fc5f2edc2ca37dff2cd916f.js

173.233.137.44

200 OK

60 kB

URL GET HTTP/1.1
alteredyacht.com/5a/ab/22/5aab22948fc5f2edc2ca37dff2cd916f.js
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectalteredyacht.com
Fingerprint19:5F:34:04:D0:B1:63:4D:D0:A6:04:B1:17:7A:5D:BC:5A:49:1F:12
ValiditySat, 21 Oct 2023 06:12:09 GMT - Fri, 19 Jan 2024 06:12:08 GMT

File type
ASCII text, with very long lines (60281), with no line terminators
Size
60 kB (60281 bytes)
Hash
f6096844f09ac08b823a15ee0dc2104e
78dcf4d41df2339bcd2eced62e3a8cb96b05283c
b4dde445711f239c3c6f956e56e84fd148408c2d2243a27a1bf96a1891903fb0

HTTP Headers

GET /5a/ab/22/5aab22948fc5f2edc2ca37dff2cd916f.js HTTP/1.1
Host: alteredyacht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 28 Oct 2023 10:00:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b80872c9b8dda56acea40d0b98a744d8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-solid-900.woff2

104.18.40.68

200 OK

304 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-solid-900.woff2
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 303544, version 768.256\012- data
Size
304 kB (303544 bytes)
Hash
78863e0f6e65fbe6175866e6d5b6f18a
8cda0fc2a701bd6dcfaa94261178fa78df1d15de
82877c6d33c5d786db4815f756437c3e853e08bf8c6c267fd246760d2a96d029

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:09 GMT
content-type: font/woff2
content-length: 303544
x-amz-id-2: UGQ6xSihhhcTLCiKRxRP8XCynEaXxy8BLCuCTEpnjMXLywu4ZpFA4LQNDXRu5e1XmTzwnsyxVTCweqOtpRYFzw==
x-amz-request-id: 9FK5PMR4E6M6HH88
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "78863e0f6e65fbe6175866e6d5b6f18a"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 38314
accept-ranges: bytes
server: cloudflare
cf-ray: 81d254828ad15690-OSL
X-Firefox-Spdy: h2

mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?1659366893&ver=6.2.2

188.114.97.1

200 OK

153 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?1659366893&ver=6.2.2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type

Size
153 kB (152752 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?1659366893&ver=6.2.2 HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 13 Feb 2023 19:31:57 GMT
etag: W/"63ea902d-254b0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1121
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atX%2Bi%2B1DhIFJRMzfFpi2qDbMrQYk79fXsubF7Zkwj%2FX4eNcQ3p93Sl9LJ7ktRqWAXJnuMN2uoemBWAEMmQyiaS84MpGUQ0%2F41qDkAMVjzxJR2inixdkoZ73a8oTqxo%2B5ZOHf8wF2Rvo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d25474aeab5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-includes/css/classic-themes.min.css?ver=6.2.2

188.114.97.1

200 OK

291 B

URL GET HTTP/3
mycima18.wecima.watch/wp-includes/css/classic-themes.min.css?ver=6.2.2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
ASCII text, with no line terminators
Size
291 B (291 bytes)
Hash
2485a0fab337da61deb41cc4aa994c1b
af1a1d4c6b7c287dc881dd4f46b6b547ac5a5353
7e0bdafc01d81aed845a69d0a32120145155f75aca4c603d8952de7ecc5c6410

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=6.2.2 HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: text/css
last-modified: Thu, 08 Jun 2023 18:55:51 GMT
etag: W/"64822437-123"
cache-control: max-age=14400
cf-cache-status: HIT
age: 813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0T1URhjDHU8XNP6XpkoeYNj4oU8AliP5EtXzIKzTZy0o9m3sn0wsMGUj9z2RAzKMmbPQ%2BR%2BRJDeUuVJ6DGh7Jo6zs2Cl3cwXcjiu9C5LDCL%2BUPPKdn7r3ftE2BOwN04bDaWkZOqEyQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d254749e9a5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.2.2

188.114.97.1

200 OK

95 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.2.2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
95 kB (95124 bytes)
Hash
fcdee094e98d38fe380e1b5aad9bf444
d0ea8bb98673c7daa2da3af292eeea39a4f7479a
ab97310577a6474ae4b0bd9bb8ef5267698bb9fa61127cb358d4512676d90488

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.2.2 HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 22 Aug 2021 16:57:00 GMT
etag: W/"612281dc-17394"
cache-control: max-age=14400
cf-cache-status: HIT
age: 812
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgj5elH0wUgkkW2bCFTIBzsi92SSdGreIksssNKKW1D2zzue%2B0wqxDi36aX1dOYOt%2FSOzoGbulEdakfB874EwtQHt0maqplumgMwNxBI3Z8qgxwfOHSxdEyY9jHt0E8ehKefG6CR2iQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d254749ea15696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mycima.mx/profile/admin/

104.21.1.124

301 Moved Permanently

351 kB

URL User Request GET HTTP/2
mycima.mx/profile/admin/
IP
104.21.1.124:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectmycima.mx
FingerprintD9:E7:4E:00:63:45:86:65:12:52:C7:31:7C:B5:58:AD:8D:E7:72:F5
ValidityTue, 24 Oct 2023 03:55:42 GMT - Mon, 22 Jan 2024 03:55:41 GMT

File type

Size
351 kB (350932 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /profile/admin/ HTTP/1.1
Host: mycima.mx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 28 Oct 2023 10:00:06 GMT
content-type: text/html
location: https://mycima14.wecima.watch/profile/admin/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jB16VjrXBtI4LYfj8Z%2FqcTcCnQPMZwWSgQ%2Bj%2FN%2BJE3xp44rtaGWvecnMJh8t8FOtzSpByTEM4Tscj11dR7wkv3lv0ES3j8vD%2B3nA7zWSX93VJxRMqYFWWw9JdGU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d2546ffdc75699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mycima14.wecima.watch/profile/admin/

188.114.97.1

301 Moved Permanently

351 kB

URL User Request GET HTTP/2
mycima14.wecima.watch/profile/admin/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type

Size
351 kB (350932 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /profile/admin/ HTTP/1.1
Host: mycima14.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 28 Oct 2023 10:00:06 GMT
location: https://mycima15.wecima.watch/profile/admin/
cache-control: max-age=3600
expires: Sat, 28 Oct 2023 11:00:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RGNL1U1HSjalTo8ySRWpzIVM2cCTiBIMfxsqn7Z5jXiPbLz%2B4qCmN5ZYuwjB0LAYzUa4PzrFguBrPawIYUCdyRwKTzow6bkVb4Wx9YJm8xLo0%2BrVOi4lZVY19lTdrCid17fEzZRXNQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d254709b83569d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mycima18.wecima.watch/

188.114.97.1

200 OK

351 kB

URL User Request GET HTTP/3
mycima18.wecima.watch/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type

Size
351 kB (350932 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:06 GMT
content-type: text/html; charset=utf-8
last-modified: Sat, 28 Oct 2023 09:38:53 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHBMEj1PLo%2BUBCPx4JYtaQnsAH5OBqyDWqgnaoKBps7v7J%2FZ6kIlHEJIgymACyJo20mdl%2BOvYrTEUgzl8Cn4fMPOsnhymzmr5iKPupqGWHG9X%2B4EUiQbZmmZ2GCa%2FxcKSeJmkx1LiaM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254721cc95696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/AjaxCenter/RightBar/

188.114.97.1

200 OK

87 kB

URL GET HTTP/3
mycima18.wecima.watch/AjaxCenter/RightBar/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JSON data\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
87 kB (86672 bytes)
Hash
ef8dbce000adc143e2c3ac9e936e5e52
2e0cc488722bc0d47b79c71a80e89ddd6b53e698
cc27ad7e00afdeac1dd29768484881275dbe1a6c7863ff54d22eef18039def4f

HTTP Headers

GET /AjaxCenter/RightBar/ HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1; pp_main_5aab22948fc5f2edc2ca37dff2cd916f=1; pp_exp_5aab22948fc5f2edc2ca37dff2cd916f=1698490809492; dom3ic8zudi28v8lr6fgphwffqoz0j6c=6e9d8467-7c33-484f-9d0f-1d620a84fc41%3A3%3A1; prefetchAd_4796941=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:09 GMT
content-type: application/json
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sZuxFdjboFe8GiYUa3ZJ1racLGQopRul8X%2BmR4KfK17%2F4WtOuyCIKjDmamzvFd%2BvBorHyqWdIBVQ83RlEIuLtCvFpwzZyAzOSYNsExnYJCyEfkbTYWvoIDNT4QdVeuWuqcfxfqxQSQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d25481a9895696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cameesse.net/27/1a35f96fe99c6fb6ce26f56167ed6e04

139.45.197.242

200 OK

412 kB

URL GET HTTP/2
cameesse.net/27/1a35f96fe99c6fb6ce26f56167ed6e04
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6
ValidityWed, 18 Oct 2023 10:27:53 GMT - Tue, 16 Jan 2024 10:27:52 GMT

File type
ASCII text, with very long lines (65523)
Size
412 kB (412537 bytes)
Hash
e3d10345a5e4f16d7842e70768393edd
96f2cc5910d6179f94a71eb9710d24504bb4b5c8
105cdd8ee1488423586ad4e289970eafc093376355ecc88bfc3eaed4ea3f2432

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /27/1a35f96fe99c6fb6ce26f56167ed6e04 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: scm=1; OAID=3a94411aaf0449c8854dacdd69b290ec; oaidts=1698487208
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 28 Oct 2023 10:00:08 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 033af7d5f97ce40b4ac8b0256314b770
cache-control: max-age:290304000, public
last-modified: Thu, 19 Oct 2023 07:17:48 GMT
expires: Thu, 18 Nov 2083 07:17:48 GMT
access-control-expose-headers: X-Sc
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
6949f52318584a4b51c719a9b84a7287
9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905
72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1349
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 28 Oct 2023 10:00:14 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://mycima18.wecima.watch
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

mycima18.wecima.watch/insights.php

188.114.97.1

200 OK

35 B

URL POST HTTP/3
mycima18.wecima.watch/insights.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
35 B (35 bytes)
Hash
6b652cac01878c3fd56eb6144f8ec758
2fb0dbad10a7c55b807ebc198e20ed61e8e1569f
95eff1092198a47f11a7261d5419945c9b7745f457589fc3c9f1cbac4cd5fe95

HTTP Headers

POST /insights.php HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 12
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: application/json
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jz7e%2FB1vAFq3JtnN0AvLOA4U34qnm0s9OTineMo37DpRrNPbkBC05W%2F4laI9bQXDdPop%2FOOx7JpvwwajYBWuM8KNpmG7WqYhoHGzARe30Qqyd%2F2WEuAUG7DWHHQappA32u5MJrjLIfY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d2547688095696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

groorsoa.net/?rb=z6qOATXDA_XuZjufNgHXWjUB9h486XeHB8cp0K46WFgWJ-LBQW45ApKX4C_2Faq50-9QZdJ9k1_Ec9H-6SPEjZERuGbumzycpUNf5Q-Ax8bxdpDA9vwC9HvDUu7sikhiIWgvIvZQcTJlQ_SxgKqGNbZbMoTv6SyShdhFMBRF6P_0aTYIKdAxduYxJ6G6x6Eu_u91Ij9Cvd3X5mwFcxEsCwmLJTW8zZcwB6nDsg%3D%3D&request_ab2=0&zoneid=4796941&js_build=iclick-v1.615.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fmycima18.wecima.watch%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.615.0&bs=9886118a-9cd5-446d-a7a4-224c466eb826&userId=1f6792cdb425498abb0c0b91c12ec584&m=link

139.45.197.245

200 OK

1.7 kB

URL GET HTTP/2
groorsoa.net/?rb=z6qOATXDA_XuZjufNgHXWjUB9h486XeHB8cp0K46WFgWJ-LBQW45ApKX4C_2Faq50-9QZdJ9k1_Ec9H-6SPEjZERuGbumzycpUNf5Q-Ax8bxdpDA9vwC9HvDUu7sikhiIWgvIvZQcTJlQ_SxgKqGNbZbMoTv6SyShdhFMBRF6P_0aTYIKdAxduYxJ6G6x6Eu_u91Ij9Cvd3X5mwFcxEsCwmLJTW8zZcwB6nDsg%3D%3D&request_ab2=0&zoneid=4796941&js_build=iclick-v1.615.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fmycima18.wecima.watch%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.615.0&bs=9886118a-9cd5-446d-a7a4-224c466eb826&userId=1f6792cdb425498abb0c0b91c12ec584&m=link
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectgroorsoa.net
FingerprintD7:6E:83:AB:7A:9A:E5:7C:B8:7B:8D:12:E4:FD:B6:E5:71:49:D0:F8
ValidityMon, 23 Oct 2023 16:34:15 GMT - Sun, 21 Jan 2024 16:34:14 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1706), with no line terminators
Size
1.7 kB (1686 bytes)
Hash
4076b1f4863f5eb4c31075a5f4c1173b
a503dad8da17ad0c64eb31b3aba16b8d30c7099d
a72679b91c7ae8f2ded06f6f688ca78fbd6ad0725054f1c61d1d5c052953154b

HTTP Headers

GET /?rb=z6qOATXDA_XuZjufNgHXWjUB9h486XeHB8cp0K46WFgWJ-LBQW45ApKX4C_2Faq50-9QZdJ9k1_Ec9H-6SPEjZERuGbumzycpUNf5Q-Ax8bxdpDA9vwC9HvDUu7sikhiIWgvIvZQcTJlQ_SxgKqGNbZbMoTv6SyShdhFMBRF6P_0aTYIKdAxduYxJ6G6x6Eu_u91Ij9Cvd3X5mwFcxEsCwmLJTW8zZcwB6nDsg%3D%3D&request_ab2=0&zoneid=4796941&js_build=iclick-v1.615.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fmycima18.wecima.watch%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.615.0&bs=9886118a-9cd5-446d-a7a4-224c466eb826&userId=1f6792cdb425498abb0c0b91c12ec584&m=link HTTP/1.1
Host: groorsoa.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycima18.wecima.watch/
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Cookie: OAID=1f6792cdb425498abb0c0b91c12ec584; oaidts=1698487208
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 28 Oct 2023 10:00:08 GMT
content-type: application/json
x-trace-id: cdf02a9def0427e6b6ab68b1663a3b53
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://mycima18.wecima.watch
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=1f6792cdb425498abb0c0b91c12ec584; expires=Sun, 27 Oct 2024 10:00:08 GMT; path=/; secure; SameSite=None
oaidts=1698487208; expires=Sun, 27 Oct 2024 10:00:08 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 04 Nov 2023 10:00:08 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-brands-400.woff2

104.18.40.68

200 OK

105 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-brands-400.woff2
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 104740, version 768.256\012- data
Size
105 kB (104740 bytes)
Hash
27ed7b486bfe3163c0d312b6d2aa9069
97cb3773774b591841557c859b0f1b4b1b1cde09
fb347c28258cfeeb9b0904c469d8049fcb2ad4d1bb5e4c9601e0edda3b76bb69

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:08 GMT
content-type: font/woff2
content-length: 104740
x-amz-id-2: c/aTa4YryYy+s55A5OWmh1xMPgsglmJpvYUbER/C9EYF5K3aJLZLOHnFb1dmMMWfontemfiSramaUGjeFKL5cQ==
x-amz-request-id: 9FK1N4E1WSV6BC9C
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "27ed7b486bfe3163c0d312b6d2aa9069"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 38313
accept-ranges: bytes
server: cloudflare
cf-ray: 81d2547d2ea75690-OSL
X-Firefox-Spdy: h2

mycima18.wecima.watch/wp-content/uploads/2023/02/wecima-favicon-1.png

188.114.97.1

200 OK

5.5 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/02/wecima-favicon-1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
PNG image data, 271 x 211, 8-bit/color RGBA, non-interlaced\012- data
Size
5.5 kB (5499 bytes)
Hash
de6cab0eb34528ddc75c0bba91468367
805566b4421a52ccbc7ddea87282ce4df241f64e
ab33b59200764ca718a5f977d0eccf57c27d02560c59ba3a9b12af1819b1f7fa

HTTP Headers

GET /wp-content/uploads/2023/02/wecima-favicon-1.png HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycima18.wecima.watch/
DNT: 1
Connection: keep-alive
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487208.1.0.1698487208.0.0.0; _ga=GA1.1.1634591054.1698487209; prefetchAd_4796941=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:09 GMT
content-type: image/png
content-length: 5499
last-modified: Mon, 13 Feb 2023 20:21:20 GMT
etag: "63ea9bc0-157b"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 426
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcx3s6D9mPY8o6TEfTCtljGtsVZvx8IokYU2droan87GWbcjmggxVwI8tpd5MqTr5bsT%2FWDSfquS3olX8gwYEyB4NLFaESZqYFMUsVK2UqVhjdmRlZQRPvHrktk1Am%2FX79MbZQ8mnaQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d25481392f5696-OSL
alt-svc: h3=":443"; ma=86400

tzegilo.com/stattag.js

104.21.11.245

200 OK

19 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
104.21.11.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint52:B8:ED:73:BB:55:6F:9C:F8:97:7C:04:34:2B:AD:DB:55:0A:C9:6A
ValidityThu, 05 Oct 2023 17:59:18 GMT - Wed, 03 Jan 2024 17:59:17 GMT

File type
ASCII text, with very long lines (18369)
Size
19 kB (19019 bytes)
Hash
89e89aea544ea2785d49cc4cd9cf26f6
7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:09 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
etag: W/"64f987a8-4a4b"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STpmv6vDXW%2Bq7xRDPJLzrnFb8I989uhq7a%2BHkYrjvLF87RxlV9cTr88geDfz2MbwQxIYIhj6N%2F67f6GjTL%2BYk49BcZdCmYVYLY27I9ln%2FvxyLI7PAmmWwf8dzlqYGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d25480c9955693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.2.2

188.114.97.1

200 OK

88 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.2.2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
88 kB (88059 bytes)
Hash
b4999cbb6a73a9b312f635cff75e5a53
c7b683fc72d06eac129185c3e60362f5c1adc2a8
736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.2.2 HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 22 Aug 2021 16:57:00 GMT
etag: W/"612281dc-157fb"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZKP3shJN49W83aZXZ5MnaEDa88xMjdhg9CEhyRUO33EHU8bshAUOP5zhVF5UsXALMcuIseSBFLboFvJfNjvtiiN4m9fUSUGCHw%2F7dVF33Jw%2B%2FHOVkJbaQDamZFBAIkoy0azpfIEWx4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d254749e9e5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

groorsoa.net/5/4796941/?oo=1&js_build=iclick-v1.615.0

139.45.197.245

200 OK

2.8 kB

URL GET HTTP/2
groorsoa.net/5/4796941/?oo=1&js_build=iclick-v1.615.0
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectgroorsoa.net
FingerprintD7:6E:83:AB:7A:9A:E5:7C:B8:7B:8D:12:E4:FD:B6:E5:71:49:D0:F8
ValidityMon, 23 Oct 2023 16:34:15 GMT - Sun, 21 Jan 2024 16:34:14 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3070), with no line terminators
Size
2.8 kB (2830 bytes)
Hash
1487286c5dd7dd4326ee729afbd42617
8a6925d251f394409f096917c60551069b24f0b0
da457566e7bcbeb52058d53db846189ddbf2764cced3eda3378e9f735ae42168

HTTP Headers

GET /5/4796941/?oo=1&js_build=iclick-v1.615.0 HTTP/1.1
Host: groorsoa.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 28 Oct 2023 10:00:08 GMT
content-type: application/json
x-trace-id: f97b502428a147b06b2c209cfbaadfc3
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://mycima18.wecima.watch
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=1f6792cdb425498abb0c0b91c12ec584; expires=Sun, 27 Oct 2024 10:00:08 GMT; path=/; secure; SameSite=None
oaidts=1698487208; expires=Sun, 27 Oct 2024 10:00:08 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-light-300.woff2

104.18.40.68

200 OK

392 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-light-300.woff2
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 392136, version 768.256\012- data
Size
392 kB (392136 bytes)
Hash
2cb9262f4870f225de120af23500828a
0330732496c970248a96c6df732b4b6e8407246f
d9c0c73c3e6a75d59ff20ce5e1d4bdec5ee8c6f2724ff0deb6cddb8f7f207dbe

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-light-300.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:08 GMT
content-type: font/woff2
content-length: 392136
x-amz-id-2: DpcG0HPBOIEQ5aI844Ay2iRxnq48H5XaLxRL3O4duG05qEkh3BeTNVAtB31kd/FR1BubmMpZ5yg=
x-amz-request-id: 9FK3PVV9VKEVCJ2H
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "2cb9262f4870f225de120af23500828a"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 38313
accept-ranges: bytes
server: cloudflare
cf-ray: 81d2547cae545690-OSL
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN