Report - ciimawbas.mycima.cc/watch.php?vid=34051d987

Report Overview

Visited public
2024-10-19 22:59:25
Tags
URL
ciimawbas.mycima.cc/watch.php?vid=34051d987
Finishing URL
ciimawbas.mycima.cc/watch.php?vid=34051d987
IP / ASN
104.26.1.218
#13335 CLOUDFLARENET
Title
مسلسل The Vampire Diaries الموسم الاول الحلقة 9 التاسعة مترجم

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ciimawbas.mycima.cc	unknown	2022-06-21	2024-10-16	2024-10-16	30 kB	1.4 MB	104.26.0.218
i.ibb.co	13485	2010-07-20	2018-11-25	2024-10-16	401 B	5.5 kB	162.19.58.158
exptlgooney.com	unknown	2024-08-05	2024-10-16	2024-10-16	366 B	1.2 kB	23.109.170.82
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-10-16	488 B	32 kB	216.58.207.227
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-10-16	463 B	88 kB	104.16.79.73
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-10-16	432 B	748 B	139.45.195.8
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-10-16	391 B	226 kB	142.250.74.168
netdna.bootstrapcdn.com	3413	2012-05-25	2012-09-07	2024-10-16	1.4 kB	139 kB	104.18.11.207
augailou.com	unknown	2022-12-12	2022-12-12	2024-10-16	2.6 kB	42 kB	139.45.197.243
goomaphy.com	unknown	2022-07-21	2022-07-22	2024-10-16	885 B	96 kB	139.45.197.239
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-10-16	398 B	97 kB	216.58.207.202
code.jquery.com	634	2005-12-10	2012-05-21	2024-10-16	384 B	7.8 kB	151.101.2.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-19	medium	exptlgooney.com	Sinkholed
2024-10-19	medium	augailou.com	Sinkholed
2024-10-19	medium	goomaphy.com	Sinkholed
2024-10-19	medium	goomaphy.com	Sinkholed
2024-10-19	medium	augailou.com	Sinkholed
2024-10-19	medium	augailou.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (78)

	URL	From	Size	First Seen	Last Seen
	unknown	EventHandler	76 B	2023-09-16	2025-04-11
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-09-16 20:44 Last Seen2025-04-11 21:47 Times Seen52 Hash d08ec3727b4fad85077224f00f1f67f2 bead26a017f0f1b72546b9e79dd6d4d4a3892406 8f4e1969f21beb69afc68014bd65c79ceb036ec71ab474e6b3e635a431447a06 Loading...

	unknown	ScriptElement	478 B	2023-03-07	2025-05-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12 Last Seen2025-05-27 09:08 Times Seen98 Hash b6ec630beba5aa234f361049d0162851 40852e09b7e6202ef51b85ecf775694b703442d7 79fdb7c25e266e76ee0ff619f2487f81f0b97bed193c569362bdd39d5dc6c859 Loading...

	unknown	ScriptElement	291 B	2023-03-07	2025-05-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-05-27 09:08 Times Seen158 Hash 0b5c6ecfd31b214438c017f7840cab7d 5b0d464bbab33735e654f6d0b47dd2bcd47f8e5c e0d679f66eea8fae589016f89ff238618cabb4b802add68fcbf4d70498356ea1 Loading...

	unknown	EventHandler	174 B	2023-09-16	2025-04-11
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-09-16 20:44 Last Seen2025-04-11 21:47 Times Seen57 Hash cef9ef08881204e3ef62e82e0e24b74f 343dfaece2635476c07686eb438332a7508b467c f77345c42a5fdb2974f4d8b34c5411ede828d59d9f7ed6c54a61b225956e4d5e Loading...

	unknown	EventHandler	86 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 69c9e35299193647dbcebc4ceaa8b67c 4a0ecee63caf2b1ef7c5caf8749360a53e8380c7 99a233b450209ffb495d90642aa05b3e5324baa65e58b43b366ce5423d4c95d0 Loading...

	unknown	EventHandler	89 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 3511573e3a56717ddac3e4ae76169ae8 232a78eeb70f47984b7c8ff314f1d15808643519 7280c0290789c51548c575223c6e2e8481284ed9fce3cf697c31de18d30bca25 Loading...

	unknown	EventHandler	175 B	2023-05-22	2025-04-11
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-05-22 10:21 Last Seen2025-04-11 21:47 Times Seen55 Hash 73335bc9af4db078d91fabf3d09afd60 f8f429e1321d743a9960c23068293da3e4d59d49 8304f9320cab62e4e35bf1ba5a8aa0ea09aff50f633a7751f0572659018a36aa Loading...

	unknown	EventHandler	76 B	2023-09-16	2025-04-11
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-09-16 20:44 Last Seen2025-04-11 21:47 Times Seen52 Hash cb81e9dff459971b1ebf4ed31ed0ec2f 4652b085b2313799c8de7ccd921ac955cb9604fe fb8ee02baa99e01a2c06333a657a8c1eee8b5b7f93ff2e07f55d6eb847b50486 Loading...

	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-05-27
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-07 09:21 Last Seen2025-05-27 19:47 Times Seen52585 Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Loading...

	ciimawbas.mycima.cc/templates/echo/js/theme.js	ScriptElement	44 kB	2023-03-10	2024-10-19
Pretty URL ciimawbas.mycima.cc/templates/echo/js/theme.js IP 104.26.0.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:55 Last Seen2024-10-19 22:59 Times Seen33 Hash ec936f32dd9f5e2c8e3881703aa1ee95 48efb6cdbb051954b9265273247ea6675ddc15cb 35ff635a9e7b42762a78b36632593544829e2573d6ee8045aa14d01a7622b0fb Loading...

	unknown	ScriptElement	5.3 kB	2023-03-07	2025-05-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01 Last Seen2025-05-22 03:32 Times Seen159 Hash 5d0f0b5b79e9f10c796e8a416e57dd2d acca3a159098bbc8a6313d6f496cfeef362c3171 452c276bbd878d6970a8f3a2b5ebea89fcc866c5aa58e5e56afcdc9c53c2b78f Loading...

	unknown	EventHandler	188 B	2024-10-19	2025-03-05
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2025-03-05 22:46 Times Seen4 Hash 4268906900ee4582dfec3052d947f70b d10c14afaeed176c4771513646325788b41d1449 db34197cc9e98235b58e79672430d96b821a67e0b7b44cdc2771a89f5bcc64c4 Loading...

	unknown	EventHandler	89 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 5649a1fc580bae37cf27e584a4133ce3 6f615d12b50b134c96753b923c51c494a35f50bd 1ebffee1d088650f6e426cef91de38e06a9bad422865c19bce9e76afce7d0d70 Loading...

	unknown	EventHandler	86 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash c1d1ba475c72caeda69d8f2b799ad35c d03a7c20b5417a9551b5912ef78136bcf3ac24a3 f0e4408f8813c0113dd043cdec834ea530e7d332e207e71d4996fcae2cd47d19 Loading...

	unknown	ScriptElement	1.8 kB	2023-03-07	2025-04-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01 Last Seen2025-04-11 21:47 Times Seen133 Hash 7bc2250f798e8dd30269772ee8cf4599 3fb3ed5ea1a5c052fa3c26e45d4abd3e722b9700 cda4eff9500a8b16f33a54c6cd1ce7d2ec3bf66cecddb63d9c736078916c5035 Loading...

	unknown	EventHandler	86 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash b33ffd0f057f57a0600eb49b66a1f7b3 bb15664b6a291ef0a48c93c8dbad86270a49aa9e d1b0bb99631d7faf4cb511f2921407e4bff41cb6b988e7361329c1f62acf09c6 Loading...

	unknown	ScriptElement	1.8 kB	2023-04-07	2025-05-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-07 18:47 Last Seen2025-05-22 03:32 Times Seen70 Hash f48799c490867e10bf3fff06b38a3657 06d3e0bf82b5259b96e54c501ca2fb9b1f503ebf 5936461d2e0d0feabaae55dda4e14f6e68fe759a2a8ef4350b5de96be8a111ac Loading...

	unknown	ScriptElement	176 B	2023-08-25	2024-10-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 21:17 Last Seen2024-10-23 22:55 Times Seen79 Hash a604d1494e55df24ad7c62a30cc0f058 baec845d909270888dbcde8945d9ed24c8b53fba 5ed57bccec3ae6d6233648e109470a51ab1afb262a3daf1d177aaf86b8a86b19 Loading...

	ciimawbas.mycima.cc/js/jquery.typewatch.js	ScriptElement	1.4 kB	2023-03-07	2024-10-23
Pretty URL ciimawbas.mycima.cc/js/jquery.typewatch.js IP 104.26.0.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01 Last Seen2024-10-23 22:55 Times Seen93 Hash 127426292630387dbe0c8b903229a7d3 fe62c30bb3a0e02f549ee6323d55bfac5cf32239 04fd6ef5911c31cc109fa5cc24010a975df2fae28d156ccbfc849b7e844c11c8 Loading...

	ciimawbas.mycima.cc/templates/echo/js/melody.dev.js	ScriptElement	5.5 kB	2023-03-07	2024-10-23
Pretty URL ciimawbas.mycima.cc/templates/echo/js/melody.dev.js IP 104.26.0.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01 Last Seen2024-10-23 22:55 Times Seen90 Hash 0465c9d8d0bd0da2a8a2a7a8945fb9fb 1cc25de2074cacb7cfb51e925be19510d8fefdfc c112a7633fcc9bf504030e0b6ac650aba21ed1198a5db17d74ddfd38ab3e248d Loading...

	ciimawbas.mycima.cc/watch.php?vid=34051d987	ScriptElement	921 B	2024-10-19	2024-10-19
Pretty URL ciimawbas.mycima.cc/watch.php?vid=34051d987 IP 104.26.0.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 61fa4ca299cfc67e351ad2d99b21eac8 ab734b12edbadaad1f0580fa409f3387eb9db807 37ea32603604dea2081ad0b03575331abda63b7bb330fdaf5a3d8839d73be8f5 Loading...

	unknown	EventHandler	89 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash f634f437fc52e7c650438a611b9c29b0 1a14db962f10a2c99d68a253fcd2a62ccd00d453 520b634b4f7c2a7db69df85063ca1b73b6237eb6599029c92e308044eb7f3cdb Loading...

	unknown	EventHandler	192 B	2024-10-19	2025-03-05
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2025-03-05 22:46 Times Seen4 Hash 3dd2b64ea73faa2269f02080fd437427 73e37e82001e83e70709145456894adb87485506 bf573559e2dfa50bc02f8ec819c61b8197443df5257d3ebfdbfeb895067070fb Loading...

	ciimawbas.mycima.cc/js/melody.dev.js	ScriptElement	16 kB	2023-03-07	2024-10-23
Pretty URL ciimawbas.mycima.cc/js/melody.dev.js IP 104.26.0.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01 Last Seen2024-10-23 22:55 Times Seen97 Hash f2bf056198be59f92547935fd4c968f0 cba85174a3d6d68fcff3a2e6238f1d6150b58fce 244926b75ad193faf7a694c602d5819576e2d953dc43849395dedfa841f5ea53 Loading...

	www.googletagmanager.com/gtag/js?id=UA-150387825-1	ScriptElement	225 kB	2024-10-19	2024-10-19
Pretty URL www.googletagmanager.com/gtag/js?id=UA-150387825-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 09a3458d76191706d7212c4e93f3a6a8 1d9c1b53c39f9f11c965103796e7a76dcea1fe03 3b0abbcd9ecd57c7cb48459d00187ca38c12528c7abde3840ac1da813b60237e Loading...

	ciimawbas.mycima.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-05-27
Pretty URL ciimawbas.mycima.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.26.0.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-27 19:38 Times Seen31883 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	unknown	EventHandler	89 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 9edfd368b5d7880584f2774437ad8bc7 4c70b65595e273d93619ced27b28af628c89ac32 14d25de5977ea74d26b9306b155884aa211e2e31844563625529e205039a3c8a Loading...

	unknown	EventHandler	89 B	2024-10-19	2025-03-05
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2025-03-05 22:46 Times Seen2 Hash e2f5d373d3b03cd40b93a35daca6ef7d 0823a61926acfceb124170b3f14555d49be2c940 4e4d7876a66b68616e8245acc86d3a7bbd6f7a7d082faaa15d56f84f1c35efa2 Loading...

	ciimawbas.mycima.cc/templates/echo/js/jquery.readmore.js	ScriptElement	3.4 kB	2023-03-07	2025-05-22
Pretty URL ciimawbas.mycima.cc/templates/echo/js/jquery.readmore.js IP 104.26.0.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:21 Last Seen2025-05-22 03:32 Times Seen91 Hash 9831a2bda29ff5d836acf4aca465c0cd 44deda013554c85237ddc16793a2065f5551249b e75fb4b26aa2ded1e757268828d3d759c05a85d92db75cd6b491f3f4cb6af769 Loading...

	unknown	ScriptElement	1.4 kB	2023-03-07	2025-05-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12 Last Seen2025-05-22 03:32 Times Seen84 Hash 48b383db8c4b689d51c7fe7520af1108 464dbc35d23e717068b6c71c46c7e267bf8bf3c4 e23346daaea4662b4e261ddc679f7ef3e914155a66fc2ded5802809568638553 Loading...

	ciimawbas.mycima.cc/templates/echo/js/jquery.cropit.js	ScriptElement	28 kB	2023-03-07	2025-05-27
Pretty URL ciimawbas.mycima.cc/templates/echo/js/jquery.cropit.js IP 104.26.0.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01 Last Seen2025-05-27 09:08 Times Seen233 Hash cd82e0edbcecf087be901e8e7ed0d035 2cedce9f87501152efa36eb1949d95c0ca4ff200 b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840 Loading...

	goomaphy.com/401/6219621	ScriptElement	93 kB	2024-10-19	2024-10-19
Pretty URL goomaphy.com/401/6219621 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-19 22:36 Last Seen2024-10-19 22:59 Times Seen2 Hash 9f4d33c812f121110c29ca9346fb36db e44326ebc784ec6ac42d8566977fce0d42cf1ff9 7d51c0ed016ef453dcc1792f8c4ea5cb927718c8a66524b6f1dc89ef3a58b3f2 Loading...

	exptlgooney.com/1clkn/56262	ScriptElement	6 B	2023-03-07	2025-05-27
Pretty URL exptlgooney.com/1clkn/56262 IP 23.109.170.82 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-27 19:34 Times Seen12975 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	unknown	EventHandler	86 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash cb908f472e0c4eeb7deba8f6b247504e 36d9405f56146929af879ced02c55c6c8d5a1a8b 44a58c3e8db6a43595a41013d77b5c0d4db758e3861bb623e80a5f7dfeb1e713 Loading...

	unknown	EventHandler	86 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 3ff5d057b2cc572b3de010edd9ee218a f1dcbdc66fd823961e1b961d080314673fae6492 96245f94eebb0c7760ecc2b7cab623df29a6ffdf92fb0a1d48bdf5cfb5f446d1 Loading...

	unknown	EventHandler	89 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 7991af6121d0eee3dc462df4ba1e0f0a fa13e186f1e43e7b9f98796d1b56a66e7f623a2a e448a659df0ecb63f9125e34f1c4b3cdc6f4209d0bc57204dbd34b78d1dfe736 Loading...

	unknown	EventHandler	0 B	0001-01-01	2025-05-27
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-27 19:51 Times Seen4771626 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	ScriptElement	216 B	2023-03-07	2025-05-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-05-27 09:08 Times Seen177 Hash 901d05a394689754b24c53a14ff0bb94 16e6750d0db26beda439d20147af2cdf6ee85f6c c8d34bfa528cee7507080fac65baab9a6eacb046b4c097cc3201ff3bba0d09c1 Loading...

	unknown	EventHandler	67 B	2024-01-25	2025-04-11
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-01-25 08:09 Last Seen2025-04-11 21:47 Times Seen42 Hash a9a2c52ae730e4d05809f864f9b5672d 9d2fb321eb01693507ec78de5375ef4cc35a25d2 ee7d3219e8a338f7b08dcc0986a5288a17d4a1d7b6702c11a2cf4fa238c6bf14 Loading...

	ciimawbas.mycima.cc/templates/echo/js/melody.emoji.js	ScriptElement	175 kB	2023-10-01	2024-10-19
Pretty URL ciimawbas.mycima.cc/templates/echo/js/melody.emoji.js IP 104.26.0.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-01 23:23 Last Seen2024-10-19 22:59 Times Seen9 Hash 7c832bedef6cbea2ac76c4bc1fd0e941 5ee750c8530af11bc6babcdb9395edc99f04cbe6 e6148294e8c8ffd9e47ae3a6b143966cf15caf8a8133ccd3c63cdf36c881a2b7 Loading...

	unknown	EventHandler	86 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 75ec98f5ef6322756ebc90e6d89f36e3 7cdf1df76427fc340e4d4e1666881cff7e134366 b72112966eeb65d6f6bfa55ce0aae4a2e65f1e4b5c77b85dc60a99bc0460b94d Loading...

	unknown	EventHandler	193 B	2024-10-19	2025-03-05
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2025-03-05 22:46 Times Seen4 Hash 54c5665df5cba595f22a0b3bb015c58e f3c693c00f1940828000b57d4e33720a1f253d1d f5bbb1d53056d00805c82a63f66bb14ce610eb263e1c571a98b0eb320046741f Loading...

	unknown	ScriptElement	170 B	2024-10-19	2024-10-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 4c3bf3c3fee55fc58761a9f643a4e0e0 5d90bf822c9104f2773f02241c645f995bbc562d 8a2135e20bd4fe1ae0283c61ee1cd1f3ffda45dde95df4b21da17b81887f4dcc Loading...

	ciimawbas.mycima.cc/js/jquery.textcomplete.min.js	ScriptElement	17 kB	2023-03-07	2025-04-11
Pretty URL ciimawbas.mycima.cc/js/jquery.textcomplete.min.js IP 104.26.0.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:09 Last Seen2025-04-11 21:47 Times Seen44 Hash 871de5ca5aee55e67c1d3d8c69b49b1b ae0e75de0282c8bf70e2fcac957c8dad975cfa11 90dfc6e75b52347f19b56f0a9d8016cf3b0bb11a3e22c749bd1f1976df43033a Loading...

	unknown	EventHandler	88 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 9a2aa837213cee610c2f1abf8338ebfa a4253c5cba6ac18cd36d0048bed754cf91f3ce0b db673a351cb14ad931eeeb05befbea599d64da5ec58118710fa942026952deea Loading...

	unknown	EventHandler	89 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 740cc9e28cef5512172b267eb71c6dd5 80a7602b77d7dc2354c53523eba73449137d59be 688725f02bc0f0c656978e6f3f5eb7f1fcabafd752824e30ecf0221d0ee1b7d3 Loading...

	unknown	EventHandler	86 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash fb49d3af5f0e988c72c24381bf905ddf 673f7dbddd81ebc69004452b973145ab1d430a9c a4d860987c65915b39665e39a9a695f146aa966e1d6357680f3ebf6446c7a47a Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js	ScriptElement	96 kB	2023-03-07	2025-05-27
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js IP 216.58.207.202 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-27 14:40 Times Seen8620 Hash f03e5a3bf534f4a738bc350631fd05bd 37b1db88b57438f1072a8ebc7559c909c9d3a682 aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Loading...

	unknown	EventHandler	79 B	2023-04-16	2025-05-27
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-16 10:54 Last Seen2025-05-27 09:08 Times Seen130 Hash c0cc0fb0141f52b9fc5bf5bf281531ac 29942c5675c543f8d2edc686e80cf4bf0e10bb70 74c38e29231738f71a0b9ebec39d21fcb041847dad58079457731f0481a6e7ea Loading...

	unknown	EventHandler	85 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash b681c9b8e2e535335068f362620587e9 d157b1d04950e0fe3edabff5cadbd9a6da8da4cf bef504c48bc6e23fb2398fdf1146f49604b6b99dc4061574cbb2b750d414157e Loading...

	ciimawbas.mycima.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.0 kB	2024-10-19	2024-10-19
Pretty URL ciimawbas.mycima.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.26.0.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 23:20 Times Seen2 Hash e6d5bdfc3b2c095fbde626a399a4ea38 f88ab6b98dc11710f6b66a2e8c2ad39d635fa4c5 3c27bc463073ac43f710c180017ee345dceb0a335e929bbb91231de93b26020b Loading...

	unknown	ScriptElement	190 B	2023-03-07	2025-05-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01 Last Seen2025-05-22 03:32 Times Seen140 Hash 29727d13fa2a206a7cc92a101c29ab33 647b9b2f5532aaee7217e70850589ad673938fcb 42ee5f253d773ac3a83d1fc0d0f922a4c502f66dddfb591593129586c4f2725a Loading...

	unknown	EventHandler	86 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash c2733daad93ae6e0bec806b2a447766a 69111375bbd91deb5ac1ed2d962723bc032baf62 b3d69c720089061927038a588534dd0be20e2cde61c75a1cc037921c0d4b8d28 Loading...

	unknown	ScriptElement	236 B	2024-10-19	2024-10-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 28c1a4052a195f330e3a2a539f0ed494 adbf51a758afc968f2bde9fed9a026d266c8da1a 58373f8862914ad5029db2ca211c58a05b0849325e5d190e0379ef76e662bb90 Loading...

	unknown	ScriptElement	366 B	2024-10-19	2024-10-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash c9e0fa07b1d16afc7c14f68904a14163 ebe4c936588e69d06d83eac5061fb8633d2f4c09 718b9adce1cbaa23df15db18a7e272363f4bfbb05a2af1242906989e33bae919 Loading...

	unknown	ScriptElement	3.5 kB	2023-03-07	2025-05-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15 Last Seen2025-05-22 03:32 Times Seen119 Hash c3d5e7ae44ebf7eec435c9325b6f676f 8b6342ac0b9b097678cb23ae693917b91090b944 6dab04cf1ed42a5675ee85fc766f21ccf9386c3e61f9081987b6de3ec7e7f23b Loading...

	unknown	ScriptElement	306 B	2023-03-10	2025-04-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:32 Last Seen2025-04-11 21:47 Times Seen22 Hash 84bfb0e1fadef95eaac61b995f6715b6 7e1360c8ae6e689818535f1791a447b31ac5efc2 84b3783159200fdb4d534af8aa44155a6dd9127874539c57f5e2a92066ec5f59 Loading...

	unknown	EventHandler	86 B	2024-10-19	2024-12-27
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-12-27 08:14 Times Seen3 Hash 5678dcde8d41a7aa97b9ae34626c2d6d 27ebbc496a054b26efe6291c8987b68065e773a1 ba77b247ca1c034922894c79ea757e478944e9f9725d09bcc7a34cbc7549ecbf Loading...

	unknown	EventHandler	89 B	2024-10-19	2024-12-27
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-12-27 08:14 Times Seen3 Hash 9ac1352189ed9be862babafcdfc8503a bd8cada24fc362fe4e503f163f55ff59ea5444c1 6ce5e1d7f968358c2720c3253fb25203c318c8c88d8d372f4f31cc1af4fd11ea Loading...

	unknown	EventHandler	86 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 14109d7e7b0fd054f20d474c787e5ae5 d2bb2137875ecf4865a5fe7ebe02dab70c5a6809 30146e300e0e3599eb0d486e4bfc06a5ac3b15881443f5e6160308297bf64da3 Loading...

	ciimawbas.mycima.cc/templates/echo/js/jquery.plugins.a.js	ScriptElement	9.5 kB	2023-03-07	2025-05-22
Pretty URL ciimawbas.mycima.cc/templates/echo/js/jquery.plugins.a.js IP 104.26.0.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01 Last Seen2025-05-22 03:32 Times Seen91 Hash 7edd7d96ee453442900875aa72c595c4 a09a3c791e560866562f26d8ac7f9621f369cfa2 d36a4d2e1e3ec14aa6fd41115d053a533999f0337d0f48859de361199f7359cb Loading...

	ciimawbas.mycima.cc/js/bootstrap-notify.min.js	ScriptElement	8.2 kB	2023-03-07	2025-05-27
Pretty URL ciimawbas.mycima.cc/js/bootstrap-notify.min.js IP 104.26.0.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-05-27 09:08 Times Seen182 Hash 5ba070af9d1b1a2782851940de30879f d33390fc88bf68bd23eb182d7dbc77f5227081b2 a13a07b242c80b57e0cbbacc6cfedb538d4d331ff1f9dff370519ec57407e450 Loading...

	ciimawbas.mycima.cc/templates/echo/js/jquery.plugins.b.js	ScriptElement	9.1 kB	2023-03-07	2024-10-23
Pretty URL ciimawbas.mycima.cc/templates/echo/js/jquery.plugins.b.js IP 104.26.0.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01 Last Seen2024-10-23 22:55 Times Seen91 Hash 8ac43cab1939c54d6bc974726fec41ca 8c44a11ac313388d254b30c162a6f1353074296d 9ea6b351a675e3bc0e648d6d41bafd700a5944f6e54778fe6beac548210c241a Loading...

	unknown	ScriptElement	155 B	2023-03-10	2025-04-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:35 Last Seen2025-04-11 21:47 Times Seen29 Hash 74c535fa31120ea6432fa9cf4ef9453b 9a02c12073b86755c553773acc98363fb9d3a960 e33e7f2e98db343a395816f100286a1cf2c73d9b4d5fdbbad3602910b58822ad Loading...

	unknown	EventHandler	89 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 28fd1ba55c69a4b3f0a5b7c9441908c3 eac604554dce13eb3cc1fb3e97d98bb2b62eca0a 09bc395293599924a6b0d22c2bebafbcbe09ab600578c2b2f42415897de63ed2 Loading...

	unknown	EventHandler	89 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 9c21c510c186558c7ea4810088f95717 8760b8f681c97b1acd47d07276827adb2afd444d fcb5a898c08f2faed91912e15cca07df1655842cd1161253087f24bb2d3c0fdc Loading...

	unknown	EventHandler	86 B	2024-10-19	2025-03-05
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2025-03-05 22:46 Times Seen2 Hash fdcbd0f760d9059fc6ee0b15208633d1 ff237c98afaf5780d3887ead6895917b5116ea63 1d4a8433b596bb9fb60c319f2d366e67906e71c7f23a8144fa032d500bc84392 Loading...

	unknown	ScriptElement	945 B	2024-10-19	2024-10-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash 592a8787430a6c1ec4038524cc6fab57 b9b66db0aa21cfc35ad0be49781bff6d2c202136 48f768d1ee581da08aa32419ac7d82abc8e595cc1d248737a956fdcf70e0e800 Loading...

	netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js	ScriptElement	32 kB	2023-03-07	2025-05-27
Pretty URL netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-27 15:24 Times Seen2988 Hash abda843684d022f3bc22bc83927fe05f 26908395e7a9a4eab607d80aa50a81d65f3017cb 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f Loading...

	unknown	EventHandler	56 B	2023-04-16	2025-05-27
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-16 10:54 Last Seen2025-05-27 09:08 Times Seen130 Hash cae6f8624c66f13833c0cb65d1a7d4f3 38913a239bfe49bb031bc0bba5130fdde4a9dddd 41557c099d9a65a2febcf471b7cc43a2fc76a213f40eb129e19d06c2f3d64ce0 Loading...

	unknown	EventHandler	89 B	2024-10-19	2024-10-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash cc7791c30151efb3d71ad2f03f7fd5d6 c9480d2be0831288cbffa3772ec3984703fcc53a 84b67d5e9f29a70d7597c96fe49e05e3877c68bf448169330460c16981439840 Loading...

	code.jquery.com/jquery-migrate-1.2.1.min.js	ScriptElement	7.2 kB	2023-03-07	2025-05-27
Pretty URL code.jquery.com/jquery-migrate-1.2.1.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-27 15:05 Times Seen5050 Hash eb05d8d73b5b13d8d84308a4751ece96 743052320809514fb788fe1d3df37fc87ce90452 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d Loading...

	ciimawbas.mycima.cc/templates/echo/js/jasny-bootstrap.min.js	ScriptElement	20 kB	2023-03-07	2025-05-27
Pretty URL ciimawbas.mycima.cc/templates/echo/js/jasny-bootstrap.min.js IP 104.26.0.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-05-27 09:08 Times Seen203 Hash f6b6e524d29d54ada53e4172b9d91cf7 427153c7a2d83d2ca800e397779f29b857801ad2 e7ad856551c720cb7c6a24a8bf4a9d6b6b24c24f07109cde96366338e53a4ff8 Loading...

	unknown	ScriptElement	439 B	2023-03-07	2025-05-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-05-27 09:08 Times Seen176 Hash 86a6965e541a781a37d669b260561c55 d507b1712d0947c35ca109d78453ad0706543594 d08064727885699b455486366ac7a1b6e9e298d7cb1d94d4e491088d0bb8ab94 Loading...

	ciimawbas.mycima.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.2 kB	2024-10-19	2024-10-19
Pretty URL ciimawbas.mycima.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.26.0.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 23:19 Times Seen2 Hash c010eaf4b546a07806b7649cd44ba963 99ae24c6d16d86a740bb747f4b15712387ed3d6c 69a9499ec81b82be1482f31d9a03c891df0c7c37646e3c947a2f01bc3ccb8047 Loading...

	augailou.com/5/6205538	ScriptElement	76 kB	2024-10-19	2024-10-19
Pretty URL augailou.com/5/6205538 IP 139.45.197.243 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-19 22:59 Last Seen2024-10-19 22:59 Times Seen1 Hash c7e9a506a4eb6fe6c14276f0822a0637 8b9d9d11bbd45a8a6b2f995d309c069420f720b6 031ac28de70b9a99ca527103c54160d58b39344b5837c4169d5fc86666e6f0e8 Loading...

	unknown	ScriptElement	424 B	2023-03-10	2025-04-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:35 Last Seen2025-04-11 21:47 Times Seen29 Hash 4fdd5489c31175a09b6612230e359876 ac0383872c5a7cec11fced6e5092f2be11bbf1a8 3db1dbd74cc159c9a8a37ed066de1ba7576cd0044671c5556e5d53fb7a0159ed Loading...

		Size	First Seen	Last Seen
	#1 Eval - 73497a37c3561adbd8ce84e4f017b368	9 B	2023-03-07 01:03	2025-05-27 07:27
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-27 07:27 Times Seen3220 Hash 73497a37c3561adbd8ce84e4f017b368 9193ae73cb3dd2833be8c942714d5544bfb628c9 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351 Loading...

HTTP Transactions (64)

URL IP Response Size

ciimawbas.mycima.cc/ajax.php?p=stats&do=show&aid=3&at=1

104.26.0.218

200 OK

42 B

URL GET HTTP/3
ciimawbas.mycima.cc/ajax.php?p=stats&do=show&aid=3&at=1
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
9b5e8704c89f018cff215cb5ed3e0128
2a9fa3661b326c503e492b89cdd9130d12ead03d
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

HTTP Headers

GET /ajax.php?p=stats&do=show&aid=3&at=1 HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: image/gif
content-length: 42
cache-control: must-revalidate, public
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
expires: Wed, 5 Feb 1986 06:06:06 GMT
pragma: no-cache, public
vary: Accept-Encoding
via: 1.1 varnish-v4
x-cache: MISS
x-varnish: 264208867
last-modified: Sat, 19 Oct 2024 20:27:33 GMT
cf-cache-status: HIT
age: 4914
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rTJKae3h4p%2BQZ86zQjkdzLxHlRxvoHf51J3rSQnZNwtf9o6ugORJCHuifk9JmkClJR9w%2FRHCIEyvddrdGt6IpFMJqDnLP3V9hzCIo%2BxPUMWfGtlwcj7Wjp%2B%2FFHMmF5zn2oIqLTw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032bfa20b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/uploads/avatars/avatar426-1.jpg

104.26.0.218

200 OK

2.9 kB

URL GET HTTP/3
ciimawbas.mycima.cc/uploads/avatars/avatar426-1.jpg
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp
Size
2.9 kB (2880 bytes)
Hash
4accdcd46c2c110ca2c46e689b73807b
0ee7e484e95f773791fe59be78fd9a949eb75b79
e909babc7c667b3916a5f4858e45c39dc63bfb827d752f07ab8d4fce240dd416

HTTP Headers

GET /uploads/avatars/avatar426-1.jpg HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: image/webp
content-length: 2880
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=3440
content-disposition: inline; filename="avatar426-1.webp"
vary: Accept
etag: "633830ca-d70"
expires: Fri, 25 Oct 2024 21:39:58 GMT
last-modified: Sat, 01 Oct 2022 12:21:30 GMT
pragma: public
cf-cache-status: HIT
age: 2077802
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BduqAUSBjkY%2BEbo6pcrHIMnVUkTuDbR49J%2Fa1ztuBnTXuPpQGlh4mLZ4cHRhjOUsVLyFUDXUaFUGFzYBhh%2FHITy1Gt9oYkOyVWpt00PtSsLXTgRUt87xyRvW33uPVxPxMEXkzSg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032bfa50b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/templates/echo/img/pm-avatar.png

104.26.0.218

200 OK

1.9 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/img/pm-avatar.png
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.9 kB (1942 bytes)
Hash
7501485bad086294742426856fe8c907
1d61ac3f174fb42874f1f841ef2399fa8c246bed
4f7d17275ab713a0541bc09548f71cf6ab124d63f5750eaa890a03a27a193b99

HTTP Headers

GET /templates/echo/img/pm-avatar.png HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: image/webp
content-length: 1942
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2135
content-disposition: inline; filename="pm-avatar.webp"
vary: Accept
etag: "635d2f41-857"
expires: Fri, 25 Oct 2024 21:39:58 GMT
last-modified: Sat, 29 Oct 2022 13:48:49 GMT
pragma: public
cf-cache-status: HIT
age: 2077802
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CBrKJl7Dn37SdRrPWawfKmBWo%2FyfSR%2BTck2Ce0Va4OGP9EJrrbPeafkR0OOQmv1yh3N%2F%2Bf%2FzH32m68gpzEJjYqaVomj0Dchh7kqp6Nq6DxrlCINV6stawutWRGuq5jVo3JuWIJs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032bfa80b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/templates/echo/img/echo-lzld.png

104.26.0.218

200 OK

34 B

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/img/echo-lzld.png
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
RIFF (little-endian) data, Web/P image
Size
34 B (34 bytes)
Hash
ec0bcc698b6bb8111ae9e02f936be518
7e97bd6fc89f1ec8614d688a1404c6c72772a1d8
35edce30b6d162be31ca89f9861f996e966e7d4fc563cd890d2f915a4a123dc3

HTTP Headers

GET /templates/echo/img/echo-lzld.png HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: image/webp
content-length: 34
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="echo-lzld.webp"
vary: Accept
expires: Thu, 17 Oct 2024 20:07:48 GMT
last-modified: Sat, 29 Oct 2022 13:48:48 GMT
x-proxy-cache: MISS
cf-cache-status: HIT
age: 559276
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K0KSRQWYN30iZntIRQAWnoDQBo0Q3GQfSguskuHcTNWS2qGe40wzHMNZwrjwjINwCfXqqMq6wsTQOYEhvjucW%2FL6SN04qbE91pE%2Br4EBaSiOtX5QXgqjxS0mumVaTXioPPOdrqI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032bfb00b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/uploads/thumbs/e5121d0f1-1.jpg

104.26.0.218

200 OK

35 kB

URL GET HTTP/3
ciimawbas.mycima.cc/uploads/thumbs/e5121d0f1-1.jpg
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 720x423, Scaling: [none]x[none], YUV color, decoders should clamp
Size
35 kB (35072 bytes)
Hash
60a10f1120d14d471f0e4b29d3428e22
bd502e2931db520d1277ffdf5128f54cb82f15f1
ba828c88968671dbb0b46b6115f10f658b1b05ff089275aae1d7bf6360e359be

HTTP Headers

GET /uploads/thumbs/e5121d0f1-1.jpg HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: image/webp
content-length: 35072
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=38753
content-disposition: inline; filename="e5121d0f1-1.webp"
vary: Accept
etag: "64538e60-9761"
expires: Fri, 25 Oct 2024 21:39:58 GMT
last-modified: Thu, 04 May 2023 10:52:16 GMT
pragma: public
cf-cache-status: HIT
age: 2077802
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdVeMnxc7OWiNyor2%2FHdetNyrX11vIUTQV5CWlbI%2FBVOLN%2FdTtpiNUyxbmKwmPV62XJFMitJkA6Zb3iW3KOf%2BzV8RrOijoBcOhSZndOhVEFL%2FqJ5H31caCRV9skPqxgoY%2Ff1aJE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032bfb40b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/uploads/thumbs/8414305dd-1.jpg

104.26.0.218

200 OK

39 kB

URL GET HTTP/3
ciimawbas.mycima.cc/uploads/thumbs/8414305dd-1.jpg
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 720x405, Scaling: [none]x[none], YUV color, decoders should clamp
Size
39 kB (39206 bytes)
Hash
23ea06630e0c7cbfb1504efe8b79c488
245c4a85e11eebfcdea176ea349ad920c55587bc
9f345da385818436b43830e53b967d6e253b364b7ae9f1ff5f53f165c440f975

HTTP Headers

GET /uploads/thumbs/8414305dd-1.jpg HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: image/webp
content-length: 39206
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=42003
content-disposition: inline; filename="8414305dd-1.webp"
vary: Accept
etag: "66e6f0df-a413"
expires: Fri, 25 Oct 2024 21:39:58 GMT
last-modified: Sun, 15 Sep 2024 14:36:15 GMT
pragma: public
cf-cache-status: HIT
age: 2077802
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PfRS3URYuo6dCBc77UFaudYwQ8KyVW1zk4B1h8Ct1hn6vXCKPEq%2FrGQyMyMtSX0iNsJTaiHEXtFUUwHQN96U5j5o5%2BVgbfDrmj0U3aP1wNG8gONsHJghae4FrS5XWJNkurMtfxw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032bfb10b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/ajax.php?p=stats&do=show&aid=2&at=1

104.26.0.218

200 OK

42 B

URL GET HTTP/3
ciimawbas.mycima.cc/ajax.php?p=stats&do=show&aid=2&at=1
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
9b5e8704c89f018cff215cb5ed3e0128
2a9fa3661b326c503e492b89cdd9130d12ead03d
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

HTTP Headers

GET /ajax.php?p=stats&do=show&aid=2&at=1 HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: image/gif
content-length: 42
cache-control: must-revalidate, public
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
expires: Wed, 5 Feb 1986 06:06:06 GMT
pragma: no-cache, public
vary: Accept-Encoding
via: 1.1 varnish-v4
x-cache: MISS
x-varnish: 266569748
last-modified: Sat, 19 Oct 2024 20:45:26 GMT
cf-cache-status: HIT
age: 4914
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bj8kCColTS3ep6Iyu%2BMW1yIylmJarqBLBOssJ5ZwBMmrN8Sfjyi8PHgV%2FyLTLQh8FRF0q7jN%2F6kP%2BwpFgV87K5JWD23Qpj4SQiZ3qUABcaut7TbQzhX%2B%2BWTwl0fu8WEeU8DPIgk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032dfcd0b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/lang/flags/sa.png

104.26.0.218

200 OK

422 B

URL GET HTTP/3
ciimawbas.mycima.cc/lang/flags/sa.png
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
RIFF (little-endian) data, Web/P image
Size
422 B (422 bytes)
Hash
572e168117c0b76ec6368cdfe79d0dd1
ea8545f0795106095f42abf68972346ea886f03d
064946003d2c6a8e3a9ec06c8cc140d2238f7e389e884905e818e2f455ceaeb3

HTTP Headers

GET /lang/flags/sa.png HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: image/webp
content-length: 422
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=551
content-disposition: inline; filename="sa.webp"
vary: Accept
expires: Tue, 15 Oct 2024 17:42:15 GMT
last-modified: Sat, 29 Oct 2022 13:48:45 GMT
x-proxy-cache: MISS
cf-cache-status: HIT
age: 559276
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iJ9H7w1reBvaPpkZDdc2DleOGCUWdgT876mWDj5dLRUk1g0eXSM178EL9ZGIzwb2rxIgIbOyHXyZ3dXR7EvawHGnVTlc4C8MAveiVehhPsazRsknisLhCv0eTxRKGx1cgsVTby4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032efe50b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/templates/echo/img/ajax-loading.gif

104.26.0.218

200 OK

771 B

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/img/ajax-loading.gif
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
GIF image data, version 89a, 16 x 16
Size
771 B (771 bytes)
Hash
00ef871b291bc03a497d608a5bd8ec99
942d8fe092c1c473af19906751c2bee5322a9b55
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4

HTTP Headers

GET /templates/echo/img/ajax-loading.gif HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: image/gif
content-length: 771
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "635d2f40-303"
expires: Fri, 25 Oct 2024 21:39:58 GMT
last-modified: Sat, 29 Oct 2022 13:48:48 GMT
pragma: public
cf-cache-status: HIT
age: 2077747
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OqbSUBAuXriYOCbZ59XbL4ZRXqvyq9XVE6jJClHsaJfUi2%2FYJcTsJq0JCDUTOSuz21mxtPct%2Bw7LrjPJPotSgl8Rz%2Fo8uS%2Fviv7WTVp4vnEm22%2FDWd5oXJSJTV%2B%2FOXTqP1J1J5E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032efea0b59-OSL
alt-svc: h3=":443"; ma=86400

i.ibb.co/QHn7LZh/images.png

162.19.58.158

200 OK

5.2 kB

URL GET HTTP/2
i.ibb.co/QHn7LZh/images.png
IP
162.19.58.158:443
ASN
#16276 OVH SAS

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint26:FE:71:E0:50:E8:60:94:E3:4F:62:05:27:41:82:DD:84:EE:89:AC
ValidityThu, 22 Aug 2024 08:17:43 GMT - Wed, 20 Nov 2024 08:17:42 GMT

File type
PNG image data, 348 x 145, 8-bit colormap, non-interlaced
Size
5.2 kB (5175 bytes)
Hash
a766d8c1a622eaf6f8c61923eb7b2ffa
0451f3b28a9d3ba5e86db5bf84647b2695d281df
c4708018079d00eb69f9401ede6757ad56d2debe193c0e2e5490229d5c4db8ea

HTTP Headers

GET /QHn7LZh/images.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: image/png
content-length: 5175
last-modified: Mon, 16 Oct 2023 14:16:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

exptlgooney.com/1clkn/56262

23.109.170.82

200 OK

26 B

URL GET HTTP/1.1
exptlgooney.com/1clkn/56262
IP
23.109.170.82:443
ASN
#7979 SERVERS-COM

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerLet's Encrypt
Subjectexptlgooney.com
FingerprintC4:A4:17:3E:69:C9:E0:02:E1:55:D3:C2:1F:C1:6B:17:8E:15:15:D2
ValidityThu, 10 Oct 2024 16:07:29 GMT - Wed, 08 Jan 2025 16:07:28 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/56262 HTTP/1.1
Host: exptlgooney.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Oct 2024 22:58:57 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sun, 20-Oct-2024 22:58:57 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 20-Oct-2024 22:58:57 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

ciimawbas.mycima.cc/uploads/thumbs/34051d987-1.jpg

104.26.0.218

200 OK

56 kB

URL GET HTTP/3
ciimawbas.mycima.cc/uploads/thumbs/34051d987-1.jpg
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 683x480, components 3
Size
56 kB (55752 bytes)
Hash
00d617dc0c583bfdfc5a4a1681a18f80
2f896ca9be3f1f9d8143237cb585457cc9ced940
bc94d0b95f963ea527bead7bb337bdd461787b146cef9e6f58e8b2a1a62f4f57

HTTP Headers

GET /uploads/thumbs/34051d987-1.jpg HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: image/jpeg
cache-control: max-age=604800, public
cf-bgj: imgq:85,h2pri
cf-polished: origSize=57687, status=webp_bigger
etag: W/"670dafdf-e157"
expires: Mon, 21 Oct 2024 23:57:50 GMT
last-modified: Mon, 14 Oct 2024 23:57:19 GMT
pragma: public
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3yxNtZI%2BojbtdUaHQDxKfyn0oxVw1xgtiULDprMnxCVYqMf1omAfr3qRT4thOkcowAnxrDyfGvAgQtinj6oI4gDbmtMdFC84V7xDhcl%2FnlCnrkGkDnXHxRQGv5nhGOZGDO6JFAc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546034f9d30b59-OSL
alt-svc: h3=":443"; ma=86400

netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

104.18.11.207

200 OK

64 kB

URL GET HTTP/3
netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint95:66:C2:43:CE:55:3C:D7:76:0E:9C:5F:28:8C:E9:AA:DC:AC:A2:59
ValidityFri, 20 Sep 2024 01:25:04 GMT - Thu, 19 Dec 2024 01:25:03 GMT

File type
Web Open Font Format (Version 2), TrueType, length 64464, version 4.262
Size
64 kB (64464 bytes)
Hash
4b5a84aaf1c9485e060c503a0ff8cadb
574ea2698c03ae9477db2ea3baf460ee32f1a7ea
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

HTTP Headers

GET /font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ciimawbas.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://netdna.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: font/woff2
content-length: 64464
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 02/19/2024 11:12:32
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 35997476645f45703144ed0e72df79f5
cdn-cache: HIT
cf-cache-status: HIT
age: 3164329
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8d546036083b56c4-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2

216.58.207.227

200 OK

31 kB

URL GET HTTP/2
fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA7:6D:44:6D:0D:8C:29:A8:CF:9A:12:0B:7C:B9:A0:F9:B0:72:5E:E9
ValidityMon, 30 Sep 2024 15:09:59 GMT - Mon, 23 Dec 2024 15:09:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 31248, version 1.0
Size
31 kB (31248 bytes)
Hash
436938da6ed799ca17110e719e4d2e51
b7ef31b6085a9f0963dffe7939abca527724d389
a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2

HTTP Headers

GET /ea/droidarabickufi/v6/DroidKufi-Regular.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ciimawbas.mycima.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Oct 2024 12:42:47 GMT
expires: Wed, 15 Oct 2025 12:42:47 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
content-type: font/woff2
vary: Accept-Encoding
age: 382570
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ciimawbas.mycima.cc/templates/echo/css/echo.rtl.css

104.26.0.218

200 OK

6.4 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/css/echo.rtl.css
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
ASCII text, with very long lines (17280), with no line terminators
Size
6.4 kB (6359 bytes)
Hash
705451a4e7b20a5ce1a857e4c966066a
d13416cd58f896ce1cf8ddae81693fdb03e499e4
ce28ab1f5bb0970aad3173b27526bd8dfa2f4ca8e36582dcef551f74186a8d45

HTTP Headers

GET /templates/echo/css/echo.rtl.css HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: text/css
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=22198
expires: Sat, 27 Sep 2025 22:46:43 GMT
last-modified: Sat, 29 Oct 2022 13:48:48 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1900084
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FZZuak0gqvKI37jbl%2F9%2Fi9oYh2qSaq6EdoBoj0PfcLoCpwyENNgQdiwBQVeyx79GJWX9O755e%2FbcEPyaa%2FJucLgGobOHJ%2FuYt%2FpNYtKrmFUbh8QPpTUWYe%2B%2BUZJTDvvm4G1yGAo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032af970b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.26.0.218

302 Found

0 B

URL GET HTTP/3
ciimawbas.mycima.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 19 Oct 2024 22:58:57 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0WFtjVhCEPzQZcHGWrrVCcAVvXvo4v%2F5z%2BUcv%2BWesTsbxuzC4E2GDkLlrvWY9261uwemzhbFfDF5yfdYiD%2FK2SOyTLL4VL1XcQAyengVMwAe1hmtqJVpQIzwQ138RgnQkA5QVQk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460379c730b59-OSL
alt-svc: h3=":443"; ma=86400

netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

104.18.11.207

200 OK

40 kB

URL GET HTTP/2
netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint95:66:C2:43:CE:55:3C:D7:76:0E:9C:5F:28:8C:E9:AA:DC:AC:A2:59
ValidityFri, 20 Sep 2024 01:25:04 GMT - Thu, 19 Dec 2024 01:25:03 GMT

File type
ASCII text, with very long lines (32038)
Size
40 kB (40208 bytes)
Hash
164b85acc55b9d779b72c272ea7be228
6daabcbec2514c315ff1f9d443ccb0f9018b2a48
4f9902d1e5c79cb7ae3ad7c16e6a75df7f5c9c8fd42bdabe44b81043b197bd93

HTTP Headers

GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: gzip
etag: W/"0831cba6a670e405168b84aa20798347"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 11/18/2022 06:19:10
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 863
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 617cddf282529eb1891a1067ee3c7115
cdn-cache: HIT
cf-cache-status: HIT
age: 11108592
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8d5460337d27b4ee-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.79.73

200 OK

87 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
FingerprintFB:0A:B6:18:33:15:47:A9:D8:B5:ED:D3:1B:EE:13:FF:3F:80:C4:E6
ValidityTue, 03 Sep 2024 08:38:23 GMT - Mon, 02 Dec 2024 08:38:22 GMT

File type
gzip compressed data, from Unix
Size
87 kB (87185 bytes)
Hash
5606235b486b0113464fbc552cfa9465
4dbd0ae3be151cfa64b5fb4b283e387f68c2c9c3
6f729f7154ca3ced8803a8e099bccece7f2c773f00af77735ee1d688d43e670b

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ciimawbas.mycima.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d5460337a66b521-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ciimawbas.mycima.cc/templates/echo/css/fonts/Material-Icon-PHP-Melody.ttf?206bv4

104.26.0.218

200 OK

53 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/css/fonts/Material-Icon-PHP-Melody.ttf?206bv4
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, Material-Icon-PHP-Melody
Size
53 kB (53268 bytes)
Hash
c66525c487d980ccda56d4668eccd47b
e9b984773ce1a225a851ac1769875b57e2e4a3f9
48ab864568194da965b383bf041943f4fbd6d13e5e7f60da9556c4667eb052f6

HTTP Headers

GET /templates/echo/css/fonts/Material-Icon-PHP-Melody.ttf?206bv4 HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/templates/echo/css/echo.css
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: font/ttf
last-modified: Sat, 29 Oct 2022 13:48:49 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 372332
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2BGBx9lp%2BBRQWAavgi4C9UK2AdhCUOjT9H0nyzbef7REvM%2BlM6U%2BuSERNb4W4vl0uCjx6s29p967sBe1abVzEMavRs5SV0iIGYz%2FS%2FqpuhwmJWDa70CaiuycaGyHZsExZ7DVmlQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546035dab90b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

my.rtmark.net/gid.js?userId=0080fadeef2a4664e068efcf82de11e1

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=0080fadeef2a4664e068efcf82de11e1
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint59:49:A1:C9:C3:99:98:FC:2D:E7:4A:9E:86:83:A6:DE:2E:C3:8A:B6
ValidityFri, 30 Aug 2024 01:00:45 GMT - Thu, 28 Nov 2024 01:00:44 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
cd29aea5834693e7e21e034df7c126bc
b44b8c597140d2214dbbedddd808966ca179ca1c
936a3727399532b28d5760fe20e9bceced84fdc261a1178068ed304e3d52e967

HTTP Headers

GET /gid.js?userId=0080fadeef2a4664e068efcf82de11e1 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ciimawbas.mycima.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 19 Oct 2024 22:58:58 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ciimawbas.mycima.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080fadeef2a4664e068efcf82de11e1; expires=Sun, 19 Oct 2025 22:58:58 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ciimawbas.mycima.cc/templates/echo/img/apple-touch-icon.png

104.26.0.218

200 OK

3.3 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/img/apple-touch-icon.png
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.3 kB (3326 bytes)
Hash
7be16ed6debb74128279e037b19b21b4
3edf99982b487ce58dc015fe3407a996378a1c2c
4caba4c77912521625093d24b8009082f8fea05e0fa556e528ec8ddc701900aa

HTTP Headers

GET /templates/echo/img/apple-touch-icon.png HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:58 GMT
content-type: image/webp
content-length: 3326
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6105
content-disposition: inline; filename="apple-touch-icon.webp"
vary: Accept
expires: Tue, 15 Oct 2024 15:58:19 GMT
last-modified: Sat, 29 Oct 2022 13:48:48 GMT
x-proxy-cache: MISS
cf-cache-status: HIT
age: 559220
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AZK%2BphH1cKz4VpR8UZ3%2F4pITymn3TCV3cTZj1%2Bzpau1%2FvwgRcjWz9vGoch1d8iWEuPApjHL6WONMpVwoge7aUaKxWLHrZbvkXEotrydQ6LhKclzw1dxRu%2FZ4xrJt9pB299Aq%2BpA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546038fd960b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/templates/echo/img/favicon-16x16.png

104.26.0.218

200 OK

320 B

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/img/favicon-16x16.png
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
RIFF (little-endian) data, Web/P image
Size
320 B (320 bytes)
Hash
d4a6bd5e7ac0bb72b4f6a2babd54dd8c
ac09947abb3b48b64cc53035564e127dee468559
0e3beedc59d2d875fd4ce5f0e9b1663acd269648b27665f6afd0e7e975b167be

HTTP Headers

GET /templates/echo/img/favicon-16x16.png HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:58 GMT
content-type: image/webp
content-length: 320
cache-control: max-age=604800, public
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=948
content-disposition: inline; filename="favicon-16x16.webp"
etag: "635d2f40-3b4"
expires: Tue, 15 Oct 2024 19:24:51 GMT
last-modified: Sat, 29 Oct 2022 13:48:48 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 362189
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oEMkn2g2l6g5Bkh55ITARtPjQLRJJlxRJRDWxyT5g4Ohkywh%2F4dRMCFnf6y1ULAYwP5It60bYuiFl0n0P%2FoDqSel4ifPvTJ9ijGNoJVY%2FGa02cBlrmEPKzFzZKyPbZDZIRGcy6k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546038fd9c0b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/cdn-cgi/challenge-platform/h/b/jsd/r/8d54602fbede56cb

104.26.0.218

200 OK

0 B

URL POST HTTP/3
ciimawbas.mycima.cc/cdn-cgi/challenge-platform/h/b/jsd/r/8d54602fbede56cb
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/8d54602fbede56cb HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12202
Origin: https://ciimawbas.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:58 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.mycima.cc; Priority=High; HttpOnly; Secure; SameSite=None
cf_clearance=mblIJaz_7.UR9ryu4b.US_chZUuxAnhC_U92Iy.kPJE-1729378738-1.2.1.1-Ii4gDYsjIzJ3CchMr84AQO4XyXVjDMBgedArCB0bPmvTBq9PXfQjrr5JToHN4nlszFakSTN_Y5VK9p6CO9xabTupLcYeIx_xTYcwhAOnDzosd8iEXMwn.SeTx9vkrrbDYpwdWzU.nvjmRvLTvzPAjT34GTemB7_jmy.sX7n4rsyTBSYtOVwNNORwWV06kFwXthiqTWgsqUOS26IG._xM16TReLk2mtfgBersjiNb1id3WeT_rW.RU6QiE8ZbRlI6I_L_mQOkUqb1OHUD1f38MI2QLuStvA1OhJjdrkrooOxK752ipKcHtdI1o6rShsMzLH5HgU5OzBT5q9qBpk82mg; Path=/; Expires=Sun, 19-Oct-25 22:58:58 GMT; Domain=.mycima.cc; Priority=High; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LUxCLxJnmWTD5BKIEO%2Fs0qLh0UNNooRx6ppBQ0yZksMHgkrpmRwdhrtwdjEDFmiuBsrvrJmjYYOjFpO8TpLoLkDNFAx%2BCjwQnrYZRUcvsvuL%2Bt8D656fyi80%2B7s%2Bo3Gp45%2FiNrM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d54603a0e6d0b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/templates/echo/js/jasny-bootstrap.min.js

104.26.0.218

200 OK

6.7 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/js/jasny-bootstrap.min.js
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
gzip compressed data, max speed, from Unix
Size
6.7 kB (6708 bytes)
Hash
673a9545eda9e291dcea28190054581e
b941561eeeddc2bbcde053b808013092937d7955
a69e86128421f76228650fa6ac433ed564478a70eb75bd7cbe558bbf443cb4c3

HTTP Headers

GET /templates/echo/js/jasny-bootstrap.min.js HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: application/javascript
last-modified: Sat, 29 Oct 2022 13:48:49 GMT
etag: W/"635d2f41-4e4a"
expires: Fri, 25 Oct 2024 21:40:16 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
pragma: public
content-encoding: gzip
cf-cache-status: HIT
age: 2077800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j6fA3XCiu2Zs33CB%2B%2FXLUhoF4N5qAODNgdTD%2Bf7TLWcC4%2F0cMRp7rxLpNrozOGkH8BfWrOlgxMaa1HYkq43aPl9qpjBF1Fkg9trRh0LE4maTjPuiL1F5%2Fm7Jw%2FcVOwPAi7WqhLk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460367b6a0b59-OSL
alt-svc: h3=":443"; ma=86400

augailou.com/5/6205538

139.45.197.243

200 OK

36 kB

URL GET HTTP/2
augailou.com/5/6205538
IP
139.45.197.243:443
ASN
#9002 RETN Limited

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerLet's Encrypt
Subjectaugailou.com
FingerprintE8:70:78:D2:68:99:5B:4E:0C:17:D3:DD:16:E8:31:58:5E:CE:E6:1D
ValidityThu, 12 Sep 2024 05:33:29 GMT - Wed, 11 Dec 2024 05:33:28 GMT

File type
gzip compressed data, max speed, from Unix
Size
36 kB (36391 bytes)
Hash
059cb8c1b48a0ed0bb476398440d052e
cbe8781e3899bb621276a2d6da570112158b714a
7321c543f7fb0f02678f2646717f493bbc60088ffbcf1b925cdaae56961a2d25

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/6205538 HTTP/1.1
Host: augailou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: application/javascript
x-trace-id: ee6065c0a84ac07667bcaa736ca6f82b
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080fadeef2a4664e068efcf82de11e1; expires=Sun, 19 Oct 2025 22:58:57 GMT; path=/; secure; SameSite=None
oaidts=1729378737; expires=Sun, 19 Oct 2025 22:58:57 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

ciimawbas.mycima.cc/templates/echo/js/jquery.readmore.js

104.26.0.218

200 OK

1.2 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/js/jquery.readmore.js
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
JavaScript source, ASCII text, with very long lines (3399), with no line terminators
Size
1.2 kB (1218 bytes)
Hash
9831a2bda29ff5d836acf4aca465c0cd
44deda013554c85237ddc16793a2065f5551249b
e75fb4b26aa2ded1e757268828d3d759c05a85d92db75cd6b491f3f4cb6af769

HTTP Headers

GET /templates/echo/js/jquery.readmore.js HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: text/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=3422
expires: Sat, 27 Sep 2025 22:46:44 GMT
last-modified: Sat, 29 Oct 2022 13:48:49 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1900083
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wxF2B9hePYLdN2hOFpIju2ok2JH1%2BfrxWjY5KQWehBeCv7f10PcdIL00e7tg4A8knoAB3nojeQFpSuC%2F2aMOhFX4yMvavf2XM8X8mJpHNBgyUpGraGt5gyMdpzANLhf0Vonp0Dw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460366b640b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/js/jquery.textcomplete.min.js

104.26.0.218

200 OK

8.6 kB

URL GET HTTP/3
ciimawbas.mycima.cc/js/jquery.textcomplete.min.js
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (16839)
Size
8.6 kB (8568 bytes)
Hash
871de5ca5aee55e67c1d3d8c69b49b1b
ae0e75de0282c8bf70e2fcac957c8dad975cfa11
90dfc6e75b52347f19b56f0a9d8016cf3b0bb11a3e22c749bd1f1976df43033a

HTTP Headers

GET /js/jquery.textcomplete.min.js HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: text/javascript
last-modified: Sat, 29 Oct 2022 13:48:43 GMT
cache-control: max-age=31536000
expires: Sat, 27 Sep 2025 22:46:43 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1900083
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6aP846GSV2mGwHPIR2P7KUS1ZNoSgM3%2FMKqT25MUIaJeCAggqwS6kOiqQOVw8gjjZCPtTndJ816XwZvkz%2FISsEAE1h0DOlwz25WOfihrAzM5JCna4fplT%2BzmKcy5Odeeb7rIvf0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460366b5b0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

104.26.0.218

200 OK

85 kB

URL GET HTTP/3
ciimawbas.mycima.cc/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
JavaScript source, ASCII text, with very long lines (8046), with no line terminators
Size
85 kB (84700 bytes)
Hash
e6d5bdfc3b2c095fbde626a399a4ea38
f88ab6b98dc11710f6b66a2e8c2ad39d635fa4c5
3c27bc463073ac43f710c180017ee345dceb0a335e929bbb91231de93b26020b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js? HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vYTrWb1bJlduvQ5pF65oPPbp0RWvPNoH6LwiKZdJw0d0dC0qbntFbjni7vjPDpVnC3PTtkXuzqEcU3gAMdS8pDoBisks0FLKI6Ub1TVA%2F13vLDF49pGMarwrRNnokHXWxTdkqg0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460386d1c0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

goomaphy.com/401/6219621?oo=1&oaid=0080fadeef2a4664e068efcf82de11e1&sw_version=v1.418.0

139.45.197.239

200 OK

886 B

URL GET HTTP/2
goomaphy.com/401/6219621?oo=1&oaid=0080fadeef2a4664e068efcf82de11e1&sw_version=v1.418.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerLet's Encrypt
Subjectgoomaphy.com
FingerprintF4:DA:36:58:26:EA:98:10:CC:D0:21:3E:07:69:BE:EB:86:E3:CA:09
ValiditySat, 28 Sep 2024 05:16:56 GMT - Fri, 27 Dec 2024 05:16:55 GMT

File type
JSON text data
Size
886 B (886 bytes)
Hash
03f9af6f88e28974496afaf1fc18a74f
c4d227741b15adc187e9eac0236fff5b17d12a35
60be60a7c7362eeb1ec95340deb56fcfd5aafc280108d42cc31be634f1bfaf0a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/6219621?oo=1&oaid=0080fadeef2a4664e068efcf82de11e1&sw_version=v1.418.0 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ciimawbas.mycima.cc
DNT: 1
Connection: keep-alive
Cookie: OAID=0300fae4e9b34a2aef7d2ee5fb0c3515
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Oct 2024 22:58:58 GMT
content-type: application/json
x-trace-id: 0f0f2fe45aa4f436eea3ff84db5ea61f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ciimawbas.mycima.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0080fadeef2a4664e068efcf82de11e1; expires=Sun, 19 Oct 2025 22:58:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

ciimawbas.mycima.cc/templates/echo/css/bootstrap.min.rtl.css

104.26.0.218

200 OK

4.6 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/css/bootstrap.min.rtl.css
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
ASCII text, with very long lines (26153), with no line terminators
Size
4.6 kB (4553 bytes)
Hash
5c3488d9489fc4d2b0b2be5b79f64b25
038e38e21f485a2ce83c28df73e3c2d25f863028
2cd2ad752ad401367bdefc9379a5ae10d7d5b61241e60bda02bdcd25813577b9

HTTP Headers

GET /templates/echo/css/bootstrap.min.rtl.css HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: text/css
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-bgj: minify
cf-polished: origSize=33283
etag: W/"635d2f40-8203"
expires: Fri, 25 Oct 2024 21:39:58 GMT
last-modified: Sat, 29 Oct 2022 13:48:48 GMT
pragma: public
cf-cache-status: HIT
age: 2077803
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xL0IWykFk3veJphK6sbmM6za30JqxU8pOZ4FtWqNOG2WNs%2F7Y8ajLBKjBD0T%2FF%2FcsZ3H6Hy3ocuVGazmbBJqq86yspptwXG2B61e7DWAToBp41GSPelhSTy2cLWc8epoiq4ZWhI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032af940b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/uploads/thumbs/14e8f5031-1.jpg

104.26.0.218

200 OK

61 kB

URL GET HTTP/3
ciimawbas.mycima.cc/uploads/thumbs/14e8f5031-1.jpg
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 720x378, components 3
Size
61 kB (61043 bytes)
Hash
b12aa97ddbbf4d6f03560ea40bc513c5
a926f083ca54f245a2baef1965448c357e54f1e2
87466b832527717bc13de7443b085311bf56115084ed61132c663938f380f466

HTTP Headers

GET /uploads/thumbs/14e8f5031-1.jpg HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D; cf_clearance=mblIJaz_7.UR9ryu4b.US_chZUuxAnhC_U92Iy.kPJE-1729378738-1.2.1.1-Ii4gDYsjIzJ3CchMr84AQO4XyXVjDMBgedArCB0bPmvTBq9PXfQjrr5JToHN4nlszFakSTN_Y5VK9p6CO9xabTupLcYeIx_xTYcwhAOnDzosd8iEXMwn.SeTx9vkrrbDYpwdWzU.nvjmRvLTvzPAjT34GTemB7_jmy.sX7n4rsyTBSYtOVwNNORwWV06kFwXthiqTWgsqUOS26IG._xM16TReLk2mtfgBersjiNb1id3WeT_rW.RU6QiE8ZbRlI6I_L_mQOkUqb1OHUD1f38MI2QLuStvA1OhJjdrkrooOxK752ipKcHtdI1o6rShsMzLH5HgU5OzBT5q9qBpk82mg; prefetchAd_6205538=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:58 GMT
content-type: image/jpeg
cache-control: max-age=604800, public
cf-bgj: imgq:85,h2pri
cf-polished: origSize=55761, status=webp_bigger
etag: W/"6338313b-d9d1"
expires: Fri, 25 Oct 2024 10:40:02 GMT
last-modified: Sat, 01 Oct 2022 12:23:23 GMT
pragma: public
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VVvHK%2FirDGGlB69R55ChEt5v9LuqCCMysccrNdSRo%2BOdHY3ysBIjZLpvMr6NLwUllrbLdy6eqoc%2BuZxKoOjp5SJmhW8fgcGrfVUyCp0e%2FaTLy%2BYc6xzfWkpXrZg77jH9FyQGvQo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d54603bbfb80b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/templates/echo/css/echo.css

104.26.0.218

200 OK

64 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/css/echo.css
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
64 kB (63705 bytes)
Hash
42b344585b5ce36e5a044922f79cb141
3fe38b51df6698352e4594539944c66188190698
7076616883934077607aba70229f63b9d7bb76be532c38ed727cf07ff857c269

HTTP Headers

GET /templates/echo/css/echo.css HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: text/css
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-bgj: minify
cf-polished: origSize=316916
etag: W/"635d2f40-4d5f4"
expires: Fri, 25 Oct 2024 21:39:58 GMT
last-modified: Sat, 29 Oct 2022 13:48:48 GMT
pragma: public
cf-cache-status: HIT
age: 2077803
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fqXnwOIr6IJ2KLbNjo95EiFeDev42kkIyQ1yJyb5hBj3j3cykELNEPN8T6BykXZa2zvJ%2B3J3qY%2B2LWYWrO%2FVlfvV4j0GNyj18GIpWdCasn39lzIQhFpRRbfD6t0kpgVS4aff0AU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460329f8f0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/templates/echo/css/jasny-bootstrap.min.css

104.26.0.218

200 OK

14 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/css/jasny-bootstrap.min.css
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
ASCII text, with very long lines (13803)
Size
14 kB (13997 bytes)
Hash
35a0dfa4efebb6b615c601d89ca323b6
122f43fb614d52d280cf8748af2ff47bd1f21fa3
fe508673736191cbc01662c1392d0ee591106b93577f43f4cea0ca1731b06cb1

HTTP Headers

GET /templates/echo/css/jasny-bootstrap.min.css HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: text/css
last-modified: Sat, 29 Oct 2022 13:48:48 GMT
etag: W/"635d2f40-36ad"
expires: Fri, 25 Oct 2024 21:39:58 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
pragma: public
content-encoding: gzip
cf-cache-status: HIT
age: 2077803
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fGg1n2hQz%2FhwkaXAIjJehuomSEegeq%2BV73ajLBsbHXvH65ubZRh0sVZSxy2u1SFOYGsFDIza4un%2F3duLXMZFpwkeQB9hvBMka9rQA740uOT1lZtYqOWXso10VB%2FQua5VpbbyReU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460329f8d0b59-OSL
alt-svc: h3=":443"; ma=86400

netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js

104.18.11.207

200 OK

32 kB

URL GET HTTP/3
netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint95:66:C2:43:CE:55:3C:D7:76:0E:9C:5F:28:8C:E9:AA:DC:AC:A2:59
ValidityFri, 20 Sep 2024 01:25:04 GMT - Thu, 19 Dec 2024 01:25:03 GMT

File type
JavaScript source, ASCII text, with very long lines (31650)
Size
32 kB (31819 bytes)
Hash
abda843684d022f3bc22bc83927fe05f
26908395e7a9a4eab607d80aa50a81d65f3017cb
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

HTTP Headers

GET /bootstrap/3.2.0/js/bootstrap.min.js HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: gzip
etag: W/"abda843684d022f3bc22bc83927fe05f"
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 05/01/2023 21:10:53
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 874
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: c24a1953c54449ff63e28ca06877aa18
cdn-cache: HIT
cf-cache-status: HIT
age: 11108289
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8d546036aa785696-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/watch.php?vid=34051d987

104.26.0.218

200 OK

148 kB

URL User Request GET HTTP/2
ciimawbas.mycima.cc/watch.php?vid=34051d987
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type

Size
148 kB (147588 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.php?vid=34051d987 HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Oct 2024 22:58:56 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, public
pragma: no-cache, public
set-cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; path=/
watched_video_list=OTQ2MA%3D%3D; expires=Sun, 20-Oct-2024 22:58:56 GMT; Max-Age=86400; path=/
x-varnish: 283775875
via: 1.1 varnish-v4
x-cache: MISS
cf-cache-status: BYPASS
server-timing: cfCacheStatus;desc="BYPASS"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B6o9IBKOlpm2evlCUvcR2RAc91%2Bx3i2Twa0hWRWz%2BBhh4FzbxSKQSDO6sozED8Q4T9pBBdKuzZJ5u9CnqXGmtuuFg0v2pvBG7zgei2ZhzmbAHYFRtKrWZFnJDrtFty8SQXgvdhs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d54602fbede56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ciimawbas.mycima.cc/templates/echo/img/bg-desc-shadow.png

104.26.0.218

200 OK

1.4 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/img/bg-desc-shadow.png
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
PNG image data, 620 x 102, 8-bit colormap, non-interlaced
Size
1.4 kB (1380 bytes)
Hash
5da3a73ec1d9d8ebfe23c853890f47fa
ca9bc44a2786e422c23dcde1d9f7fc3bd1bee45f
497dc6def9a3c515769a105a4ba7a520bf482d4ee943045e98712631078df3aa

HTTP Headers

GET /templates/echo/img/bg-desc-shadow.png HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/templates/echo/css/echo.css
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D; cf_clearance=mblIJaz_7.UR9ryu4b.US_chZUuxAnhC_U92Iy.kPJE-1729378738-1.2.1.1-Ii4gDYsjIzJ3CchMr84AQO4XyXVjDMBgedArCB0bPmvTBq9PXfQjrr5JToHN4nlszFakSTN_Y5VK9p6CO9xabTupLcYeIx_xTYcwhAOnDzosd8iEXMwn.SeTx9vkrrbDYpwdWzU.nvjmRvLTvzPAjT34GTemB7_jmy.sX7n4rsyTBSYtOVwNNORwWV06kFwXthiqTWgsqUOS26IG._xM16TReLk2mtfgBersjiNb1id3WeT_rW.RU6QiE8ZbRlI6I_L_mQOkUqb1OHUD1f38MI2QLuStvA1OhJjdrkrooOxK752ipKcHtdI1o6rShsMzLH5HgU5OzBT5q9qBpk82mg; prefetchAd_6205538=true; pm_elastic_player=normal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:58 GMT
content-type: image/png
content-length: 1380
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-bgj: imgq:85,h2pri
cf-polished: origSize=1675, status=webp_bigger
etag: "635d2f40-68b"
expires: Fri, 25 Oct 2024 21:39:58 GMT
last-modified: Sat, 29 Oct 2022 13:48:48 GMT
pragma: public
cf-cache-status: HIT
age: 2077562
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wUo0HqNXI38QmLKOCZ3nlJLIp61Xyo8Oi0qVmjNLmurplJWAUDgqX8sFJPhtL4fMTKiPKgqEcVjVGsoV6jDXHAj%2F2LNKBr27vsk5wUhdTBAbBLYyVRRqn0fs9Dy4APJQ2Q5oWfw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d54603cb88f0b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/include/securimage_show.php?sid=be6d330d0dd83bb26ef76d1ee36b7a56

104.26.0.218

200 OK

3.0 kB

URL GET HTTP/3
ciimawbas.mycima.cc/include/securimage_show.php?sid=be6d330d0dd83bb26ef76d1ee36b7a56
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
PNG image data, 158 x 35, 8-bit/color RGB, non-interlaced
Size
3.0 kB (2988 bytes)
Hash
ed11453970cff262b6a5b6e225494370
7865bbdb217825044a7783f94a4efe004b65fc94
c14440588a0ee339b7ac7e031ca1f807d24280a281d8cd0dabfb37170a33287e

HTTP Headers

GET /include/securimage_show.php?sid=be6d330d0dd83bb26ef76d1ee36b7a56 HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: image/png
vary: Accept-Encoding, Accept-Encoding
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
pragma: no-cache, public
x-varnish: 268814821
via: 1.1 varnish-v4
x-cache: MISS
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aN9Ljs%2By6ldza3MaTdch2HB0snRXKQstDOq3X4AdhG0GX7hVuwPcGnWw7NxjMZ0gcG4D010C5qDcS8V1pVX8wytdgk5KzJ3Kp28rWpVAqcFc15dSjRjeUBCurz%2By6zJBoied%2Byc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032cfc20b59-OSL
alt-svc: h3=":443"; ma=86400

goomaphy.com/401/6219621

139.45.197.239

200 OK

93 kB

URL GET HTTP/2
goomaphy.com/401/6219621
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerLet's Encrypt
Subjectgoomaphy.com
FingerprintF4:DA:36:58:26:EA:98:10:CC:D0:21:3E:07:69:BE:EB:86:E3:CA:09
ValiditySat, 28 Sep 2024 05:16:56 GMT - Fri, 27 Dec 2024 05:16:55 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
93 kB (93074 bytes)
Hash
9f4d33c812f121110c29ca9346fb36db
e44326ebc784ec6ac42d8566977fce0d42cf1ff9
7d51c0ed016ef453dcc1792f8c4ea5cb927718c8a66524b6f1dc89ef3a58b3f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/6219621 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 19 Oct 2024 22:58:58 GMT
content-type: application/javascript
x-trace-id: 6d7f739a5a7231eeab17cbb0049e599c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0300fae4e9b34a2aef7d2ee5fb0c3515; expires=Sun, 19 Oct 2025 22:58:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

ciimawbas.mycima.cc/cdn-cgi/rum?

104.26.0.218

204 No Content

0 B

URL POST HTTP/3
ciimawbas.mycima.cc/cdn-cgi/rum?
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
content-type: application/json
Content-Length: 1129
Origin: https://ciimawbas.mycima.cc
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D; cf_clearance=mblIJaz_7.UR9ryu4b.US_chZUuxAnhC_U92Iy.kPJE-1729378738-1.2.1.1-Ii4gDYsjIzJ3CchMr84AQO4XyXVjDMBgedArCB0bPmvTBq9PXfQjrr5JToHN4nlszFakSTN_Y5VK9p6CO9xabTupLcYeIx_xTYcwhAOnDzosd8iEXMwn.SeTx9vkrrbDYpwdWzU.nvjmRvLTvzPAjT34GTemB7_jmy.sX7n4rsyTBSYtOVwNNORwWV06kFwXthiqTWgsqUOS26IG._xM16TReLk2mtfgBersjiNb1id3WeT_rW.RU6QiE8ZbRlI6I_L_mQOkUqb1OHUD1f38MI2QLuStvA1OhJjdrkrooOxK752ipKcHtdI1o6rShsMzLH5HgU5OzBT5q9qBpk82mg; prefetchAd_6205538=true; pm_elastic_player=normal
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
date: Sat, 19 Oct 2024 22:58:58 GMT
access-control-allow-origin: https://ciimawbas.mycima.cc
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8d54603cd8ba0b59-OSL
x-frame-options: DENY
x-content-type-options: nosniff

ciimawbas.mycima.cc/uploads/thumbs/0576431ff-1.jpg

104.26.0.218

200 OK

55 kB

URL GET HTTP/3
ciimawbas.mycima.cc/uploads/thumbs/0576431ff-1.jpg
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 683x480, components 3
Size
55 kB (55281 bytes)
Hash
14a12b0a6d89b043f4828ec411a3170a
db7e8bf2b2aa8ddae376dbdb2ffae56d8ac4bb49
b497086501e45afe8afd7c625a151c53e9463f6f0f9c168915663a7b164358e0

HTTP Headers

GET /uploads/thumbs/0576431ff-1.jpg HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D; cf_clearance=mblIJaz_7.UR9ryu4b.US_chZUuxAnhC_U92Iy.kPJE-1729378738-1.2.1.1-Ii4gDYsjIzJ3CchMr84AQO4XyXVjDMBgedArCB0bPmvTBq9PXfQjrr5JToHN4nlszFakSTN_Y5VK9p6CO9xabTupLcYeIx_xTYcwhAOnDzosd8iEXMwn.SeTx9vkrrbDYpwdWzU.nvjmRvLTvzPAjT34GTemB7_jmy.sX7n4rsyTBSYtOVwNNORwWV06kFwXthiqTWgsqUOS26IG._xM16TReLk2mtfgBersjiNb1id3WeT_rW.RU6QiE8ZbRlI6I_L_mQOkUqb1OHUD1f38MI2QLuStvA1OhJjdrkrooOxK752ipKcHtdI1o6rShsMzLH5HgU5OzBT5q9qBpk82mg; prefetchAd_6205538=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:58 GMT
content-type: image/jpeg
cache-control: max-age=604800, public
cf-bgj: imgq:85,h2pri
cf-polished: origSize=57687, status=webp_bigger
etag: W/"670dafc6-e157"
expires: Thu, 24 Oct 2024 09:49:19 GMT
last-modified: Mon, 14 Oct 2024 23:56:54 GMT
pragma: public
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LYw1FMoCnd8LmZmFUuXvoHfQB7E3846o3X8U%2B6dMtfSUnN58o%2BF4sUVD22Mz7zLkfCG%2Fmv%2FW13fwYWHSVbzht3AqT2BUSU0UP6QL3YBykTyms1G3ay4EBbH2Aq6FzIen2HFZoFw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d54603bcfc20b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/uploads/thumbs/c923c6063-1.jpg

104.26.0.218

200 OK

45 kB

URL GET HTTP/3
ciimawbas.mycima.cc/uploads/thumbs/c923c6063-1.jpg
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 720x404, components 3
Size
45 kB (45104 bytes)
Hash
4d6ae50bb4eb9f94f362732e709650c1
ea2a0a4fa19e82a89442c58f2884d4dea8d14a10
473278a63fc8adca1380e9eed79e270afa83fec1b93f8c721e06e75222ec80f9

HTTP Headers

GET /uploads/thumbs/c923c6063-1.jpg HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D; cf_clearance=mblIJaz_7.UR9ryu4b.US_chZUuxAnhC_U92Iy.kPJE-1729378738-1.2.1.1-Ii4gDYsjIzJ3CchMr84AQO4XyXVjDMBgedArCB0bPmvTBq9PXfQjrr5JToHN4nlszFakSTN_Y5VK9p6CO9xabTupLcYeIx_xTYcwhAOnDzosd8iEXMwn.SeTx9vkrrbDYpwdWzU.nvjmRvLTvzPAjT34GTemB7_jmy.sX7n4rsyTBSYtOVwNNORwWV06kFwXthiqTWgsqUOS26IG._xM16TReLk2mtfgBersjiNb1id3WeT_rW.RU6QiE8ZbRlI6I_L_mQOkUqb1OHUD1f38MI2QLuStvA1OhJjdrkrooOxK752ipKcHtdI1o6rShsMzLH5HgU5OzBT5q9qBpk82mg; prefetchAd_6205538=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:58 GMT
content-type: image/jpeg
cache-control: max-age=604800, public
cf-bgj: imgq:85,h2pri
cf-polished: origSize=46799, status=webp_bigger
etag: W/"633830ce-b6cf"
expires: Thu, 24 Oct 2024 00:08:56 GMT
last-modified: Sat, 01 Oct 2022 12:21:34 GMT
pragma: public
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G7rndfO42GPm9UPKvDEVgBU3FvosUotpYmdi0DkYHhWLbUUzUkir5%2FFAIoTQILUm4ikl%2FwQE7T80HFudttA1F9fa%2B6RFunBX1bcYuRsdVzKrhqBCiYcn2eDWxlz2uEIBxo1ZR2w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d54603bcfc00b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/include/securimage_show.php?sid=9cc1cc67b45b7275fd756a96ed8fc5f4

104.26.0.218

200 OK

3.2 kB

URL GET HTTP/3
ciimawbas.mycima.cc/include/securimage_show.php?sid=9cc1cc67b45b7275fd756a96ed8fc5f4
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
PNG image data, 158 x 35, 8-bit/color RGB, non-interlaced
Size
3.2 kB (3186 bytes)
Hash
2f0d3660331186fd3555bbca8b81fb61
86680c6b34b41f3575ccb42a80c07a22562bc470
0429ebcadd411cd1226362ed6dd2a67efb4e3eb1331b5695e8a92020d723ef63

HTTP Headers

GET /include/securimage_show.php?sid=9cc1cc67b45b7275fd756a96ed8fc5f4 HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: image/png
vary: Accept-Encoding, Accept-Encoding
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
pragma: no-cache, public
x-varnish: 280038582
via: 1.1 varnish-v4
x-cache: MISS
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2N1TL1QMEtO6ECKR4vP7RI4AykezJTAkFjbS7nwm4Fl4QZVAe7bJVXnxDYkfNFqsqX63wNnL6NyNhipqfS59goiYq0baZOyosxeNlQ01bZ2Oht8%2BDeTQObdnb21mUXmXg5ednjc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032bfad0b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/js/bootstrap-notify.min.js

104.26.0.218

200 OK

8.2 kB

URL GET HTTP/3
ciimawbas.mycima.cc/js/bootstrap-notify.min.js
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
JavaScript source, ASCII text, with very long lines (8540), with no line terminators
Size
8.2 kB (8216 bytes)
Hash
d0084824fa4041e8ec98bf9d11d6d9e6
511e08759bed4b71d75fc3d6929918e7ab1dc6eb
06365f15c222c6cd5751f5b1c027be557898324121b4708bec2a51c03a77ed2c

HTTP Headers

GET /js/bootstrap-notify.min.js HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: text/javascript
last-modified: Sat, 29 Oct 2022 13:48:43 GMT
cache-control: max-age=31536000
expires: Sat, 27 Sep 2025 22:46:44 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1900083
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qpTDEbtKyUlqHQ22DfYXSfbCAxMmzCoqWvVn39xs2UALhKEVItgayPVOjQRBn0GuzN7BJugh9q5aKLUjMWdQNebHDxt8W4JRDqb%2BbSwPvwSjDWzFjEusqmzvoqu86BkybyWPWYg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460368b810b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=UA-150387825-1

142.250.74.168

200 OK

225 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-150387825-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintEB:22:46:D1:43:9D:F7:91:08:A8:54:A8:A2:62:80:CF:6F:ED:A4:62
ValidityMon, 30 Sep 2024 14:36:15 GMT - Mon, 23 Dec 2024 14:36:14 GMT

File type
JavaScript source, ASCII text, with very long lines (3835)
Size
225 kB (224586 bytes)
Hash
09a3458d76191706d7212c4e93f3a6a8
1d9c1b53c39f9f11c965103796e7a76dcea1fe03
3b0abbcd9ecd57c7cb48459d00187ca38c12528c7abde3840ac1da813b60237e

HTTP Headers

GET /gtag/js?id=UA-150387825-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 19 Oct 2024 22:58:57 GMT
expires: Sat, 19 Oct 2024 22:58:57 GMT
cache-control: private, max-age=900
last-modified: Sat, 19 Oct 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 80307
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ciimawbas.mycima.cc/templates/echo/js/jquery.cropit.js

104.26.0.218

200 OK

28 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/js/jquery.cropit.js
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
JavaScript source, ASCII text, with very long lines (27266)
Size
28 kB (27578 bytes)
Hash
cd82e0edbcecf087be901e8e7ed0d035
2cedce9f87501152efa36eb1949d95c0ca4ff200
b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840

HTTP Headers

GET /templates/echo/js/jquery.cropit.js HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-bgj: minify
etag: W/"635d2f41-6bba"
expires: Fri, 25 Oct 2024 21:40:02 GMT
last-modified: Sat, 29 Oct 2022 13:48:49 GMT
pragma: public
cf-cache-status: HIT
age: 2077800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmh8IJNTX%2BKcs1UiZIl8uGPcq3AsC0jSLzpJNyoA088wslE80yjxckmyxXI6GHNbi%2F6ZpKwJSrvjr68551ER3O57Dunh4aLhnuV06TUh0qMQCKPOzsjEJlOlF3soYy2URV9J9cM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460365b560b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/templates/echo/js/jquery.plugins.b.js

104.26.0.218

200 OK

9.1 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/js/jquery.plugins.b.js
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (9411), with no line terminators
Size
9.1 kB (9131 bytes)
Hash
1b02a70cc7878be5b5b5452897fc60dc
21fab17c4e5f1732e9346c0a9bd9011fd1d75807
2db3190c81c530ff9b389c56d9d2f8038781b324d63e9ffaf08000872ae6446d

HTTP Headers

GET /templates/echo/js/jquery.plugins.b.js HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: text/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=9509
expires: Sat, 27 Sep 2025 22:46:43 GMT
last-modified: Sat, 29 Oct 2022 13:48:49 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1900083
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4GESZfnl9BZHcSY05o9X7FYuPrinWppFrlEpLcTP7P%2BqCbGzRQeHt%2FkZG5FqW%2Fk7C9v%2BeLfSCdd6Pg%2FBSAXmZMG85eeNZLSJQCKPv3mb%2Fs5U3G46F8cEgtXe33Oqe3TG5uEJAk8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460366b670b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/social-thumb.php?vid=34051d987

104.26.0.218

200 OK

56 kB

URL GET HTTP/3
ciimawbas.mycima.cc/social-thumb.php?vid=34051d987
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 683x480, components 3
Size
56 kB (55742 bytes)
Hash
56612e359c529e25ed68d95c6e82efa9
a682124a24bd17fad3e2b4b41603cdc056c21283
c52c7e286747edef2dc617ac556f82f1466b7124de8ca88fcb7614961b5e5260

HTTP Headers

GET /social-thumb.php?vid=34051d987 HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: image/jpeg
cache-control: max-age=2592000, public
cf-bgj: imgq:85,h2pri
cf-polished: origSize=58192, status=webp_bigger
expires: Sat, 16 Nov 2024 11:33:43 GMT
pragma: public
vary: Accept-Encoding, Accept-Encoding
via: 1.1 varnish-v4
x-cache: MISS
x-varnish: 171874163
last-modified: Thu, 17 Oct 2024 11:33:43 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=faZBXdBrSjeZz5RvKy763%2Fo1Cw3etvjDCo%2BqvD8CQ6mk%2Bp11TsBGDLG5hcp6TKp8RLf%2F0rTLIg4qa0FjS4GTzZTPf4U8Ym1yu2QwZvAuovj4FDp6Ut5TZamOsJ6oVYZZiNYEOKk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032cfbc0b59-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

216.58.207.202

200 OK

96 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint04:E9:E7:03:97:99:66:D7:5B:E7:AE:2C:40:95:6F:E2:07:A3:7D:6C
ValidityMon, 30 Sep 2024 15:09:59 GMT - Mon, 23 Dec 2024 15:09:58 GMT

File type
JavaScript source, ASCII text, with very long lines (32038)
Size
96 kB (95992 bytes)
Hash
f03e5a3bf534f4a738bc350631fd05bd
37b1db88b57438f1072a8ebc7559c909c9d3a682
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

HTTP Headers

GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Oct 2024 22:52:15 GMT
expires: Sat, 18 Oct 2025 22:52:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 86802
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ciimawbas.mycima.cc/templates/echo/css/animate.min.css

104.26.0.218

200 OK

58 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/css/animate.min.css
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
ASCII text, with very long lines (319)
Size
58 kB (57990 bytes)
Hash
3d0a26b7c254da8c0d297e753ff23f65
877d0bcad6716a05066d9b6dab07e264f631a5f0
f1f0041c0c62f37ee475d174370f574a62afd842055e79a86dc4c722532de6bb

HTTP Headers

GET /templates/echo/css/animate.min.css HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: text/css
last-modified: Sat, 29 Oct 2022 13:48:48 GMT
etag: W/"635d2f40-e286"
expires: Fri, 25 Oct 2024 21:39:58 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
pragma: public
content-encoding: gzip
cf-cache-status: HIT
age: 2077803
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZIdubesa6zaVRMI1Koh0PmJ1rIp2l0VlqRqk044wJMSSkMZnC086tzsn05pTXJcN8Lk%2FTO5t5IMULoF2QoqMwsogWdDFsHXZB9ao7AsVg18lIvvqn5K5piDlDvKGgDvHBLCExuY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460329f910b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/uploads/articles/92afe142.jpg

104.26.0.218

200 OK

36 kB

URL GET HTTP/3
ciimawbas.mycima.cc/uploads/articles/92afe142.jpg
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 396x570, Scaling: [none]x[none], YUV color, decoders should clamp
Size
36 kB (35654 bytes)
Hash
91717912f1d792b4188719ee9fedb960
225c7ffc05c16de99a8da04182a3f93560a3355b
8b98fb700651996b1a451824341b605878385b6908e4daef28c782004cea90a6

HTTP Headers

GET /uploads/articles/92afe142.jpg HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: image/webp
cache-control: max-age=604800, public
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=56135
content-disposition: inline; filename="92afe142.webp"
etag: W/"63383099-db47"
expires: Mon, 21 Oct 2024 22:55:25 GMT
last-modified: Sat, 01 Oct 2022 12:20:41 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hxnN78yLM23bsweWR7fMaf9DhrpU8oFHVe5d6OyehGfXXJOor9UAYUi9LX5bWinfAOcCeAcwtsDzT5KOqkJA0XplBlvrBCkuh7c5DZj8xV2uQ6rm8WNVvLq5dWllF4aKt8aonuY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032bfa70b59-OSL
alt-svc: h3=":443"; ma=86400

augailou.com/wrr?z=6205538&p_rid=3ebeaab9-00ac-4ab9-b04e-0184e5f83bb6&rb=RCuc-eh6k2nlV07ZRmy63P-CCDwUehEuy3MHT4C-buJ2VkyxJzq2wwvps_k8H8_WaGcx7Zzt0ORgyzwAn7hTcs93mbd1H3mjYjIbf_Cv9wWiJSAycqk2kfNzwS0jMloN_9EIIyBy9K3Kid56GdSArqZMnYHP475ky9DFZzpKIGz29-gJtIySYwsYmYtA3OzxlgAGB-oYbLouXXZvEcxRSOXZ3ZcxMS72ST0wRD8d5TCm-0Xi&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fciimawbas.mycima.cc%2Fwatch.php%3Fvid%3D34051d987&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=1&wgl=&js_build=iclick-v1.978.12-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&wasm=1&dmn=augailou.com&userId=0080fadeef2a4664e068efcf82de11e1

139.45.197.243

200 OK

2 B

URL GET HTTP/2
augailou.com/wrr?z=6205538&p_rid=3ebeaab9-00ac-4ab9-b04e-0184e5f83bb6&rb=RCuc-eh6k2nlV07ZRmy63P-CCDwUehEuy3MHT4C-buJ2VkyxJzq2wwvps_k8H8_WaGcx7Zzt0ORgyzwAn7hTcs93mbd1H3mjYjIbf_Cv9wWiJSAycqk2kfNzwS0jMloN_9EIIyBy9K3Kid56GdSArqZMnYHP475ky9DFZzpKIGz29-gJtIySYwsYmYtA3OzxlgAGB-oYbLouXXZvEcxRSOXZ3ZcxMS72ST0wRD8d5TCm-0Xi&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fciimawbas.mycima.cc%2Fwatch.php%3Fvid%3D34051d987&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=1&wgl=&js_build=iclick-v1.978.12-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&wasm=1&dmn=augailou.com&userId=0080fadeef2a4664e068efcf82de11e1
IP
139.45.197.243:443
ASN
#9002 RETN Limited

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerLet's Encrypt
Subjectaugailou.com
FingerprintE8:70:78:D2:68:99:5B:4E:0C:17:D3:DD:16:E8:31:58:5E:CE:E6:1D
ValidityThu, 12 Sep 2024 05:33:29 GMT - Wed, 11 Dec 2024 05:33:28 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wrr?z=6205538&p_rid=3ebeaab9-00ac-4ab9-b04e-0184e5f83bb6&rb=RCuc-eh6k2nlV07ZRmy63P-CCDwUehEuy3MHT4C-buJ2VkyxJzq2wwvps_k8H8_WaGcx7Zzt0ORgyzwAn7hTcs93mbd1H3mjYjIbf_Cv9wWiJSAycqk2kfNzwS0jMloN_9EIIyBy9K3Kid56GdSArqZMnYHP475ky9DFZzpKIGz29-gJtIySYwsYmYtA3OzxlgAGB-oYbLouXXZvEcxRSOXZ3ZcxMS72ST0wRD8d5TCm-0Xi&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fciimawbas.mycima.cc%2Fwatch.php%3Fvid%3D34051d987&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=1&wgl=&js_build=iclick-v1.978.12-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&wasm=1&dmn=augailou.com&userId=0080fadeef2a4664e068efcf82de11e1 HTTP/1.1
Host: augailou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ciimawbas.mycima.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 19 Oct 2024 22:58:58 GMT
content-type: text/plain
content-length: 2
x-trace-id: ec182bf3eace7714de38a35fc3c9c406
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://ciimawbas.mycima.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080fadeef2a4664e068efcf82de11e1; expires=Sun, 19 Oct 2025 22:58:58 GMT; path=/; secure; SameSite=None
oaidts=1729378738; expires=Sun, 19 Oct 2025 22:58:58 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 26 Oct 2024 22:58:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ciimawbas.mycima.cc/templates/echo/js/melody.dev.js

104.26.0.218

200 OK

5.5 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/js/melody.dev.js
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
JavaScript source, ASCII text, with very long lines (5563), with no line terminators
Size
5.5 kB (5480 bytes)
Hash
b9e7f1086ce052fb015b62ba9b802cc8
028189983cce5f22f346b9f9a944ee97eb19e9bd
b437704f63a38076015a3c20504d59e6fd292e14e7267eec35715621c05c36a9

HTTP Headers

GET /templates/echo/js/melody.dev.js HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: text/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=7677
expires: Sat, 27 Sep 2025 22:46:44 GMT
last-modified: Sat, 29 Oct 2022 13:48:49 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1900083
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FS8ryStJH4x%2FCWe9tDmk5uL3bKQPTIKniEadAxLlIq0%2BL4uYerA1uyrm0OyOupMczX3z63hOHFEsEYVx8YyycduaX6kWpXJheq%2BCZEKPI4JfgtzBeVtq8jPYY25pAHG2%2F59bUvA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460367b6c0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/templates/echo/js/theme.js

104.26.0.218

200 OK

44 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/js/theme.js
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type

Size
44 kB (43639 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /templates/echo/js/theme.js HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: text/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=44717
expires: Sat, 27 Sep 2025 22:46:44 GMT
last-modified: Sat, 29 Oct 2022 13:48:49 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1900083
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CjxYtjYoMm8rsSuvvCStMImw1dl4jvALlSeuDFTvuVlJe7%2FeIItjIvf4xkQvaDmRNDVD%2BQT0H2qne5bpb0pNpliWRgpwAIk4w9G5Du%2Fc914CCuLQVRwddnZgyYq1AFjWd%2FcUJ0E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546036ab910b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/templates/echo/css/custom.css?v=1.4

104.26.0.218

200 OK

6.1 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/css/custom.css?v=1.4
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
ASCII text, with very long lines (6124), with no line terminators
Size
6.1 kB (6118 bytes)
Hash
c3a3b4c99cafdebd43b4e42b53ca0b97
f5a9d09b44425717a644365313fd9981ff3d1644
7af4e2625563fcb20c9cc599367762e60e52c4f732f72034d7054130e6caf197

HTTP Headers

GET /templates/echo/css/custom.css?v=1.4 HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: text/css
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-bgj: minify
cf-polished: origSize=7936
etag: W/"635d2f40-1f00"
expires: Fri, 25 Oct 2024 21:39:58 GMT
last-modified: Sat, 29 Oct 2022 13:48:48 GMT
pragma: public
cf-cache-status: HIT
age: 2077803
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9YrFAHBYBtJh%2FPkd7eJG5LDN4uZdAzx8h3v9aM6SLArE7MnnIybrk7%2FmIQeDbfWjOBvVfp7DbYSjOSo8rUgUetJ8BA2HDlCu%2BWXgPY3%2F4Yl6UXzpZMWRzhE1Gb8B4l1mN9u9u7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032af9e0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/js/melody.dev.js

104.26.0.218

200 OK

16 kB

URL GET HTTP/3
ciimawbas.mycima.cc/js/melody.dev.js
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
JavaScript source, ASCII text, with very long lines (2302)
Size
16 kB (15865 bytes)
Hash
f2bf056198be59f92547935fd4c968f0
cba85174a3d6d68fcff3a2e6238f1d6150b58fce
244926b75ad193faf7a694c602d5819576e2d953dc43849395dedfa841f5ea53

HTTP Headers

GET /js/melody.dev.js HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-bgj: minify
cf-polished: origSize=23108
etag: W/"635d2f3b-5a44"
expires: Fri, 25 Oct 2024 21:40:15 GMT
last-modified: Sat, 29 Oct 2022 13:48:43 GMT
pragma: public
cf-cache-status: HIT
age: 2077800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vllmbcIOLivKmVg6T13ZxQ%2FALkorJATYNPj8Igvi4pwcWSnnezDYou9EVNdhRIAg5vDSTcPFFw9o0s6SzdBvA15zdCggimcVMHO3uU4zde0qkd%2FI7vJNpEJl6MPf5AUCDtfwoKw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460367b720b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/js/jquery.typewatch.js

104.26.0.218

200 OK

1.4 kB

URL GET HTTP/3
ciimawbas.mycima.cc/js/jquery.typewatch.js
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
JavaScript source, ASCII text, with very long lines (1476), with no line terminators
Size
1.4 kB (1440 bytes)
Hash
f3989a1b6fad291e198cac5399cb0bd7
4e98f0e4f6c96bef7e8d95be4af3b772895ca1ff
d9ee03f77286531633c2ea6bc7dcc3141322ecb2967e57990a280ad719c2d5c8

HTTP Headers

GET /js/jquery.typewatch.js HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: text/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=1745
expires: Sat, 27 Sep 2025 22:46:44 GMT
last-modified: Sat, 29 Oct 2022 13:48:43 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1900083
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WpHAyY68JVVbQu9qK6CTc4k5MWAYDY4frWVOS85nhkptaIKwi7vnUyg3DQbJ%2BH3rJQ6GGEu6rPXOOrZmTTJ639Iflc%2FNN1%2BxgnQV3EORPeot8R3e0OYOd0IVI07%2FVu2hYiHztgk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460368b820b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/templates/echo/js/jquery.plugins.a.js

104.26.0.218

200 OK

9.5 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/js/jquery.plugins.a.js
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
JavaScript source, ASCII text, with very long lines (9736), with no line terminators
Size
9.5 kB (9490 bytes)
Hash
4983c6c466a34742eab06d54aa11c249
4f14efc4cbf9f23228dea8e955bd14247111d5df
6f05eefe0dec7b5f620b6af01a87efeb1d59dd64f912abb4bbd7468b314d0a26

HTTP Headers

GET /templates/echo/js/jquery.plugins.a.js HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-bgj: minify
cf-polished: origSize=9792
etag: W/"635d2f41-2640"
expires: Fri, 25 Oct 2024 21:40:11 GMT
last-modified: Sat, 29 Oct 2022 13:48:49 GMT
pragma: public
cf-cache-status: HIT
age: 2077800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qra6MlSwx1JiJbOQ04M6umkeJ29qvPnYVwHSRf3UslanZXgUyDNJyoN8bT5MDJecSqwMsLoA2IgVDzaVKL23e5c7b4cI5HS2fxTnKx0cNx8Rmxb5D1O%2BlyK9thuv0GqzSBf%2BTwU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460368b830b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

code.jquery.com/jquery-migrate-1.2.1.min.js

151.101.2.137

200 OK

7.2 kB

URL GET HTTP/2
code.jquery.com/jquery-migrate-1.2.1.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7365), with no line terminators
Size
7.2 kB (7199 bytes)
Hash
8abfbb763c7dbf15734b2220329fe792
ebc567208826867a1063c5a8687950faafc98f5b
780e00a63a09d8b2da515868f4fa76af83f28bd9b6b430b851631cc8cd1cf658

HTTP Headers

GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1c1f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 19 Oct 2024 22:58:57 GMT
age: 3330114
x-served-by: cache-lga21931-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 5, 209085
x-timer: S1729378738.800444,VS0,VE0
vary: Accept-Encoding
content-length: 3063
X-Firefox-Spdy: h2

ciimawbas.mycima.cc/templates/echo/css/bootstrap.min.css

104.26.0.218

200 OK

121 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/css/bootstrap.min.css
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
ASCII text, with very long lines (65366)
Size
121 kB (121247 bytes)
Hash
c9d317002dc0bde5bd228cc2eda74972
2524e48df454d491928e9e19b88292d87eddcf79
a4864a1dc26c66b5c9c0091afd5d9c5b52709bc023b66b5a3c6fe9e38af6e506

HTTP Headers

GET /templates/echo/css/bootstrap.min.css HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: text/css
last-modified: Sat, 29 Oct 2022 13:48:48 GMT
etag: W/"635d2f40-1d99f"
expires: Fri, 25 Oct 2024 21:39:58 GMT
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
pragma: public
content-encoding: gzip
cf-cache-status: HIT
age: 2077803
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgSW9YMKR1oFxJjSgKXdgr0jh95pvFgB4ZrRymMP2KTEYmSfcRgj519vwVPfD9CkRhvaiyY5pbuSxYHj0vRdyRplBfbHE4TUC6dUhr14XucQvfJYTlVcwU4%2FUQNUva9mCq6Snic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460329f8a0b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.26.0.218

200 OK

12 kB

URL GET HTTP/3
ciimawbas.mycima.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 12:41:59 GMT
etag: W/"670fb497-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9E%2BMKAuPh4sGMf5ItrXSYT%2BAf0reNxmOsR%2F4xbsgd7yDWaG%2FfsQcAmNxA584NwthLzjVTxPxG3TcF1%2Bpa88oi3mER5NWAtVgITtciargXirEYG95ZZjQiKXYPnm9wrfxv61hVB4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d546032efeb0b59-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 22:58:57 GMT
cache-control: max-age=172800, public
content-encoding: gzip

augailou.com/?rb=RCuc-eh6k2nlV07ZRmy63P-CCDwUehEuy3MHT4C-buJ2VkyxJzq2wwvps_k8H8_WaGcx7Zzt0ORgyzwAn7hTcs93mbd1H3mjYjIbf_Cv9wWiJSAycqk2kfNzwS0jMloN_9EIIyBy9K3Kid56GdSArqZMnYHP475ky9DFZzpKIGz29-gJtIySYwsYmYtA3OzxlgAGB-oYbLouXXZvEcxRSOXZ3ZcxMS72ST0wRD8d5TCm-0Xi&request_ab2=0&zoneid=6205538&js_build=iclick-v1.978.12-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fciimawbas.mycima.cc%2Fwatch.php%3Fvid%3D34051d987&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=1&wgl=&js_build=iclick-v1.978.12-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=3ebeaab9-00ac-4ab9-b04e-0184e5f83bb6&wasm=1&userId=0080fadeef2a4664e068efcf82de11e1&m=link

139.45.197.243

200 OK

2.3 kB

URL GET HTTP/2
augailou.com/?rb=RCuc-eh6k2nlV07ZRmy63P-CCDwUehEuy3MHT4C-buJ2VkyxJzq2wwvps_k8H8_WaGcx7Zzt0ORgyzwAn7hTcs93mbd1H3mjYjIbf_Cv9wWiJSAycqk2kfNzwS0jMloN_9EIIyBy9K3Kid56GdSArqZMnYHP475ky9DFZzpKIGz29-gJtIySYwsYmYtA3OzxlgAGB-oYbLouXXZvEcxRSOXZ3ZcxMS72ST0wRD8d5TCm-0Xi&request_ab2=0&zoneid=6205538&js_build=iclick-v1.978.12-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fciimawbas.mycima.cc%2Fwatch.php%3Fvid%3D34051d987&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=1&wgl=&js_build=iclick-v1.978.12-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=3ebeaab9-00ac-4ab9-b04e-0184e5f83bb6&wasm=1&userId=0080fadeef2a4664e068efcf82de11e1&m=link
IP
139.45.197.243:443
ASN
#9002 RETN Limited

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerLet's Encrypt
Subjectaugailou.com
FingerprintE8:70:78:D2:68:99:5B:4E:0C:17:D3:DD:16:E8:31:58:5E:CE:E6:1D
ValidityThu, 12 Sep 2024 05:33:29 GMT - Wed, 11 Dec 2024 05:33:28 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2296), with no line terminators
Size
2.3 kB (2276 bytes)
Hash
f6cbfe9417915f5eb9e219dda8682d0a
c9754983d98d8cc7df2e8a1b24211707a4820125
90d946235641ac91c3d4fcf6801f9744e0264ad60df68a6fd3b87d2a1f163ecc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=RCuc-eh6k2nlV07ZRmy63P-CCDwUehEuy3MHT4C-buJ2VkyxJzq2wwvps_k8H8_WaGcx7Zzt0ORgyzwAn7hTcs93mbd1H3mjYjIbf_Cv9wWiJSAycqk2kfNzwS0jMloN_9EIIyBy9K3Kid56GdSArqZMnYHP475ky9DFZzpKIGz29-gJtIySYwsYmYtA3OzxlgAGB-oYbLouXXZvEcxRSOXZ3ZcxMS72ST0wRD8d5TCm-0Xi&request_ab2=0&zoneid=6205538&js_build=iclick-v1.978.12-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fciimawbas.mycima.cc%2Fwatch.php%3Fvid%3D34051d987&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=1&wgl=&js_build=iclick-v1.978.12-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=3ebeaab9-00ac-4ab9-b04e-0184e5f83bb6&wasm=1&userId=0080fadeef2a4664e068efcf82de11e1&m=link HTTP/1.1
Host: augailou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ciimawbas.mycima.cc
DNT: 1
Connection: keep-alive
Cookie: OAID=0080fadeef2a4664e068efcf82de11e1; oaidts=1729378737
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 19 Oct 2024 22:58:58 GMT
content-type: application/json
x-trace-id: db916aed2bdb053e134274a2fe907f85
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://ciimawbas.mycima.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080fadeef2a4664e068efcf82de11e1; expires=Sun, 19 Oct 2025 22:58:58 GMT; path=/; secure; SameSite=None
oaidts=1729378738; expires=Sun, 19 Oct 2025 22:58:58 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 26 Oct 2024 22:58:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

ciimawbas.mycima.cc/uploads/thumbs/bc9875b92-1.jpg

104.26.0.218

200 OK

38 kB

URL GET HTTP/3
ciimawbas.mycima.cc/uploads/thumbs/bc9875b92-1.jpg
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 720x405, Scaling: [none]x[none], YUV color, decoders should clamp
Size
38 kB (37504 bytes)
Hash
e21340029ff50d649da4211570582f2b
c3af55e2e1e0a5f2172744cd6c36dcf90b3db63c
ec17b1c8448a49730f6b41fed64862b84bbc4b3cd5fd22052d36f02336ab78d8

HTTP Headers

GET /uploads/thumbs/bc9875b92-1.jpg HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D; cf_clearance=mblIJaz_7.UR9ryu4b.US_chZUuxAnhC_U92Iy.kPJE-1729378738-1.2.1.1-Ii4gDYsjIzJ3CchMr84AQO4XyXVjDMBgedArCB0bPmvTBq9PXfQjrr5JToHN4nlszFakSTN_Y5VK9p6CO9xabTupLcYeIx_xTYcwhAOnDzosd8iEXMwn.SeTx9vkrrbDYpwdWzU.nvjmRvLTvzPAjT34GTemB7_jmy.sX7n4rsyTBSYtOVwNNORwWV06kFwXthiqTWgsqUOS26IG._xM16TReLk2mtfgBersjiNb1id3WeT_rW.RU6QiE8ZbRlI6I_L_mQOkUqb1OHUD1f38MI2QLuStvA1OhJjdrkrooOxK752ipKcHtdI1o6rShsMzLH5HgU5OzBT5q9qBpk82mg; prefetchAd_6205538=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:58 GMT
content-type: image/webp
cache-control: max-age=604800, public
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=40949
content-disposition: inline; filename="bc9875b92-1.webp"
etag: W/"633830e5-9ff5"
expires: Sun, 20 Oct 2024 19:08:37 GMT
last-modified: Sat, 01 Oct 2022 12:21:57 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KgzfcOIOrDKRRT2Up%2Bwzjm9i1fv9kb753ngaDaZN%2FwkwWhnfVxV6fAVSzAhRAWlKNZ6DP2B7fEDIuCBlSkf1m3%2BzpAZ2HeX0AL6xwFWjkz16F%2BJ%2FXOdVDFsNLlm2gcIkSuj%2B9ro%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d54603bbfbc0b59-OSL
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/templates/echo/js/melody.emoji.js

104.26.0.218

200 OK

175 kB

URL GET HTTP/3
ciimawbas.mycima.cc/templates/echo/js/melody.emoji.js
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type

Size
175 kB (175223 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /templates/echo/js/melody.emoji.js HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: application/javascript
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
cf-bgj: minify
cf-polished: origSize=175872
etag: W/"635d2f41-2af00"
expires: Fri, 25 Oct 2024 21:40:06 GMT
last-modified: Sat, 29 Oct 2022 13:48:49 GMT
pragma: public
cf-cache-status: HIT
age: 2077746
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jgq%2FG%2BWwvWvNKTaGAbwF40ExusQC%2BmXuWVbNUNy%2BDN%2B32yFiRxotWFTk1jP%2FR6WRLlSM4MdLCYFTcGjM0SM5SXggurj8NfAYe1gufIMm0f8K1ZdaDTcBjb7Mf69TScCvkeOTIWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d5460366b590b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ciimawbas.mycima.cc/include/securimage_show.php?sid=fcab519e0659c396d13d8a52ed49580e

104.26.0.218

200 OK

2.8 kB

URL GET HTTP/3
ciimawbas.mycima.cc/include/securimage_show.php?sid=fcab519e0659c396d13d8a52ed49580e
IP
104.26.0.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ciimawbas.mycima.cc/watch.php?vid=34051d987
Certificate
IssuerGoogle Trust Services
Subjectmycima.cc
Fingerprint0D:2D:A4:9C:B4:64:17:36:7E:EA:F3:FE:23:DF:D8:34:49:82:08:7B
ValidityTue, 17 Sep 2024 06:32:11 GMT - Mon, 16 Dec 2024 06:32:10 GMT

File type
PNG image data, 158 x 35, 8-bit/color RGB, non-interlaced
Size
2.8 kB (2819 bytes)
Hash
98aa0711f1800a44f231d6f4e6623932
63573c98f3028890ac46651b016e13f06cb5dfed
16d989679863ec87b937baf9f5b670252e26b7b3d050ad368e2c7cdfa724641f

HTTP Headers

GET /include/securimage_show.php?sid=fcab519e0659c396d13d8a52ed49580e HTTP/1.1
Host: ciimawbas.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ciimawbas.mycima.cc/watch.php?vid=34051d987
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1aa993a3d9013e8ef90d444fae5f0f26; watched_video_list=OTQ2MA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Oct 2024 22:58:57 GMT
content-type: image/png
vary: Accept-Encoding, Accept-Encoding
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
pragma: no-cache, public
x-varnish: 287083930
via: 1.1 varnish-v4
x-cache: MISS
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlTfxM6GDsYlaoSz%2BW6egEPEFqn2jNAbE4CSkhWGGdbcPWB7PB8jN7i4OTdKBM3QfojqEIk5DqetmPmE7eEZIGcfQUmgNeUZwCqSwDDDJzMcTT8ybyLxlMmMGgh95mniOpzj%2Bzo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 8d546032bfb90b59-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

JavaScript (78)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by