Report - mail.mycima.cc/play.php?vid=9ccd11855

Report Overview

Visited public
2023-12-06 22:00:51
Tags
URL
mail.mycima.cc/play.php?vid=9ccd11855
Finishing URL
mail.mycima.cc/play.php?vid=9ccd11855
IP / ASN
195.3.220.45
#201814 Meverywhere sp. z o.o.
Title
مسلسل The Vampire Diaries الموسم الخامس الحلقة 11 الحادية عشر مترجم

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
i.ibb.co	13485	2010-07-20	2018-11-25 11:13:48	2023-12-06 17:22:25	433 B	5.5 kB	162.19.58.161
arglingpistole.com	unknown	2023-08-16	2023-08-29 18:12:39	2023-11-05 19:19:38	415 B	1.1 kB	23.109.248.169
cimastream.xyz	unknown	unknown	No data	No data	4.2 kB	2.8 MB	172.67.159.19
goomaphy.com	unknown	2022-07-21	2022-07-22 21:39:03	2023-12-03 15:39:40	3.4 kB	94 kB	139.45.197.239
augailou.com	unknown	2022-12-12	2022-12-12 14:30:37	2023-11-26 18:05:47	1.5 kB	76 kB	139.45.197.243
tzegilo.com	unknown	2022-01-14	2022-01-14 16:27:15	2023-12-06 18:04:12	409 B	20 kB	172.67.193.52
mail.mycima.cc	unknown	unknown	No data	No data	27 kB	1.4 MB	195.3.220.45
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-12-06 06:43:40	428 B	3.6 kB	151.101.66.137
w26.my-cima.net	unknown	2021-11-09	2023-09-30 01:48:31	2023-11-26 08:35:26	896 B	34 kB	195.3.220.45
offerimage.com	304078	2019-06-10	2019-06-10 13:11:53	2023-12-06 16:02:14	916 B	27 kB	104.22.33.172
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-06 07:08:39	917 B	24 kB	142.250.74.106
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-06 08:09:09	442 B	34 kB	142.250.74.74
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-12-06 13:13:13	473 B	743 B	139.45.195.8
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-06 07:40:41	902 B	132 kB	142.250.74.168
netdna.bootstrapcdn.com	3413	2012-05-25	2012-09-07 17:11:00	2023-12-05 20:13:28	1.5 kB	126 kB	104.18.11.207
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-06 07:50:48	1.6 kB	65 kB	216.58.207.227
qfilm2rfewecvbrui743wjfvjnvjsd2ldkjof9432jfsdkjjksd8932knmkv.liiivideo.com	unknown	unknown	No data	No data	3.0 kB	4.4 MB	46.4.244.54
fleraprt.com	unknown	2022-01-14	2022-01-14 23:55:14	2023-12-06 21:08:54	537 B	482 B	139.45.195.254

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-06 22:00:35	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:35	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:35	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:39	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:39	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:40	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-06 22:00:40	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-06	medium	goomaphy.com	Sinkholed
2023-12-06	medium	fleraprt.com	Sinkholed
2023-12-06	medium	goomaphy.com	Sinkholed
2023-12-06	medium	goomaphy.com	Sinkholed
2023-12-06	medium	augailou.com	Sinkholed
2023-12-06	medium	augailou.com	Sinkholed
2023-12-06	medium	goomaphy.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (47)

	URL	From	Size	First Seen	Last Seen
	mail.mycima.cc/js/bootstrap-notify.min.js	ScriptElement	8.2 kB	2023-03-07	2025-04-25
Pretty URL mail.mycima.cc/js/bootstrap-notify.min.js IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-04-25 00:46 Times Seen179 Hash 5ba070af9d1b1a2782851940de30879f d33390fc88bf68bd23eb182d7dbc77f5227081b2 a13a07b242c80b57e0cbbacc6cfedb538d4d331ff1f9dff370519ec57407e450 Loading...

	mail.mycima.cc/templates/3arbserv/js/jquery.plugins.b.js	ScriptElement	9.5 kB	2023-03-07	2025-04-25
Pretty URL mail.mycima.cc/templates/3arbserv/js/jquery.plugins.b.js IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-04-25 00:46 Times Seen55 Hash 443045e7fcb603ba92e473b0ec11d2b2 8d9dd41c01b0f2738d6bd1a3984095570bbeb0df 8084ff37c531acc28e0fa45ecb19d9a3c846a91f1b2e101801a9dada0cd31702 Loading...

	cimastream.xyz/embed-n2b52dw3uezr.html	ScriptElement	0 B	0001-01-01	2025-05-08
Pretty URL cimastream.xyz/embed-n2b52dw3uezr.html IP 172.67.159.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-08 05:15 Times Seen4629453 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	mail.mycima.cc/play.php?vid=9ccd11855	ScriptElement	926 B	2024-08-20	2024-08-20
Pretty URL mail.mycima.cc/play.php?vid=9ccd11855 IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:32 Last Seen2024-08-20 16:32 Times Seen1 Hash ab8b768bf423c984d8b77c42fc387b9f b3f95c75ed4d4bff8a429565be473a3412a5b843 b7d16d8365836ed655105a29b1bcc6ccc24faa5368f1c74d8309231ba154a50f Loading...

	mail.mycima.cc/templates/3arbserv/js/theme.js	ScriptElement	45 kB	2023-03-07	2025-04-25
Pretty URL mail.mycima.cc/templates/3arbserv/js/theme.js IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-04-25 00:46 Times Seen51 Hash d8176b4cb2798d51558fe707c55d7fbb 2d49a0b8afb91121d20469c210566fb8d21e82d6 497a2c9b733f23e5ec7ba08698be68a7cc7c121213e78be6a9db5ceb3943b8c9 Loading...

	mail.mycima.cc/templates/3arbserv/js/jquery.readmore.js	ScriptElement	3.4 kB	2023-03-07	2025-04-25
Pretty URL mail.mycima.cc/templates/3arbserv/js/jquery.readmore.js IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-04-25 00:46 Times Seen61 Hash 081fe3d90aad9b9f11e4b1c0569530df ff566498ce6f25f4a3b28c0e2bb92b6b86fea6ed 98e825583e6fb4f7e8a65f9063fb7ea2d34aee8f9aa480dfee285ea27f4fca02 Loading...

	mail.mycima.cc/play.php?vid=9ccd11855	ScriptElement	1.8 kB	2023-04-07	2025-04-11
Pretty URL mail.mycima.cc/play.php?vid=9ccd11855 IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 18:47 Last Seen2025-04-11 21:47 Times Seen69 Hash f48799c490867e10bf3fff06b38a3657 06d3e0bf82b5259b96e54c501ca2fb9b1f503ebf 5936461d2e0d0feabaae55dda4e14f6e68fe759a2a8ef4350b5de96be8a111ac Loading...

	mail.mycima.cc/play.php?vid=9ccd11855	ScriptElement	426 B	2024-08-20	2024-08-20
Pretty URL mail.mycima.cc/play.php?vid=9ccd11855 IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:32 Last Seen2024-08-20 16:32 Times Seen1 Hash 58b9443ca33863ca77a15520026825b8 b6e19f5baf9968e75480b0fbc88e9e7b16caad3b 765fc09d9b824891af872bdb26dd91d40dde756d69394e8194f204898be96858 Loading...

	mail.mycima.cc/templates/3arbserv/js/jquery.plugins.a.js	ScriptElement	9.8 kB	2023-03-07	2025-04-25
Pretty URL mail.mycima.cc/templates/3arbserv/js/jquery.plugins.a.js IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-04-25 00:46 Times Seen55 Hash d30d39ea7362e56afcdb14c1919e36b6 3d8ad768ea89003210bea45e8aacd038bae1ecf1 a01674489d3ae093a5909246b27d46e09a6f49bc6834094f5febfa056910e0e5 Loading...

	unknown	EventHandler	0 B	0001-01-01	2025-05-08
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-08 05:15 Times Seen4629453 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	mail.mycima.cc/play.php?vid=9ccd11855	ScriptElement	424 B	2023-03-14	2024-08-21
Pretty URL mail.mycima.cc/play.php?vid=9ccd11855 IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 09:22 Last Seen2024-08-21 08:04 Times Seen26 Hash 46b256492e5a9113be7522341c978ed3 31fe4598ef6ff326b0a3ad2c24e9e1aa0f952f16 3a523495841a30353a9e39aadae46c8e687b1e82e7380b1c2259fc76ba8439fd Loading...

	cimastream.xyz/js/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-05-08
Pretty URL cimastream.xyz/js/jquery.min.js IP 172.67.159.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-08 05:10 Times Seen205360 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	cimastream.xyz/js/localstorage-slim.js	ScriptElement	2.1 kB	2023-03-07	2025-04-26
Pretty URL cimastream.xyz/js/localstorage-slim.js IP 172.67.159.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42 Last Seen2025-04-26 08:58 Times Seen582 Hash f6784d7271569579cbc7e508fddb3fbb 61be0722316952e865893972791486e26961cdda 96f2f3c87be4a0582def1b5e1e9e19aa0529adb7fd9277cede56c1eefd906d01 Loading...

	tzegilo.com/stattag.js	ScriptElement	19 kB	2023-09-07	2024-08-21
Pretty URL tzegilo.com/stattag.js IP 172.67.193.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-07 20:07 Last Seen2024-08-21 07:20 Times Seen2395 Hash 89e89aea544ea2785d49cc4cd9cf26f6 7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b 86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9 Loading...

	mail.mycima.cc/play.php?vid=9ccd11855	ScriptElement	176 B	2023-08-25	2024-10-23
Pretty URL mail.mycima.cc/play.php?vid=9ccd11855 IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-25 21:17 Last Seen2024-10-23 22:55 Times Seen79 Hash a604d1494e55df24ad7c62a30cc0f058 baec845d909270888dbcde8945d9ed24c8b53fba 5ed57bccec3ae6d6233648e109470a51ab1afb262a3daf1d177aaf86b8a86b19 Loading...

	mail.mycima.cc/js/jquery.typewatch.js	ScriptElement	1.7 kB	2023-03-07	2025-04-28
Pretty URL mail.mycima.cc/js/jquery.typewatch.js IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12 Last Seen2025-04-28 03:03 Times Seen102 Hash 6915a93382a7b35f40987fd648b43f9d b78c77cc774594df414a7b1fb99c28083d85bb80 1836dba8922ca00f9ac170122f314b2cd7bbb2eba09c73d8bce215597bd9cd2b Loading...

	mail.mycima.cc/play.php?vid=9ccd11855	ScriptElement	3.5 kB	2023-03-07	2025-04-11
Pretty URL mail.mycima.cc/play.php?vid=9ccd11855 IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:15 Last Seen2025-04-11 21:47 Times Seen118 Hash c3d5e7ae44ebf7eec435c9325b6f676f 8b6342ac0b9b097678cb23ae693917b91090b944 6dab04cf1ed42a5675ee85fc766f21ccf9386c3e61f9081987b6de3ec7e7f23b Loading...

	augailou.com/5/6205538	ScriptElement	72 kB	2023-12-06	2023-12-06
Pretty URL augailou.com/5/6205538 IP 139.45.197.243 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 23:00 Last Seen2023-12-06 23:01 Times Seen1 Hash 98139d7a111219afb620cecf18a28daa a8cee4afaa316cfed4453d634275920004f30ffd 293eb896e4a48cf41e17ea03c966c9c49379354a6eaed36fa4ff5dba27f6a0a3 Loading...

	mail.mycima.cc/templates/3arbserv/js/melody.dev.js	ScriptElement	8.0 kB	2023-03-07	2025-04-25
Pretty URL mail.mycima.cc/templates/3arbserv/js/melody.dev.js IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-04-25 00:46 Times Seen55 Hash c3bde81760af5b3df4d0c56ba06a0fca ecf2f46def386ad8f62fad28edc36c8440f339cc c6f149f7dcbe38ff7b1391b1fab3462f06309f79df7bf9135ba1e75b13189af8 Loading...

	mail.mycima.cc/play.php?vid=9ccd11855	ScriptElement	190 B	2023-03-07	2025-04-11
Pretty URL mail.mycima.cc/play.php?vid=9ccd11855 IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:01 Last Seen2025-04-11 21:47 Times Seen139 Hash 29727d13fa2a206a7cc92a101c29ab33 647b9b2f5532aaee7217e70850589ad673938fcb 42ee5f253d773ac3a83d1fc0d0f922a4c502f66dddfb591593129586c4f2725a Loading...

	mail.mycima.cc/play.php?vid=9ccd11855	ScriptElement	1.8 kB	2023-03-07	2025-04-11
Pretty URL mail.mycima.cc/play.php?vid=9ccd11855 IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:01 Last Seen2025-04-11 21:47 Times Seen133 Hash 7bc2250f798e8dd30269772ee8cf4599 3fb3ed5ea1a5c052fa3c26e45d4abd3e722b9700 cda4eff9500a8b16f33a54c6cd1ce7d2ec3bf66cecddb63d9c736078916c5035 Loading...

	cimastream.xyz/embed-n2b52dw3uezr.html	ScriptElement	0 B	0001-01-01	2025-05-08
Pretty URL cimastream.xyz/embed-n2b52dw3uezr.html IP 172.67.159.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-08 05:15 Times Seen4629453 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	mail.mycima.cc/templates/3arbserv/js/jasny-bootstrap.min.js	ScriptElement	20 kB	2023-03-07	2025-05-03
Pretty URL mail.mycima.cc/templates/3arbserv/js/jasny-bootstrap.min.js IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-05-03 14:30 Times Seen200 Hash f6b6e524d29d54ada53e4172b9d91cf7 427153c7a2d83d2ca800e397779f29b857801ad2 e7ad856551c720cb7c6a24a8bf4a9d6b6b24c24f07109cde96366338e53a4ff8 Loading...

	goomaphy.com/401/6219621	ScriptElement	89 kB	2023-12-06	2023-12-06
Pretty URL goomaphy.com/401/6219621 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 23:00 Last Seen2023-12-06 23:01 Times Seen1 Hash f416916d1ce7341bbcf905314afcfb94 7e269df003845d3e677d11df647ab42e49943e15 5265ff43e45796f202fb6b3cb6aa73668734bab4f9d3a8fa67b9f6eb33d5293d Loading...

	mail.mycima.cc/play.php?vid=9ccd11855	ScriptElement	1.4 kB	2023-03-07	2025-04-11
Pretty URL mail.mycima.cc/play.php?vid=9ccd11855 IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:12 Last Seen2025-04-11 21:47 Times Seen83 Hash 48b383db8c4b689d51c7fe7520af1108 464dbc35d23e717068b6c71c46c7e267bf8bf3c4 e23346daaea4662b4e261ddc679f7ef3e914155a66fc2ded5802809568638553 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js	ScriptElement	96 kB	2023-03-07	2025-05-08
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-08 00:06 Times Seen8442 Hash f03e5a3bf534f4a738bc350631fd05bd 37b1db88b57438f1072a8ebc7559c909c9d3a682 aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Loading...

	mail.mycima.cc/play.php?vid=9ccd11855	ScriptElement	291 B	2023-03-07	2025-04-15
Pretty URL mail.mycima.cc/play.php?vid=9ccd11855 IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:59 Last Seen2025-04-15 09:26 Times Seen155 Hash 0b5c6ecfd31b214438c017f7840cab7d 5b0d464bbab33735e654f6d0b47dd2bcd47f8e5c e0d679f66eea8fae589016f89ff238618cabb4b802add68fcbf4d70498356ea1 Loading...

	mail.mycima.cc/play.php?vid=9ccd11855	ScriptElement	216 B	2023-03-07	2025-04-15
Pretty URL mail.mycima.cc/play.php?vid=9ccd11855 IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:59 Last Seen2025-04-15 09:26 Times Seen174 Hash 901d05a394689754b24c53a14ff0bb94 16e6750d0db26beda439d20147af2cdf6ee85f6c c8d34bfa528cee7507080fac65baab9a6eacb046b4c097cc3201ff3bba0d09c1 Loading...

	www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID	ScriptElement	114 kB	2023-12-06	2023-12-06
Pretty URL www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 23:00 Last Seen2023-12-06 23:01 Times Seen1 Hash b2879a403e63dcfc26005653e866c8a9 7429fefed8a19ee6b7fd20a3607d6a08de14e22a 7228e6858bf9e791955d0a6095ba03abe211acffbb1e3f5b4adc86821d23eb0d Loading...

	cimastream.xyz/player/jw8/jwplayer.core.controls.js	ScriptElement	333 kB	2024-08-20	2024-08-20
Pretty URL cimastream.xyz/player/jw8/jwplayer.core.controls.js IP 172.67.159.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:32 Last Seen2024-08-20 16:32 Times Seen1 Hash 9e245d5e3c67df5975038dd9ae3237f5 48702927e5ff72e231fde9f64d14a7a76c655299 c3b7aefeecfb026d1435a87aaa059ab1683eda28b4d60796abc2a2c7f2d1f9ac Loading...

	mail.mycima.cc/play.php?vid=9ccd11855	ScriptElement	439 B	2023-03-07	2025-04-15
Pretty URL mail.mycima.cc/play.php?vid=9ccd11855 IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:59 Last Seen2025-04-15 09:26 Times Seen173 Hash 86a6965e541a781a37d669b260561c55 d507b1712d0947c35ca109d78453ad0706543594 d08064727885699b455486366ac7a1b6e9e298d7cb1d94d4e491088d0bb8ab94 Loading...

	cimastream.xyz/js/xupload.js	ScriptElement	8.1 kB	2023-12-06	2024-12-21
Pretty URL cimastream.xyz/js/xupload.js IP 172.67.159.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 18:00 Last Seen2024-12-21 14:29 Times Seen12 Hash f85a6777bbb74bb5b72ccfea285f9005 ad87151d620b7b7cfafe4407eebcebf4905ee7c3 1437381d99e32df5894eeda46ebf09c4bdbb5088f8fe37b28a21de6fe2efa9bc Loading...

	arglingpistole.com/1clkn/55455	ScriptElement	6 B	2023-03-07	2025-05-08
Pretty URL arglingpistole.com/1clkn/55455 IP 23.109.248.169 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-08 04:25 Times Seen12471 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js	ScriptElement	32 kB	2023-03-07	2025-05-06
Pretty URL netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-06 22:33 Times Seen2943 Hash abda843684d022f3bc22bc83927fe05f 26908395e7a9a4eab607d80aa50a81d65f3017cb 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f Loading...

	mail.mycima.cc/play.php?vid=9ccd11855	ScriptElement	5.3 kB	2023-03-07	2025-04-11
Pretty URL mail.mycima.cc/play.php?vid=9ccd11855 IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:01 Last Seen2025-04-11 21:47 Times Seen158 Hash 5d0f0b5b79e9f10c796e8a416e57dd2d acca3a159098bbc8a6313d6f496cfeef362c3171 452c276bbd878d6970a8f3a2b5ebea89fcc866c5aa58e5e56afcdc9c53c2b78f Loading...

	cimastream.xyz/js/jquery.cookie.js	ScriptElement	990 B	2023-03-07	2024-10-23
Pretty URL cimastream.xyz/js/jquery.cookie.js IP 172.67.159.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05 Last Seen2024-10-23 20:31 Times Seen169 Hash 532e8df5fdcf8bb2ac1a2cf408a9599d 0b8de3b1b4e1167693c51f461c8dc3c733602d52 39c8dcfca47db5df9169e58c7411bc8ffcc668d19686824c378a9b14351f04c8 Loading...

	cimastream.xyz/player/jw8/jwplayer.js?v=3	ScriptElement	121 kB	2023-12-06	2023-12-06
Pretty URL cimastream.xyz/player/jw8/jwplayer.js?v=3 IP 172.67.159.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 23:00 Last Seen2023-12-06 23:01 Times Seen1 Hash 767ac1457163550aa23b4fdf78c1c8a4 cc6770ef0988a4aa03a1d3996ac3aaabe3019f17 9b727eef94489ae13ea6f53a25e26e866f24ccc4f989ef3f33569554b59d1378 Loading...

	cimastream.xyz/embed-n2b52dw3uezr.html	ScriptElement	0 B	0001-01-01	2025-05-08
Pretty URL cimastream.xyz/embed-n2b52dw3uezr.html IP 172.67.159.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-08 05:15 Times Seen4629453 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	mail.mycima.cc/play.php?vid=9ccd11855	ScriptElement	850 B	2023-03-13	2025-04-11
Pretty URL mail.mycima.cc/play.php?vid=9ccd11855 IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 17:01 Last Seen2025-04-11 17:45 Times Seen46 Hash c070828794e3692be0a52440af066ad7 a22ab13f7ad1693710e700a1e4af7b0b9a5d13c0 ef97c53f57f9b726c0bdc02f4fb9bb0e6e8d0e9f37f3c24d3f913abcc06ae14b Loading...

	mail.mycima.cc/play.php?vid=9ccd11855	ScriptElement	686 B	2023-03-12	2025-04-10
Pretty URL mail.mycima.cc/play.php?vid=9ccd11855 IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 20:33 Last Seen2025-04-10 19:20 Times Seen10 Hash 8e3e44506796956c9a0a36c1e016e595 77bdf0003f80f77027b61e073c892fa7430a1ae1 46042706d6bf00c6739c4f2627626abeafb83cf634611f70ab422716e4d06344 Loading...

	code.jquery.com/jquery-migrate-1.2.1.min.js	ScriptElement	7.2 kB	2023-03-07	2025-05-07
Pretty URL code.jquery.com/jquery-migrate-1.2.1.min.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 22:53 Times Seen4910 Hash eb05d8d73b5b13d8d84308a4751ece96 743052320809514fb788fe1d3df37fc87ce90452 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d Loading...

	mail.mycima.cc/js/melody.dev.js	ScriptElement	23 kB	2023-03-07	2025-05-03
Pretty URL mail.mycima.cc/js/melody.dev.js IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12 Last Seen2025-05-03 14:30 Times Seen126 Hash e238acf58475d3cdb95d614582134b24 b13c1da1f5254cb14f4f187bd5174ed0feb08a23 f3a4cbf3a8090b121a0d6d6dd8feda9f92831cdb5a070a7eb9ef58234c1f4eab Loading...

	cimastream.xyz/player/jw8/provider.hlsjs.js	ScriptElement	386 kB	2023-04-20	2024-08-21
Pretty URL cimastream.xyz/player/jw8/provider.hlsjs.js IP 172.67.159.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-20 03:08 Last Seen2024-08-21 07:08 Times Seen16 Hash 19342ddc90d56def012d0dc8cdf237b5 c63641167d8a3a9ec0e7c71503dc6c532087bf7f 2bba97f1106355e6a26d675c92203b8224198ae00116cd46021a71785e5234a5 Loading...

	mail.mycima.cc/play.php?vid=9ccd11855	ScriptElement	160 B	2023-03-07	2025-03-22
Pretty URL mail.mycima.cc/play.php?vid=9ccd11855 IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:12 Last Seen2025-03-22 06:46 Times Seen57 Hash a33472397f886fcb3563c05e3d3b2a3e 69a1391e6eb1b5a70ebf9cd6cb75140f7d52b31f 2e05173f926dcf805c7ad1a037cd22d1c0151fe1b06d766dced7c7b0466148f8 Loading...

	mail.mycima.cc/templates/3arbserv/js/jquery.cropit.js	ScriptElement	28 kB	2023-03-07	2025-05-03
Pretty URL mail.mycima.cc/templates/3arbserv/js/jquery.cropit.js IP 195.3.220.45 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01 Last Seen2025-05-03 14:30 Times Seen230 Hash cd82e0edbcecf087be901e8e7ed0d035 2cedce9f87501152efa36eb1949d95c0ca4ff200 b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840 Loading...

	www.googletagmanager.com/gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c	ScriptElement	250 kB	2023-12-06	2023-12-06
Pretty URL www.googletagmanager.com/gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 23:00 Last Seen2023-12-06 23:01 Times Seen1 Hash 70e1d17c523cf435351f65e6b7912ed3 574d591ed6194de6a12d570c1a0a67ea23fb2f96 f5470a6bd0eb5370dee6843cebc245eb62003d66a111e554986b2c34aa8461b3 Loading...

		Size	First Seen	Last Seen
	#1 Eval - aa16303022c3610d3362e80dc412706d	5.5 kB	2024-08-20 16:32	2024-08-20 16:32
Pretty Observations First Seen2024-08-20 16:32 Last Seen2024-08-20 16:32 Times Seen1 Hash aa16303022c3610d3362e80dc412706d ff330567d23fe1c0a895f6d4fc2c83e1091fac87 ece0804fcc712ff9274a70c17625fb48905f0256c30a113f3f9f7612d2c4fd2e Loading...

HTTP Transactions (90)

URL IP Response Size

mail.mycima.cc/play.php?vid=9ccd11855

195.3.220.45

200 OK

126 kB

URL User Request GET HTTP/1.1
mail.mycima.cc/play.php?vid=9ccd11855
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1430), with CRLF, LF line terminators
Size
126 kB (126516 bytes)
Hash
79c0a5b86ab36529d33e603b73a18cc3
1e5a530d7718eb4c5238665fb1116bd3b1a2ebfd
bf82ee2d3b753205d9991bc2527c0d9bcb3809d6f297f2eff0d56b6be161f01f

HTTP Headers

GET /play.php?vid=9ccd11855 HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; path=/
watched_video_list=ODg3; expires=Thu, 07-Dec-2023 22:00:31 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding

mail.mycima.cc/templates/3arbserv/css/bootstrap.min.css

195.3.220.45

200 OK

121 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/css/bootstrap.min.css
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
ASCII text, with very long lines (65360), with CRLF line terminators
Size
121 kB (121253 bytes)
Hash
057c5534becfdb2d50350cbacfb8fa8c
aee8eea23cc9ade1f7e3de672f57a9f79e9e1516
00cce1553100d450fad1142957e5a2c793a1c5ba7877f5a119c704eb6acc1313

HTTP Headers

GET /templates/3arbserv/css/bootstrap.min.css HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/css
Content-Length: 121253
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2019 09:05:50 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:32 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

mail.mycima.cc/templates/3arbserv/css/custom2.css?v=2

195.3.220.45

200 OK

42 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/css/custom2.css?v=2
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
ASCII text, with very long lines (6169), with CRLF line terminators
Size
42 kB (42362 bytes)
Hash
182b715de3f603e8ba4afcbb23998151
195778efe8fbb7292c2bb88fdcf1e74eef6f3653
7b7bf629e95f70350aef2045f55c58e43871de5a1c66f01022e61ee47cefa497

HTTP Headers

GET /templates/3arbserv/css/custom2.css?v=2 HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/css
Content-Length: 42362
Connection: keep-alive
Last-Modified: Tue, 18 Oct 2022 08:12:37 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:32 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

code.jquery.com/jquery-migrate-1.2.1.min.js

151.101.66.137

200 OK

3.1 kB

URL GET HTTP/2
code.jquery.com/jquery-migrate-1.2.1.min.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7085)
Size
3.1 kB (3063 bytes)
Hash
eb05d8d73b5b13d8d84308a4751ece96
743052320809514fb788fe1d3df37fc87ce90452
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

HTTP Headers

GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1c1f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 06 Dec 2023 22:00:32 GMT
age: 6996236
x-served-by: cache-lga21931-LGA, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 26, 187330
x-timer: S1701900033.696422,VS0,VE0
vary: Accept-Encoding
content-length: 3063
X-Firefox-Spdy: h2

mail.mycima.cc/templates/3arbserv/js/theme.js

195.3.220.45

200 OK

45 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/js/theme.js
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
Unicode text, UTF-8 text, with very long lines (5357), with CRLF line terminators
Size
45 kB (44830 bytes)
Hash
d8176b4cb2798d51558fe707c55d7fbb
2d49a0b8afb91121d20469c210566fb8d21e82d6
497a2c9b733f23e5ec7ba08698be68a7cc7c121213e78be6a9db5ceb3943b8c9

HTTP Headers

GET /templates/3arbserv/js/theme.js HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/javascript
Content-Length: 44830
Connection: keep-alive
Last-Modified: Tue, 23 Apr 2019 08:11:54 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:34 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

mail.mycima.cc/templates/3arbserv/css/jasny-bootstrap.min.css

195.3.220.45

200 OK

14 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/css/jasny-bootstrap.min.css
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
ASCII text, with very long lines (13803), with CRLF line terminators
Size
14 kB (14003 bytes)
Hash
56a224ccaaf1ad3df6ee7dbbc019aeac
2ce1ef76b342a8fafda1e03a62b99be5340812bf
777a9e5bb5d35fd671e5b252c67a0cf462baa8258db145ef6ea7dadf4de4b481

HTTP Headers

GET /templates/3arbserv/css/jasny-bootstrap.min.css HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/css
Content-Length: 14003
Connection: keep-alive
Last-Modified: Wed, 20 Apr 2016 09:46:42 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:32 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

mail.mycima.cc/templates/3arbserv/css/bootstrap.min.rtl.css

195.3.220.45

200 OK

35 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/css/bootstrap.min.rtl.css
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
ASCII text, with very long lines (540), with CRLF line terminators
Size
35 kB (34818 bytes)
Hash
50650996f24f8595aca871946cf4bfc7
7fa88ac85d0f97dcd3c80c62a62dca78aedf73f2
16725d7575da85e45223fc328ae010003775db250fda7bfdec9dc1e1676437a4

HTTP Headers

GET /templates/3arbserv/css/bootstrap.min.rtl.css HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/css
Content-Length: 34818
Connection: keep-alive
Last-Modified: Thu, 14 Apr 2016 08:16:52 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:32 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

mail.mycima.cc/templates/3arbserv/css/echo.rtl.css

195.3.220.45

200 OK

23 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/css/echo.rtl.css
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
ASCII text, with CRLF, LF line terminators
Size
23 kB (22855 bytes)
Hash
133de044f542e50c4a5eae2799e148ac
c028504cf9a957ca86d7f1a06371fdc085deaace
e64aa5acc7482eb1a727ee2962407ce824e6f3cb5e22ceda2f27a0dd72072743

HTTP Headers

GET /templates/3arbserv/css/echo.rtl.css HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/css
Content-Length: 22855
Connection: keep-alive
Last-Modified: Mon, 06 May 2019 06:49:56 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:32 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

mail.mycima.cc/templates/3arbserv/js/jquery.plugins.a.js

195.3.220.45

200 OK

9.8 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/js/jquery.plugins.a.js
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
ASCII text, with very long lines (5325), with CRLF line terminators
Size
9.8 kB (9805 bytes)
Hash
d30d39ea7362e56afcdb14c1919e36b6
3d8ad768ea89003210bea45e8aacd038bae1ecf1
a01674489d3ae093a5909246b27d46e09a6f49bc6834094f5febfa056910e0e5

HTTP Headers

GET /templates/3arbserv/js/jquery.plugins.a.js HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/javascript
Content-Length: 9805
Connection: keep-alive
Last-Modified: Tue, 05 Mar 2019 09:42:54 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:34 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

mail.mycima.cc/js/jquery.typewatch.js

195.3.220.45

200 OK

1.7 kB

URL GET HTTP/1.1
mail.mycima.cc/js/jquery.typewatch.js
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
ASCII text, with very long lines (1440)
Size
1.7 kB (1745 bytes)
Hash
6915a93382a7b35f40987fd648b43f9d
b78c77cc774594df414a7b1fb99c28083d85bb80
1836dba8922ca00f9ac170122f314b2cd7bbb2eba09c73d8bce215597bd9cd2b

HTTP Headers

GET /js/jquery.typewatch.js HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/javascript
Content-Length: 1745
Connection: keep-alive
Last-Modified: Mon, 06 May 2019 13:34:38 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:34 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

mail.mycima.cc/templates/3arbserv/css/animate.min.css

195.3.220.45

200 OK

58 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/css/animate.min.css
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
ASCII text, with very long lines (319)
Size
58 kB (57990 bytes)
Hash
3d0a26b7c254da8c0d297e753ff23f65
877d0bcad6716a05066d9b6dab07e264f631a5f0
f1f0041c0c62f37ee475d174370f574a62afd842055e79a86dc4c722532de6bb

HTTP Headers

GET /templates/3arbserv/css/animate.min.css HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/css
Content-Length: 57990
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2019 08:00:48 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:32 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

mail.mycima.cc/templates/3arbserv/js/melody.dev.js

195.3.220.45

200 OK

8.0 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/js/melody.dev.js
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
ASCII text, with CRLF line terminators
Size
8.0 kB (7961 bytes)
Hash
c3bde81760af5b3df4d0c56ba06a0fca
ecf2f46def386ad8f62fad28edc36c8440f339cc
c6f149f7dcbe38ff7b1391b1fab3462f06309f79df7bf9135ba1e75b13189af8

HTTP Headers

GET /templates/3arbserv/js/melody.dev.js HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/javascript
Content-Length: 7961
Connection: keep-alive
Last-Modified: Tue, 23 Apr 2019 08:11:40 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:35 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

mail.mycima.cc/js/bootstrap-notify.min.js

195.3.220.45

200 OK

8.2 kB

URL GET HTTP/1.1
mail.mycima.cc/js/bootstrap-notify.min.js
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
HTML document, ASCII text, with very long lines (595)
Size
8.2 kB (8216 bytes)
Hash
5ba070af9d1b1a2782851940de30879f
d33390fc88bf68bd23eb182d7dbc77f5227081b2
a13a07b242c80b57e0cbbacc6cfedb538d4d331ff1f9dff370519ec57407e450

HTTP Headers

GET /js/bootstrap-notify.min.js HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/javascript
Content-Length: 8216
Connection: keep-alive
Last-Modified: Mon, 06 May 2019 13:34:38 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:35 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

mail.mycima.cc/js/melody.dev.js

195.3.220.45

200 OK

23 kB

URL GET HTTP/1.1
mail.mycima.cc/js/melody.dev.js
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
ASCII text
Size
23 kB (23108 bytes)
Hash
e238acf58475d3cdb95d614582134b24
b13c1da1f5254cb14f4f187bd5174ed0feb08a23
f3a4cbf3a8090b121a0d6d6dd8feda9f92831cdb5a070a7eb9ef58234c1f4eab

HTTP Headers

GET /js/melody.dev.js HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/javascript
Content-Length: 23108
Connection: keep-alive
Last-Modified: Mon, 06 May 2019 13:34:38 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:35 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

mail.mycima.cc/templates/3arbserv/js/jasny-bootstrap.min.js

195.3.220.45

200 OK

20 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/js/jasny-bootstrap.min.js
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
ASCII text, with very long lines (343)
Size
20 kB (20042 bytes)
Hash
f6b6e524d29d54ada53e4172b9d91cf7
427153c7a2d83d2ca800e397779f29b857801ad2
e7ad856551c720cb7c6a24a8bf4a9d6b6b24c24f07109cde96366338e53a4ff8

HTTP Headers

GET /templates/3arbserv/js/jasny-bootstrap.min.js HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/javascript
Content-Length: 20042
Connection: keep-alive
Last-Modified: Wed, 20 Apr 2016 07:26:54 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:35 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

mail.mycima.cc/templates/3arbserv/js/jquery.plugins.b.js

195.3.220.45

200 OK

9.5 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/js/jquery.plugins.b.js
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
Unicode text, UTF-8 text, with very long lines (5838), with CRLF line terminators
Size
9.5 kB (9535 bytes)
Hash
443045e7fcb603ba92e473b0ec11d2b2
8d9dd41c01b0f2738d6bd1a3984095570bbeb0df
8084ff37c531acc28e0fa45ecb19d9a3c846a91f1b2e101801a9dada0cd31702

HTTP Headers

GET /templates/3arbserv/js/jquery.plugins.b.js HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/javascript
Content-Length: 9535
Connection: keep-alive
Last-Modified: Tue, 05 Mar 2019 09:45:48 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:35 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

mail.mycima.cc/templates/3arbserv/js/jquery.cropit.js

195.3.220.45

200 OK

28 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/js/jquery.cropit.js
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
ASCII text, with very long lines (27266)
Size
28 kB (27578 bytes)
Hash
cd82e0edbcecf087be901e8e7ed0d035
2cedce9f87501152efa36eb1949d95c0ca4ff200
b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840

HTTP Headers

GET /templates/3arbserv/js/jquery.cropit.js HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/javascript
Content-Length: 27578
Connection: keep-alive
Last-Modified: Tue, 07 Mar 2017 13:47:48 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:35 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

mail.mycima.cc/templates/3arbserv/js/jquery.readmore.js

195.3.220.45

200 OK

3.4 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/js/jquery.readmore.js
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
HTML document, ASCII text, with very long lines (531), with CRLF line terminators
Size
3.4 kB (3430 bytes)
Hash
081fe3d90aad9b9f11e4b1c0569530df
ff566498ce6f25f4a3b28c0e2bb92b6b86fea6ed
98e825583e6fb4f7e8a65f9063fb7ea2d34aee8f9aa480dfee285ea27f4fca02

HTTP Headers

GET /templates/3arbserv/js/jquery.readmore.js HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/javascript
Content-Length: 3430
Connection: keep-alive
Last-Modified: Thu, 29 Oct 2015 08:29:54 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:35 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

mail.mycima.cc/templates/3arbserv/css/echo.css

195.3.220.45

200 OK

329 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/css/echo.css
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
ASCII text, with CRLF line terminators
Size
329 kB (329195 bytes)
Hash
ddf860f5b206570261ecc17836030729
ade9251cb8b817c9686a075a15d59f4051e02ddd
992ceb90f0e31207c443dfd7dedcbcb1a0b612d0c9fe851bc838534d035181f7

HTTP Headers

GET /templates/3arbserv/css/echo.css HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: text/css
Content-Length: 329195
Connection: keep-alive
Last-Modified: Fri, 25 Mar 2022 14:00:17 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:32 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

mail.mycima.cc/uploads/avatars/avatar795-1.jpg

195.3.220.45

200 OK

4.8 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/avatars/avatar795-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 120x120, components 3\012- data
Size
4.8 kB (4805 bytes)
Hash
8d40b6ddc977a84433c3df9117e5e5ed
b6502d175ff51f1fa47545cbb7dda578e0197349
34d406af254166de7eaf86cd6754a1a74ea12070ed90d1b9390ed0fce2f10f0f

HTTP Headers

GET /uploads/avatars/avatar795-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: image/jpeg
Content-Length: 4805
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 20:45:32 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 13:58:35 GMT
Accept-Ranges: bytes

mail.mycima.cc/uploads/thumbs/f53ce693d-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/f53ce693d-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/f53ce693d-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:16 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:55 GMT
Accept-Ranges: bytes

mail.mycima.cc/uploads/thumbs/549bb1a1b-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/549bb1a1b-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/549bb1a1b-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:15 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:41 GMT
Accept-Ranges: bytes

mail.mycima.cc/uploads/thumbs/a9f91fd28-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/a9f91fd28-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/a9f91fd28-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:14 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:41 GMT
Accept-Ranges: bytes

mail.mycima.cc/uploads/thumbs/f6403566b-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/f6403566b-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/f6403566b-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:11 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:41 GMT
Accept-Ranges: bytes

www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID

142.250.74.168

200 OK

44 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (2213)
Size
44 kB (44246 bytes)
Hash
b2879a403e63dcfc26005653e866c8a9
7429fefed8a19ee6b7fd20a3607d6a08de14e22a
7228e6858bf9e791955d0a6095ba03abe211acffbb1e3f5b4adc86821d23eb0d

HTTP Headers

GET /gtag/js?id=GA_MEASUREMENT_ID HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 06 Dec 2023 22:00:32 GMT
expires: Wed, 06 Dec 2023 22:00:32 GMT
cache-control: private, max-age=900
last-modified: Wed, 06 Dec 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mail.mycima.cc/uploads/thumbs/8144052bd-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/8144052bd-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/8144052bd-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:19 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:41 GMT
Accept-Ranges: bytes

mail.mycima.cc/uploads/thumbs/9ac2de942-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/9ac2de942-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/9ac2de942-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:18 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:41 GMT
Accept-Ranges: bytes

mail.mycima.cc/uploads/thumbs/d61503d6a-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/d61503d6a-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/d61503d6a-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:16 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:41 GMT
Accept-Ranges: bytes

ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

142.250.74.74

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (32038)
Size
34 kB (33507 bytes)
Hash
f03e5a3bf534f4a738bc350631fd05bd
37b1db88b57438f1072a8ebc7559c909c9d3a682
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

HTTP Headers

GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 02:01:27 GMT
expires: Wed, 04 Dec 2024 02:01:27 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 158345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mail.mycima.cc/uploads/thumbs/4a49f12fa-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/4a49f12fa-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/4a49f12fa-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:17 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:41 GMT
Accept-Ranges: bytes

i.ibb.co/QHn7LZh/images.png

162.19.58.161

200 OK

5.2 kB

URL GET HTTP/2
i.ibb.co/QHn7LZh/images.png
IP
162.19.58.161:443
ASN
#16276 OVH SAS

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectibb.co
FingerprintCC:72:96:95:90:7F:15:8E:AC:C5:40:3A:D2:6F:83:A3:DF:5E:72:56
ValidityMon, 09 Oct 2023 14:39:49 GMT - Sun, 07 Jan 2024 14:39:48 GMT

File type
PNG image data, 348 x 145, 8-bit colormap, non-interlaced\012- data
Size
5.2 kB (5175 bytes)
Hash
a766d8c1a622eaf6f8c61923eb7b2ffa
0451f3b28a9d3ba5e86db5bf84647b2695d281df
c4708018079d00eb69f9401ede6757ad56d2debe193c0e2e5490229d5c4db8ea

HTTP Headers

GET /QHn7LZh/images.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 22:00:33 GMT
content-type: image/png
content-length: 5175
last-modified: Mon, 16 Oct 2023 14:16:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

mail.mycima.cc/uploads/thumbs/31040b402-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/31040b402-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/31040b402-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:14 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:41 GMT
Accept-Ranges: bytes

mail.mycima.cc/uploads/thumbs/ae042c317-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/ae042c317-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/ae042c317-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:12 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:41 GMT
Accept-Ranges: bytes

mail.mycima.cc/uploads/thumbs/25878a6a1-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/25878a6a1-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/25878a6a1-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:14 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:55 GMT
Accept-Ranges: bytes

w26.my-cima.net/uploads/articles/369b4163.jpg

195.3.220.45

200 OK

31 kB

URL GET HTTP/1.1
w26.my-cima.net/uploads/articles/369b4163.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x450, components 3\012- data
Size
31 kB (31228 bytes)
Hash
dbfb934d118b4e1235e55ce22039f5ee
fdfd087cff4a8c088c1a4f1860d370f7ca8c76d3
4d565b70c64a8d4241a58aea5e22c9a565280f8e2e65f421946f529c0fa94cbb

HTTP Headers

GET /uploads/articles/369b4163.jpg HTTP/1.1
Host: w26.my-cima.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: image/jpeg
Content-Length: 31228
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:21 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:36:51 GMT
Accept-Ranges: bytes

mail.mycima.cc/uploads/thumbs/ddfbe5693-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/ddfbe5693-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/ddfbe5693-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:14 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:41 GMT
Accept-Ranges: bytes

arglingpistole.com/1clkn/55455

23.109.248.169

200 OK

26 B

URL GET HTTP/1.1
arglingpistole.com/1clkn/55455
IP
23.109.248.169:443
ASN
#7979 SERVERS-COM

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectarglingpistole.com
Fingerprint87:64:72:B5:26:76:E5:AC:DC:F7:E4:19:06:30:15:BE:42:B7:37:AA
ValidityTue, 24 Oct 2023 23:10:53 GMT - Mon, 22 Jan 2024 23:10:52 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

HTTP Headers

GET /1clkn/55455 HTTP/1.1
Host: arglingpistole.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:33 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYp4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNBjE5s; expires=Thu, 07-Dec-2023 22:00:33 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Thu, 07-Dec-2023 22:00:33 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

mail.mycima.cc/uploads/thumbs/a3b584c16-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/a3b584c16-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/a3b584c16-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:32 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:15 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:41 GMT
Accept-Ranges: bytes

mail.mycima.cc/uploads/thumbs/1594078cc-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/1594078cc-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/1594078cc-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:32 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:15 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:41 GMT
Accept-Ranges: bytes

mail.mycima.cc/uploads/thumbs/4a35377fb-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/4a35377fb-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/4a35377fb-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:32 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:12 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:41 GMT
Accept-Ranges: bytes

mail.mycima.cc/uploads/thumbs/33ec9303d-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/33ec9303d-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/33ec9303d-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:14 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:41 GMT
Accept-Ranges: bytes

mail.mycima.cc/templates/3arbserv/img/pm-avatar.png

195.3.220.45

200 OK

2.1 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/img/pm-avatar.png
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
PNG image data, 140 x 140, 8-bit colormap, non-interlaced\012- data
Size
2.1 kB (2135 bytes)
Hash
be7a1517b84d3548fdb863e78c72a3fe
91a88cc99f02e7ed22274fc3a6f42c6a3148ef0d
bd2021d52dbb110212c08885e0dab9580282334d6f1d1e50b8da0270ce8c475e

HTTP Headers

GET /templates/3arbserv/img/pm-avatar.png HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:32 GMT
Content-Type: image/png
Content-Length: 2135
Connection: keep-alive
Last-Modified: Tue, 19 Apr 2016 15:56:34 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 13:58:35 GMT
Accept-Ranges: bytes

mail.mycima.cc/uploads/thumbs/bcb1b6623-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/bcb1b6623-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/bcb1b6623-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:32 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:15 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 22:00:32 GMT
Accept-Ranges: bytes

mail.mycima.cc/social-thumb.php?vid=9ccd11855

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/social-thumb.php?vid=9ccd11855
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (21233 bytes)
Hash
1048f1506b424961aaa06a3bb236dee0
325e012b1a08f196008dd9303af43d98ac394460
115c22d9534a7c1ac4f5269e16acfecf43af04c4ecfd294fc9e15abe307a7b5e

HTTP Headers

GET /social-thumb.php?vid=9ccd11855 HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:32 GMT
Content-Type: image/jpeg
Content-Length: 21233
Connection: keep-alive
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:55 GMT

mail.mycima.cc/uploads/thumbs/4d5a15b52-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/4d5a15b52-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/4d5a15b52-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:32 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:17 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:41 GMT
Accept-Ranges: bytes

mail.mycima.cc/templates/3arbserv/img/icon-play-32.png

195.3.220.45

200 OK

2.4 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/img/icon-play-32.png
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 kB (2413 bytes)
Hash
35bd95e97ff446debcc363482550378d
91c8d90e0524e5346aa4f3ae0806893db5d95959
eee224146191f9cc5fabac0a105fe5b9b34750f8afe16823dbb593259d8a1d75

HTTP Headers

GET /templates/3arbserv/img/icon-play-32.png HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/templates/3arbserv/css/echo.css
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:32 GMT
Content-Type: image/png
Content-Length: 2413
Connection: keep-alive
Last-Modified: Sat, 05 Mar 2022 10:18:44 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 13:58:38 GMT
Accept-Ranges: bytes

netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

104.18.11.207

200 OK

64 kB

URL GET HTTP/3
netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Size
64 kB (64464 bytes)
Hash
4b5a84aaf1c9485e060c503a0ff8cadb
574ea2698c03ae9477db2ea3baf460ee32f1a7ea
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

HTTP Headers

GET /font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://netdna.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 22:00:33 GMT
content-type: font/woff2
content-length: 64464
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/31/2023 18:48:13
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 430b664eb2060353deb973069cf40ac7
cdn-cache: HIT
cf-cache-status: HIT
age: 603904
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8317cd681f695688-OSL
alt-svc: h3=":443"; ma=86400

mail.mycima.cc/uploads/thumbs/376ec4ce4-1.jpg

195.3.220.45

200 OK

21 kB

URL GET HTTP/1.1
mail.mycima.cc/uploads/thumbs/376ec4ce4-1.jpg
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x270, components 3\012- data
Size
21 kB (20763 bytes)
Hash
0ed167c86ffd31d8c5014d9ac1db92da
646b05a87305ee73e1e8760313f7a54a92df2366
8dbe80d42bfb3f8f023fdddc1bd8c384252129cb981756168f0873ba1a9503c1

HTTP Headers

GET /uploads/thumbs/376ec4ce4-1.jpg HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:31 GMT
Content-Type: image/jpeg
Content-Length: 20763
Connection: keep-alive
Last-Modified: Sun, 11 Sep 2022 14:13:16 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 21:59:55 GMT
Accept-Ranges: bytes

mail.mycima.cc/templates/3arbserv/js/jquery.readmore.js

195.3.220.45

200 OK

3.4 kB

URL GET HTTP/1.1
mail.mycima.cc/templates/3arbserv/js/jquery.readmore.js
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
HTML document, ASCII text, with very long lines (531), with CRLF line terminators
Size
3.4 kB (3430 bytes)
Hash
081fe3d90aad9b9f11e4b1c0569530df
ff566498ce6f25f4a3b28c0e2bb92b6b86fea6ed
98e825583e6fb4f7e8a65f9063fb7ea2d34aee8f9aa480dfee285ea27f4fca02

HTTP Headers

GET /templates/3arbserv/js/jquery.readmore.js HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:32 GMT
Content-Type: text/javascript
Content-Length: 3430
Connection: keep-alive
Last-Modified: Thu, 29 Oct 2015 08:29:54 GMT
Cache-Control: max-age=31536000
Expires: Thu, 05 Dec 2024 13:58:35 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2

216.58.207.227

200 OK

31 kB

URL GET HTTP/2
fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 31248, version 1.0\012- data
Size
31 kB (31248 bytes)
Hash
436938da6ed799ca17110e719e4d2e51
b7ef31b6085a9f0963dffe7939abca527724d389
a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2

HTTP Headers

GET /ea/droidarabickufi/v6/DroidKufi-Regular.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 02:31:36 GMT
expires: Wed, 04 Dec 2024 02:31:36 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
content-type: font/woff2
vary: Accept-Encoding
age: 156537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

w26.my-cima.net/uploads/custom-logo.png

195.3.220.45

200 OK

1.7 kB

URL GET HTTP/1.1
w26.my-cima.net/uploads/custom-logo.png
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
PNG image data, 261 x 80, 8-bit/color RGB, non-interlaced\012- data
Size
1.7 kB (1695 bytes)
Hash
3e53d26a827b96ee64d9acd4e9f6ca8c
dce6ba3cd6bb744cbf18af7845d6b2b6656d93d2
7528a0ef939cd8a7234300f5f244b8603a65f252beaa4fb4d69c564ba70c01e0

HTTP Headers

GET /uploads/custom-logo.png HTTP/1.1
Host: w26.my-cima.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:32 GMT
Content-Type: image/png
Content-Length: 1695
Connection: keep-alive
Last-Modified: Sat, 25 Nov 2023 18:36:24 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 13:56:25 GMT
Accept-Ranges: bytes

my.rtmark.net/gid.js?userId=95162b0364d442e5935353201ae6cffa

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=95162b0364d442e5935353201ae6cffa
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
c34768b3200af3251a680533b76d6031
27aaa21cf393e7f639bc09388367bb8aef2d5109
09cbd512b438418bd6ec29b90ac1619057bcbd5a0a7299e6c8153a4e75918684

HTTP Headers

GET /gid.js?userId=95162b0364d442e5935353201ae6cffa HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mail.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 22:00:33 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://mail.mycima.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=95162b0364d442e5935353201ae6cffa; expires=Thu, 05 Dec 2024 22:00:33 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

cimastream.xyz/embed-n2b52dw3uezr.html

172.67.159.19

200 OK

11 kB

URL GET HTTP/2
cimastream.xyz/embed-n2b52dw3uezr.html
IP
172.67.159.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerGoogle Trust Services LLC
Subjectcimastream.xyz
Fingerprint0C:8F:EC:28:25:20:D6:A5:E9:FE:A9:AD:A2:82:76:A1:A6:82:9D:72
ValidityThu, 30 Nov 2023 23:38:39 GMT - Wed, 28 Feb 2024 23:38:38 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (5314)
Size
11 kB (11431 bytes)
Hash
cf95f44981dc5414a8a7f9cbeb64311e
978d972f98851036b663768acfbefb768fc12c33
db33da0ed0c1e162198af37a66909facee96d5db3131f5fa852ded864968290a

HTTP Headers

GET /embed-n2b52dw3uezr.html HTTP/1.1
Host: cimastream.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:00:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Tue, 05 Dec 2023 22:00:33 GMT
set-cookie: lang=1; domain=.cimastream.xyz; path=/; HttpOnly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkxyZWw3Kb7vS%2FCFpo1h6DHbhLtT2seu%2FbMW346Fe15tbl45m1pwOV0rubWYBokVUe3Gv3ObbIRs1JuFPvq%2FuIoBnyX72G1h4%2BEGblOevVUIRBE%2BWsLe7xVXMu%2FpcO9%2FDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317cd679c16b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c

142.250.74.168

200 OK

86 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3034)
Size
86 kB (86242 bytes)
Hash
70e1d17c523cf435351f65e6b7912ed3
574d591ed6194de6a12d570c1a0a67ea23fb2f96
f5470a6bd0eb5370dee6843cebc245eb62003d66a111e554986b2c34aa8461b3

HTTP Headers

GET /gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 06 Dec 2023 22:00:33 GMT
expires: Wed, 06 Dec 2023 22:00:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86242
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

qfilm2rfewecvbrui743wjfvjnvjsd2ldkjof9432jfsdkjjksd8932knmkv.liiivideo.com/i/01/00088/n2b52dw3uezr_xt.jpg

46.4.244.54

200 OK

23 kB

URL GET HTTP/1.1
qfilm2rfewecvbrui743wjfvjnvjsd2ldkjof9432jfsdkjjksd8932knmkv.liiivideo.com/i/01/00088/n2b52dw3uezr_xt.jpg
IP
46.4.244.54:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://cimastream.xyz/embed-n2b52dw3uezr.html
Certificate
IssuerSectigo Limited
Subject*.liiivideo.com
FingerprintBC:CC:BE:99:31:4B:F5:C7:E1:6A:4B:A2:D3:39:8A:24:AE:48:92:CB
ValidityMon, 15 May 2023 00:00:00 GMT - Tue, 14 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x282, components 3\012- data
Size
23 kB (22946 bytes)
Hash
7925ac89afd4e75dd4d20ede29472565
c25a8943433313f893ec63f3c39ac7cbe6e77fac
035f62af77ac3af092beeb7ffc286274cff6a9400f1281c7b1fb3a62792b0d9e

HTTP Headers

GET /i/01/00088/n2b52dw3uezr_xt.jpg HTTP/1.1
Host: qfilm2rfewecvbrui743wjfvjnvjsd2ldkjof9432jfsdkjjksd8932knmkv.liiivideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cimastream.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:33 GMT
Content-Type: image/jpeg
Content-Length: 22946
Last-Modified: Wed, 06 Dec 2023 20:35:04 GMT
Connection: keep-alive
ETag: "6570daf8-59a2"
Expires: Wed, 13 Dec 2023 22:00:33 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

goomaphy.com/500/6219621?excludes=&oaid=95162b0364d442e5935353201ae6cffa&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fmail.mycima.cc%2Fplay.php%3Fvid%3D9ccd11855&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0

139.45.197.239

200 OK

0 B

URL GET HTTP/2
goomaphy.com/500/6219621?excludes=&oaid=95162b0364d442e5935353201ae6cffa&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fmail.mycima.cc%2Fplay.php%3Fvid%3D9ccd11855&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectgoomaphy.com
Fingerprint76:09:CE:CA:DB:32:34:61:6D:9D:6E:FC:84:17:F2:07:82:3C:FE:73
ValidityMon, 13 Nov 2023 05:07:14 GMT - Sun, 11 Feb 2024 05:07:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/6219621?excludes=&oaid=95162b0364d442e5935353201ae6cffa&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fmail.mycima.cc%2Fplay.php%3Fvid%3D9ccd11855&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://mail.mycima.cc/
Origin: https://mail.mycima.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 22:00:34 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://mail.mycima.cc
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1374
Origin: https://mail.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 06 Dec 2023 22:01:17 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://mail.mycima.cc
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

cimastream.xyz/player/jw8/jwplayer.js?v=3

172.67.159.19

200 OK

43 kB

URL GET HTTP/3
cimastream.xyz/player/jw8/jwplayer.js?v=3
IP
172.67.159.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cimastream.xyz/embed-n2b52dw3uezr.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcimastream.xyz
Fingerprint0C:8F:EC:28:25:20:D6:A5:E9:FE:A9:AD:A2:82:76:A1:A6:82:9D:72
ValidityThu, 30 Nov 2023 23:38:39 GMT - Wed, 28 Feb 2024 23:38:38 GMT

File type
Unicode text, UTF-8 text, with very long lines (65505)
Size
43 kB (42905 bytes)
Hash
767ac1457163550aa23b4fdf78c1c8a4
cc6770ef0988a4aa03a1d3996ac3aaabe3019f17
9b727eef94489ae13ea6f53a25e26e866f24ccc4f989ef3f33569554b59d1378

HTTP Headers

GET /player/jw8/jwplayer.js?v=3 HTTP/1.1
Host: cimastream.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cimastream.xyz/embed-n2b52dw3uezr.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 22:00:33 GMT
content-type: text/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=120885
expires: Sun, 31 Dec 2023 01:18:18 GMT
last-modified: Fri, 06 Oct 2023 04:22:12 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 506200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2ktLEPU2FA2fZaDO1BgT2EyYrEbTl9W6riFQTWpX5ibZ5hcd8Th7aqhStjpdkwMr7Pqw%2BehKHv8e0izt3Qx5pHZYFuDbFtu7nK%2Fb5q3C8TOVnIwg%2BWfiiDFrp%2FrZsvPbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317cd6a5f6d56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qfilm2rfewecvbrui743wjfvjnvjsd2ldkjof9432jfsdkjjksd8932knmkv.liiivideo.com/hls2/01/00088/n2b52dw3uezr_n/index-v1-a1.m3u8?t=7PtkxxVnqKU5mDRwFz_JvD1Sd1FVg7jolstHeLUDJYA&s=1701900033&e=43200&f=442126&i=91.90&sp=0

46.4.244.54

200 OK

1.1 kB

URL GET HTTP/1.1
qfilm2rfewecvbrui743wjfvjnvjsd2ldkjof9432jfsdkjjksd8932knmkv.liiivideo.com/hls2/01/00088/n2b52dw3uezr_n/index-v1-a1.m3u8?t=7PtkxxVnqKU5mDRwFz_JvD1Sd1FVg7jolstHeLUDJYA&s=1701900033&e=43200&f=442126&i=91.90&sp=0
IP
46.4.244.54:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://cimastream.xyz/embed-n2b52dw3uezr.html
Certificate
IssuerSectigo Limited
Subject*.liiivideo.com
FingerprintBC:CC:BE:99:31:4B:F5:C7:E1:6A:4B:A2:D3:39:8A:24:AE:48:92:CB
ValidityMon, 15 May 2023 00:00:00 GMT - Tue, 14 May 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
1.1 kB (1146 bytes)
Hash
ad314f80758746976619bc1c718ec822
93acf0f7e62e30c5b4555a6c329bf64dd989f476
79011ba0e50380f0b93af4c4a3f13939b1783f7c2a627f1fdbbbe426b6a025e0

HTTP Headers

GET /hls2/01/00088/n2b52dw3uezr_n/index-v1-a1.m3u8?t=7PtkxxVnqKU5mDRwFz_JvD1Sd1FVg7jolstHeLUDJYA&s=1701900033&e=43200&f=442126&i=91.90&sp=0 HTTP/1.1
Host: qfilm2rfewecvbrui743wjfvjnvjsd2ldkjof9432jfsdkjjksd8932knmkv.liiivideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cimastream.xyz
DNT: 1
Connection: keep-alive
Referer: https://cimastream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:34 GMT
Content-Type: application/vnd.apple.mpegurl
Last-Modified: Wed, 06 Dec 2023 22:00:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 15 Mar 2024 22:00:34 GMT
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
Content-Encoding: gzip

mail.mycima.cc/favicons/android-icon-192x192.png

195.3.220.45

200 OK

22 kB

URL GET HTTP/1.1
mail.mycima.cc/favicons/android-icon-192x192.png
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22310 bytes)
Hash
dcf7d645053c0bb7e0edd25960004324
5951f5ffde7d819e499f69540b0d95cc39d0a8bd
ce2f656adb31855d7886fbcf54add26d85fe22f49a1712cde1779bc905384700

HTTP Headers

GET /favicons/android-icon-192x192.png HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3; prefetchAd_6205538=true; _ga_VSQY3XNP44=GS1.1.1701900040.1.0.1701900040.0.0.0; _ga=GA1.1.1053909491.1701900040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:33 GMT
Content-Type: image/png
Content-Length: 22310
Connection: keep-alive
Last-Modified: Tue, 08 Mar 2022 13:43:53 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 13:59:01 GMT
Accept-Ranges: bytes

cimastream.xyz/player/jw8/provider.hlsjs.js

172.67.159.19

200 OK

2.2 MB

URL GET HTTP/3
cimastream.xyz/player/jw8/provider.hlsjs.js
IP
172.67.159.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cimastream.xyz/embed-n2b52dw3uezr.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcimastream.xyz
Fingerprint0C:8F:EC:28:25:20:D6:A5:E9:FE:A9:AD:A2:82:76:A1:A6:82:9D:72
ValidityThu, 30 Nov 2023 23:38:39 GMT - Wed, 28 Feb 2024 23:38:38 GMT

File type
ASCII text, with very long lines (65167)
Size
2.2 MB (2230775 bytes)
Hash
19342ddc90d56def012d0dc8cdf237b5
c63641167d8a3a9ec0e7c71503dc6c532087bf7f
2bba97f1106355e6a26d675c92203b8224198ae00116cd46021a71785e5234a5

HTTP Headers

GET /player/jw8/provider.hlsjs.js HTTP/1.1
Host: cimastream.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cimastream.xyz/embed-n2b52dw3uezr.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 22:00:33 GMT
content-type: text/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=386462
expires: Sun, 31 Dec 2023 01:18:19 GMT
last-modified: Fri, 18 Nov 2022 13:44:16 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 506200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIj7dCWMYMs%2Bzb6BPZfm1jqqSm%2B%2BOznj84VCP6crN8bSQ81rrq8Ep0AJ0QZ6lwGOPfvuYXrEDSIz9nijCxWg8Eepz3SI0%2BDVun%2BHCzhQTdO4OOZuD42lc6hGcJb%2BdhFB%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317cd6b88d856bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

139.45.197.239

200 OK

2.3 kB

URL GET HTTP/2
goomaphy.com/500/6219621?excludes=&oaid=95162b0364d442e5935353201ae6cffa&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fmail.mycima.cc%2Fplay.php%3Fvid%3D9ccd11855&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectgoomaphy.com
Fingerprint76:09:CE:CA:DB:32:34:61:6D:9D:6E:FC:84:17:F2:07:82:3C:FE:73
ValidityMon, 13 Nov 2023 05:07:14 GMT - Sun, 11 Feb 2024 05:07:13 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
2.3 kB (2284 bytes)
Hash
845fd416b3b7e2cef7379806c079ca8b
29840ce85339c663bd9523fccc206e29a4104d46
4230b30664afd69cabd0ae91aeda906adfa420ba219be7787c8b19fc1d58e0f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /500/6219621?excludes=&oaid=95162b0364d442e5935353201ae6cffa&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fmail.mycima.cc%2Fplay.php%3Fvid%3D9ccd11855&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://mail.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Cookie: OAID=c843e7358afe4b1bb738c9a2011c513b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 22:00:34 GMT
content-type: application/javascript
x-trace-id: 7619f8bb7a5079f54d60e0d2234d32a1
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://mail.mycima.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=95162b0364d442e5935353201ae6cffa; expires=Thu, 05 Dec 2024 22:00:34 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

offerimage.com/www/images/97ce600e62eb53788c1920257cdefb80.jpg

104.22.33.172

200 OK

13 kB

URL GET HTTP/2
offerimage.com/www/images/97ce600e62eb53788c1920257cdefb80.jpg
IP
104.22.33.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
13 kB (12858 bytes)
Hash
97ce600e62eb53788c1920257cdefb80
bcbc75eeb3e4e2ca5f286d55888069d9469b4828
eb036f274e243cdae4222876aca351e5d9bf65d83e32aa476e4d58df266063a1

HTTP Headers

GET /www/images/97ce600e62eb53788c1920257cdefb80.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:00:34 GMT
content-type: image/jpeg
content-length: 12858
cache-control: max-age=86400
cf-bgj: h2pri
etag: "656ef9c7-323a"
expires: Thu, 07 Dec 2023 10:33:05 GMT
last-modified: Tue, 05 Dec 2023 10:21:59 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 41249
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8317cd71b9d92e01-ARN
X-Firefox-Spdy: h2

qfilm2rfewecvbrui743wjfvjnvjsd2ldkjof9432jfsdkjjksd8932knmkv.liiivideo.com/hls2/01/00088/n2b52dw3uezr_n/seg-2-v1-a1.ts?t=7PtkxxVnqKU5mDRwFz_JvD1Sd1FVg7jolstHeLUDJYA&s=1701900033&e=43200&f=442126&i=91.90&sp=0

46.4.244.54

200 OK

2.3 MB

URL GET HTTP/1.1
qfilm2rfewecvbrui743wjfvjnvjsd2ldkjof9432jfsdkjjksd8932knmkv.liiivideo.com/hls2/01/00088/n2b52dw3uezr_n/seg-2-v1-a1.ts?t=7PtkxxVnqKU5mDRwFz_JvD1Sd1FVg7jolstHeLUDJYA&s=1701900033&e=43200&f=442126&i=91.90&sp=0
IP
46.4.244.54:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://cimastream.xyz/embed-n2b52dw3uezr.html
Certificate
IssuerSectigo Limited
Subject*.liiivideo.com
FingerprintBC:CC:BE:99:31:4B:F5:C7:E1:6A:4B:A2:D3:39:8A:24:AE:48:92:CB
ValidityMon, 15 May 2023 00:00:00 GMT - Tue, 14 May 2024 23:59:59 GMT

File type
MPEG transport stream data\012- TeX font metric data (\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377)\012- data
Size
2.3 MB (2304504 bytes)
Hash
6ad5b220c3a683c0e77adaa3f57942a2
92471692c8bbf038fd0dc8ed762b0a0926f93958
0cda27c6f7b0edfd776b2c8ac34a846ae50e7c0e4a723fde40cee412b4b88c9b

HTTP Headers

GET /hls2/01/00088/n2b52dw3uezr_n/seg-2-v1-a1.ts?t=7PtkxxVnqKU5mDRwFz_JvD1Sd1FVg7jolstHeLUDJYA&s=1701900033&e=43200&f=442126&i=91.90&sp=0 HTTP/1.1
Host: qfilm2rfewecvbrui743wjfvjnvjsd2ldkjof9432jfsdkjjksd8932knmkv.liiivideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cimastream.xyz
DNT: 1
Connection: keep-alive
Referer: https://cimastream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:34 GMT
Content-Type: video/MP2T
Content-Length: 2304504
Connection: keep-alive
Expires: Fri, 15 Mar 2024 22:00:34 GMT
ETag: "5f693e80-2329f8"
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

mail.mycima.cc/ajax.php?p=stats&do=show&aid=3&at=1

195.3.220.45

200 OK

42 B

URL GET HTTP/1.1
mail.mycima.cc/ajax.php?p=stats&do=show&aid=3&at=1
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
9b5e8704c89f018cff215cb5ed3e0128
2a9fa3661b326c503e492b89cdd9130d12ead03d
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

HTTP Headers

GET /ajax.php?p=stats&do=show&aid=3&at=1 HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:34 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Expires: Wed, 5 Feb 1986 06:06:06 GMT
Cache-Control: must-revalidate

mail.mycima.cc/ajax.php?p=stats&do=show&aid=2&at=1

195.3.220.45

200 OK

42 B

URL GET HTTP/1.1
mail.mycima.cc/ajax.php?p=stats&do=show&aid=2&at=1
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
9b5e8704c89f018cff215cb5ed3e0128
2a9fa3661b326c503e492b89cdd9130d12ead03d
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

HTTP Headers

GET /ajax.php?p=stats&do=show&aid=2&at=1 HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:34 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Expires: Wed, 5 Feb 1986 06:06:06 GMT
Cache-Control: must-revalidate

mail.mycima.cc/include/securimage_show.php?sid=0b69cce3948d3e12c7bed4cf50be2a54

195.3.220.45

200 OK

3.0 kB

URL GET HTTP/1.1
mail.mycima.cc/include/securimage_show.php?sid=0b69cce3948d3e12c7bed4cf50be2a54
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
PNG image data, 158 x 35, 8-bit/color RGB, non-interlaced\012- data
Size
3.0 kB (2958 bytes)
Hash
b00ca059d025cf4d63f8bd695ff3d15c
c055bf1cd16571cb510441553b004e5840fd6465
0d84ce1f856a2580182b832d02e74abfe5d8766968000baab6847ccd4016fe03

HTTP Headers

GET /include/securimage_show.php?sid=0b69cce3948d3e12c7bed4cf50be2a54 HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:34 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT

mail.mycima.cc/include/securimage_show.php?sid=43d8c7872afe4206850b71d02877d16d

195.3.220.45

200 OK

3.1 kB

URL GET HTTP/1.1
mail.mycima.cc/include/securimage_show.php?sid=43d8c7872afe4206850b71d02877d16d
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
PNG image data, 158 x 35, 8-bit/color RGB, non-interlaced\012- data
Size
3.1 kB (3131 bytes)
Hash
0a4ed5a607baa39b7efff653ae4e09a8
f49ec670937e61374923fa4e0f072831bd1e4953
5c95c05de9c5d81f30d6c1dedd31b83eb9b2be3f1836d4761d26ec263083d49d

HTTP Headers

GET /include/securimage_show.php?sid=43d8c7872afe4206850b71d02877d16d HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:34 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT

mail.mycima.cc/include/securimage_show.php?sid=c67bbfceb0cc7ac45fc89a966638246f

195.3.220.45

200 OK

3.2 kB

URL GET HTTP/1.1
mail.mycima.cc/include/securimage_show.php?sid=c67bbfceb0cc7ac45fc89a966638246f
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
PNG image data, 158 x 35, 8-bit/color RGB, non-interlaced\012- data
Size
3.2 kB (3220 bytes)
Hash
021a202a9c6dec634f9e5f4a7bfc9358
72d0e008c5c1687b596d23730d49a91655e3921a
59c404ec472e87584ff2a7467467a36798384ed31dc0824addd3587c8cb8bf06

HTTP Headers

GET /include/securimage_show.php?sid=c67bbfceb0cc7ac45fc89a966638246f HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:34 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT

goomaphy.com/impression/mkq-IXa18oG31wftUbAhVqlGEluK-yZxxp5GMpHWfyyGzArsd45C2_MbDBJMeejBY94omL1r5NVf8YH6j6OyKb16MYkWJFJPpqbGW9YsZGx5b89uyzpEq1V2icDWMjBUY62JEpHA3MNVgKlCLBYVpQ6Quy-ADUcojeGtXRfzyacNuU75puuVHawjfppblntneBop7kWBw8BOef4E8beRNcZ3Mk_vOD0ttZXt0k-FvTPQ5cK34yKZusPL58_CGB6Vly0WielHhWTPG87zgaezGkikBBageyP4AT3NUbZcCvebpesauVN1ETrIt4eC5dcide6Tv9RY0bEPH5RjsU7GSoy2BT7GjswwC_LmkLn88d9MmlteRKySw7iDxZKnKQZ1-tbqrZRnBLXo3yVDfQETp6u-cRnwU5voyS7wmaDBxPHV9qn7UKpVdklQeIg4dJDHM_YDIThRN41fYvfaQA6ok1bX1sfk4b75OfBArCb2DK5gvGMvFnHSNZjFJt-GMYuNdZWNQn7Hob-BGwSpXL-nf-wvkZcZytoJK0NHB4aOSdufHmLmIBf2jBF-mfjlVFAXZxFm-T_9RDMapFzgV0ldyA==?_z=6219621&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fmail.mycima.cc%2Fplay.php%3Fvid%3D9ccd11855&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0

139.45.197.239

200 OK

43 B

URL GET HTTP/2
goomaphy.com/impression/mkq-IXa18oG31wftUbAhVqlGEluK-yZxxp5GMpHWfyyGzArsd45C2_MbDBJMeejBY94omL1r5NVf8YH6j6OyKb16MYkWJFJPpqbGW9YsZGx5b89uyzpEq1V2icDWMjBUY62JEpHA3MNVgKlCLBYVpQ6Quy-ADUcojeGtXRfzyacNuU75puuVHawjfppblntneBop7kWBw8BOef4E8beRNcZ3Mk_vOD0ttZXt0k-FvTPQ5cK34yKZusPL58_CGB6Vly0WielHhWTPG87zgaezGkikBBageyP4AT3NUbZcCvebpesauVN1ETrIt4eC5dcide6Tv9RY0bEPH5RjsU7GSoy2BT7GjswwC_LmkLn88d9MmlteRKySw7iDxZKnKQZ1-tbqrZRnBLXo3yVDfQETp6u-cRnwU5voyS7wmaDBxPHV9qn7UKpVdklQeIg4dJDHM_YDIThRN41fYvfaQA6ok1bX1sfk4b75OfBArCb2DK5gvGMvFnHSNZjFJt-GMYuNdZWNQn7Hob-BGwSpXL-nf-wvkZcZytoJK0NHB4aOSdufHmLmIBf2jBF-mfjlVFAXZxFm-T_9RDMapFzgV0ldyA==?_z=6219621&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fmail.mycima.cc%2Fplay.php%3Fvid%3D9ccd11855&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectgoomaphy.com
Fingerprint76:09:CE:CA:DB:32:34:61:6D:9D:6E:FC:84:17:F2:07:82:3C:FE:73
ValidityMon, 13 Nov 2023 05:07:14 GMT - Sun, 11 Feb 2024 05:07:13 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/mkq-IXa18oG31wftUbAhVqlGEluK-yZxxp5GMpHWfyyGzArsd45C2_MbDBJMeejBY94omL1r5NVf8YH6j6OyKb16MYkWJFJPpqbGW9YsZGx5b89uyzpEq1V2icDWMjBUY62JEpHA3MNVgKlCLBYVpQ6Quy-ADUcojeGtXRfzyacNuU75puuVHawjfppblntneBop7kWBw8BOef4E8beRNcZ3Mk_vOD0ttZXt0k-FvTPQ5cK34yKZusPL58_CGB6Vly0WielHhWTPG87zgaezGkikBBageyP4AT3NUbZcCvebpesauVN1ETrIt4eC5dcide6Tv9RY0bEPH5RjsU7GSoy2BT7GjswwC_LmkLn88d9MmlteRKySw7iDxZKnKQZ1-tbqrZRnBLXo3yVDfQETp6u-cRnwU5voyS7wmaDBxPHV9qn7UKpVdklQeIg4dJDHM_YDIThRN41fYvfaQA6ok1bX1sfk4b75OfBArCb2DK5gvGMvFnHSNZjFJt-GMYuNdZWNQn7Hob-BGwSpXL-nf-wvkZcZytoJK0NHB4aOSdufHmLmIBf2jBF-mfjlVFAXZxFm-T_9RDMapFzgV0ldyA==?_z=6219621&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fmail.mycima.cc%2Fplay.php%3Fvid%3D9ccd11855&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Cookie: OAID=95162b0364d442e5935353201ae6cffa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 22:00:38 GMT
content-type: image/gif
content-length: 43
x-trace-id: cc7d5b61f7f002677d54594894d60a87
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

offerimage.com/www/images/97ce600e62eb53788c1920257cdefb80.jpg

104.22.33.172

200 OK

13 kB

URL GET HTTP/2
offerimage.com/www/images/97ce600e62eb53788c1920257cdefb80.jpg
IP
104.22.33.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
13 kB (12858 bytes)
Hash
97ce600e62eb53788c1920257cdefb80
bcbc75eeb3e4e2ca5f286d55888069d9469b4828
eb036f274e243cdae4222876aca351e5d9bf65d83e32aa476e4d58df266063a1

HTTP Headers

GET /www/images/97ce600e62eb53788c1920257cdefb80.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:00:39 GMT
content-type: image/jpeg
content-length: 12858
cache-control: max-age=86400
cf-bgj: h2pri
etag: "656ef9c7-323a"
expires: Thu, 07 Dec 2023 10:33:05 GMT
last-modified: Tue, 05 Dec 2023 10:21:59 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 41254
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8317cd8cf98a2e01-ARN
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 03:54:00 GMT
expires: Wed, 04 Dec 2024 03:54:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 151599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 579785
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

104.18.11.207

200 OK

27 kB

URL GET HTTP/2
netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (26548)
Size
27 kB (26711 bytes)
Hash
0831cba6a670e405168b84aa20798347
05ea25bc9b3ac48993e1fee322d3bc94b49a6e22
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

HTTP Headers

GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:00:32 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"0831cba6a670e405168b84aa20798347"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 11/18/2022 06:19:10
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 863
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 2562857f0a167db0963d48453a4431f8
cdn-cache: HIT
cf-cache-status: HIT
age: 1190314
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8317cd63dae21c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mail.mycima.cc/favicons/favicon-16x16.png

195.3.220.45

200 OK

1.0 kB

URL GET HTTP/1.1
mail.mycima.cc/favicons/favicon-16x16.png
IP
195.3.220.45:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectwww.b.mycima.cc
Fingerprint97:A4:3D:E9:8D:93:0C:D6:CB:7F:04:8E:B0:0A:1A:9D:6B:C6:CA:08
ValidityWed, 18 Oct 2023 15:57:12 GMT - Tue, 16 Jan 2024 15:57:11 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1017 bytes)
Hash
2f9e3795889ec567bbb1124b6b1f73c8
1587f8e10111dda099a9453850224807334ec44b
c994effa2226581104a4963c1c0ced8b6009e06a8ac49b4cdb09ce1c84443a65

HTTP Headers

GET /favicons/favicon-16x16.png HTTP/1.1
Host: mail.mycima.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/play.php?vid=9ccd11855
Cookie: PHPSESSID=b5f3f6e45ecb1307fa7cec3086ccb4ee; watched_video_list=ODg3; prefetchAd_6205538=true; _ga_VSQY3XNP44=GS1.1.1701900040.1.0.1701900040.0.0.0; _ga=GA1.1.1053909491.1701900040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:33 GMT
Content-Type: image/png
Content-Length: 1017
Connection: keep-alive
Last-Modified: Tue, 08 Mar 2022 13:44:34 GMT
Cache-Control: max-age=2592000
Expires: Fri, 05 Jan 2024 14:02:21 GMT
Accept-Ranges: bytes

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

142.250.74.106

200 OK

11 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
11 kB (10615 bytes)
Hash
dbdc7ee435c6a7f4277bfc7fedf28368
8194a5d7e0108bed7abb001d8bf2b8985a5aa2ca
91b113cbf5aedc9b93ceebe313863344b1ead775a618a7e9f31f9e98dbbdf227

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 06 Dec 2023 22:00:39 GMT
date: Wed, 06 Dec 2023 22:00:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cimastream.xyz/js/jquery.min.js

172.67.159.19

200 OK

90 kB

URL GET HTTP/3
cimastream.xyz/js/jquery.min.js
IP
172.67.159.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cimastream.xyz/embed-n2b52dw3uezr.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcimastream.xyz
Fingerprint0C:8F:EC:28:25:20:D6:A5:E9:FE:A9:AD:A2:82:76:A1:A6:82:9D:72
ValidityThu, 30 Nov 2023 23:38:39 GMT - Wed, 28 Feb 2024 23:38:38 GMT

File type
ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: cimastream.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cimastream.xyz/embed-n2b52dw3uezr.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 06 Dec 2023 22:00:33 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 03 Mar 2021 00:27:20 GMT
expires: Sun, 31 Dec 2023 01:18:26 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 504156
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BWoIghH2h%2BBB%2FVi3fYVZWQlrMvjtygzI3yqqDWLtQvyKG4P%2FiQyJ%2Fz582idOUPZSgmE1Oz4tJfqmaj%2F3qNCEIMU8Tj%2BJxj3HCVi8I2iPki1QtZV%2BChIEGxyyrmeIQxSOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317cd6a4f6456bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cimastream.xyz/js/xupload.js

172.67.159.19

200 OK

8.1 kB

URL GET HTTP/3
cimastream.xyz/js/xupload.js
IP
172.67.159.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cimastream.xyz/embed-n2b52dw3uezr.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcimastream.xyz
Fingerprint0C:8F:EC:28:25:20:D6:A5:E9:FE:A9:AD:A2:82:76:A1:A6:82:9D:72
ValidityThu, 30 Nov 2023 23:38:39 GMT - Wed, 28 Feb 2024 23:38:38 GMT

File type
ASCII text, with very long lines (8234), with no line terminators
Size
8.1 kB (8081 bytes)
Hash
f0ee8f81b932f96847de36e09b092022
aee065f6f4658d6e6a30e6251ea1b045f5e10d51
f6049f67c920c8ad693f41801eed315e6a2cef7bfac8fd8d8c66b5566b23a2b0

HTTP Headers

GET /js/xupload.js HTTP/1.1
Host: cimastream.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cimastream.xyz/embed-n2b52dw3uezr.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 06 Dec 2023 22:00:33 GMT
content-type: text/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=10790
expires: Sun, 31 Dec 2023 01:18:26 GMT
last-modified: Thu, 12 Jan 2023 11:18:46 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 504156
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2gx%2Br%2B5mLtx3SrYCeTww3HYvOtyUHVBLjs3L6ANXJuk8sFj2a3EpMWqbVW06MwsEnKYuYPeQR1ot%2FCZFClal8YubyEyJ9aTrDmY0ZFR0XbTYhDaqI%2F5ogC42XSv25v8TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317cd6a5f6756bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

augailou.com/?rb=Z2P45iZXv4liZmtwzIwFJ3mS6vcddmu-dkeRcs1dY-f0xvvoeJIBwT6MeD-A-hwvzcQdzTqlBCKAu1JAEXw_60h1Ryr_-fC-KALsIAcs7HWiG-_G7sZk3w31s8clzjbw3NjSWbo2neHRQN3XH5ZRqlh010bMXbZ6uQvNYtD3JRkXNcZPXc2nOsqVmjWiFVhbVbwUmTt-vfQhk1d4QcjljNbgMEiywqK_4x0U-4dlNR8%3D&request_ab2=0&zoneid=6205538&js_build=iclick-v1.641.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fmail.mycima.cc%2Fplay.php%3Fvid%3D9ccd11855&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.641.0&bs=8c2b1880-4307-4f4a-9edf-0995de5c4bda&userId=95162b0364d442e5935353201ae6cffa&m=link

139.45.197.243

200 OK

2.3 kB

URL GET HTTP/2
augailou.com/?rb=Z2P45iZXv4liZmtwzIwFJ3mS6vcddmu-dkeRcs1dY-f0xvvoeJIBwT6MeD-A-hwvzcQdzTqlBCKAu1JAEXw_60h1Ryr_-fC-KALsIAcs7HWiG-_G7sZk3w31s8clzjbw3NjSWbo2neHRQN3XH5ZRqlh010bMXbZ6uQvNYtD3JRkXNcZPXc2nOsqVmjWiFVhbVbwUmTt-vfQhk1d4QcjljNbgMEiywqK_4x0U-4dlNR8%3D&request_ab2=0&zoneid=6205538&js_build=iclick-v1.641.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fmail.mycima.cc%2Fplay.php%3Fvid%3D9ccd11855&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.641.0&bs=8c2b1880-4307-4f4a-9edf-0995de5c4bda&userId=95162b0364d442e5935353201ae6cffa&m=link
IP
139.45.197.243:443
ASN
#9002 RETN Limited

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectaugailou.com
FingerprintE0:0C:00:44:87:43:31:19:C2:B7:27:67:A4:64:F4:85:B0:0D:D7:36
ValiditySat, 28 Oct 2023 05:47:21 GMT - Fri, 26 Jan 2024 05:47:20 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2300), with no line terminators
Size
2.3 kB (2279 bytes)
Hash
3b0e651202d50b793aaaa66847d34ee9
c498ee6ba1242d292dd524501a74754e2a70d0de
c81461b111a2ef34c2b03e297a8452e0a610922b661e774f1fa12dc49c3073eb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=Z2P45iZXv4liZmtwzIwFJ3mS6vcddmu-dkeRcs1dY-f0xvvoeJIBwT6MeD-A-hwvzcQdzTqlBCKAu1JAEXw_60h1Ryr_-fC-KALsIAcs7HWiG-_G7sZk3w31s8clzjbw3NjSWbo2neHRQN3XH5ZRqlh010bMXbZ6uQvNYtD3JRkXNcZPXc2nOsqVmjWiFVhbVbwUmTt-vfQhk1d4QcjljNbgMEiywqK_4x0U-4dlNR8%3D&request_ab2=0&zoneid=6205538&js_build=iclick-v1.641.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=1&pl=https%3A%2F%2Fmail.mycima.cc%2Fplay.php%3Fvid%3D9ccd11855&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.641.0&bs=8c2b1880-4307-4f4a-9edf-0995de5c4bda&userId=95162b0364d442e5935353201ae6cffa&m=link HTTP/1.1
Host: augailou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail.mycima.cc/
Origin: https://mail.mycima.cc
DNT: 1
Connection: keep-alive
Cookie: OAID=95162b0364d442e5935353201ae6cffa; oaidts=1701900033
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 22:00:34 GMT
content-type: application/json
x-trace-id: 17c49109417314cffcf7ffe203043721
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://mail.mycima.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=95162b0364d442e5935353201ae6cffa; expires=Thu, 05 Dec 2024 22:00:33 GMT; path=/; secure; SameSite=None
oaidts=1701900033; expires=Thu, 05 Dec 2024 22:00:33 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 13 Dec 2023 22:00:33 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

cimastream.xyz/css/main.css

172.67.159.19

200 OK

39 kB

URL GET HTTP/3
cimastream.xyz/css/main.css
IP
172.67.159.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cimastream.xyz/embed-n2b52dw3uezr.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcimastream.xyz
Fingerprint0C:8F:EC:28:25:20:D6:A5:E9:FE:A9:AD:A2:82:76:A1:A6:82:9D:72
ValidityThu, 30 Nov 2023 23:38:39 GMT - Wed, 28 Feb 2024 23:38:38 GMT

File type
ASCII text, with very long lines (38568), with no line terminators
Size
39 kB (38568 bytes)
Hash
6ca3420513275986e2e75eae84e94ff3
b914d6aa1ba8838bf779c0dbd40a2c969515e5ab
495335e7a612583096b393d2d8c4c98a96c8a938797631e3ce3f5de497ae7046

HTTP Headers

GET /css/main.css HTTP/1.1
Host: cimastream.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cimastream.xyz/embed-n2b52dw3uezr.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 06 Dec 2023 22:00:33 GMT
content-type: text/css
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=49243
expires: Sun, 31 Dec 2023 01:18:26 GMT
last-modified: Thu, 18 May 2023 18:01:36 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 504156
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YPS1FXq14%2BfHu%2FebqH8oEkCvxGEv%2F2fNz8OBmEe%2FEV%2FoeVOkCFtn7C4mTsflwoq993dedoLax7rDcyocWje5zG35cMIGoGYWqbkjy3N%2F7%2BBNsR1gktAzggVFDaIN42RQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317cd6a4f6056bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tzegilo.com/stattag.js

172.67.193.52

200 OK

19 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
172.67.193.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
FingerprintF2:F3:F8:C4:40:73:B6:FE:DD:58:70:D7:13:25:D2:51:21:88:50:0B
ValiditySun, 03 Dec 2023 17:24:18 GMT - Sat, 02 Mar 2024 17:24:17 GMT

File type
ASCII text, with very long lines (18369)
Size
19 kB (19019 bytes)
Hash
89e89aea544ea2785d49cc4cd9cf26f6
7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:00:33 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
etag: W/"64f987a8-4a4b"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFaWusBMAmvyQX4KeS8PpE8f4dv4FGmd04plyk9bw3TyfDKDTUUZPApIxtnv7I%2B8Z2nt%2BF8pJslgIqeXN7q9ILFXpWjzoG2PU9uQhvDVBDG4Ty7a%2FuIWDn%2FYla%2FLLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8317cd6aff7f56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
12 kB (11978 bytes)
Hash
06596cfa2dee431129c328e050b9fb2a
1a991c51ab2b2da5647e83f481e7d18d60a45b3b
bf6fe0ffee1d57731da4d1cf3cfe88e1effa9b36c51a85018a91ed43b91c3de6

HTTP Headers

GET /css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 06 Dec 2023 22:00:32 GMT
date: Wed, 06 Dec 2023 22:00:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cimastream.xyz/js/localstorage-slim.js

172.67.159.19

200 OK

2.1 kB

URL GET HTTP/3
cimastream.xyz/js/localstorage-slim.js
IP
172.67.159.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cimastream.xyz/embed-n2b52dw3uezr.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcimastream.xyz
Fingerprint0C:8F:EC:28:25:20:D6:A5:E9:FE:A9:AD:A2:82:76:A1:A6:82:9D:72
ValidityThu, 30 Nov 2023 23:38:39 GMT - Wed, 28 Feb 2024 23:38:38 GMT

File type
ASCII text, with very long lines (2079), with no line terminators
Size
2.1 kB (2063 bytes)
Hash
66b63b5fefbe179c0fd09e63c11b7e12
e657b7d46921bec0bcbd746339ccc03ef4690036
52eb05218aa889bcc3b78062d496c747a04db5126648bd3a57cf8c43e3039bf2

HTTP Headers

GET /js/localstorage-slim.js HTTP/1.1
Host: cimastream.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cimastream.xyz/embed-n2b52dw3uezr.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 06 Dec 2023 22:00:33 GMT
content-type: text/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=2064
expires: Sun, 31 Dec 2023 01:18:18 GMT
last-modified: Tue, 16 Nov 2021 13:32:06 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 506200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9jSLz9VJ2WLe9ETm5Cok4316W3PGm6q1Py%2BY5hPVN5s%2B8J61IlRUR0F6PSk57kfqqmyPWRaD32hCkUScUPna9NPQpx%2FBAMkNgbT4sB0mrAVvkeXdNRpCZFwNaVYDLamww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317cd6a5f7256bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cimastream.xyz/player/jw8/jwplayer.core.controls.js

172.67.159.19

200 OK

333 kB

URL GET HTTP/3
cimastream.xyz/player/jw8/jwplayer.core.controls.js
IP
172.67.159.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cimastream.xyz/embed-n2b52dw3uezr.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcimastream.xyz
Fingerprint0C:8F:EC:28:25:20:D6:A5:E9:FE:A9:AD:A2:82:76:A1:A6:82:9D:72
ValidityThu, 30 Nov 2023 23:38:39 GMT - Wed, 28 Feb 2024 23:38:38 GMT

File type

Size
333 kB (333075 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /player/jw8/jwplayer.core.controls.js HTTP/1.1
Host: cimastream.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cimastream.xyz/embed-n2b52dw3uezr.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 06 Dec 2023 22:00:33 GMT
content-type: text/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=333097
expires: Sun, 31 Dec 2023 01:18:19 GMT
last-modified: Fri, 06 Oct 2023 07:17:31 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 506200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Fd%2Fxb9%2FZFEQfefD5xGhkihZmrkZWEuOZOJCpjjEB5XGKBTs5PORDLQ7ph6NcHtgL1MQKYlFidQHMG8N1jZ%2FSDEihNhUyZ1FcJHpbnl5qbSe3QxPLjEPgzGgi87npeUFxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317cd6b88d656bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js

104.18.11.207

200 OK

32 kB

URL GET HTTP/2
netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (31650)
Size
32 kB (31819 bytes)
Hash
abda843684d022f3bc22bc83927fe05f
26908395e7a9a4eab607d80aa50a81d65f3017cb
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

HTTP Headers

GET /bootstrap/3.2.0/js/bootstrap.min.js HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 22:00:32 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"abda843684d022f3bc22bc83927fe05f"
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 05/01/2023 21:10:53
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 874
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: f68ebb2ba27044455e99c567be520fcb
cdn-cache: HIT
cf-cache-status: HIT
age: 832840
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8317cd63eafe1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

qfilm2rfewecvbrui743wjfvjnvjsd2ldkjof9432jfsdkjjksd8932knmkv.liiivideo.com/hls2/01/00088/n2b52dw3uezr_n/master.m3u8?t=7PtkxxVnqKU5mDRwFz_JvD1Sd1FVg7jolstHeLUDJYA&s=1701900033&e=43200&f=442126&i=91.90&sp=0

46.4.244.54

200 OK

651 B

URL GET HTTP/1.1
qfilm2rfewecvbrui743wjfvjnvjsd2ldkjof9432jfsdkjjksd8932knmkv.liiivideo.com/hls2/01/00088/n2b52dw3uezr_n/master.m3u8?t=7PtkxxVnqKU5mDRwFz_JvD1Sd1FVg7jolstHeLUDJYA&s=1701900033&e=43200&f=442126&i=91.90&sp=0
IP
46.4.244.54:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://cimastream.xyz/embed-n2b52dw3uezr.html
Certificate
IssuerSectigo Limited
Subject*.liiivideo.com
FingerprintBC:CC:BE:99:31:4B:F5:C7:E1:6A:4B:A2:D3:39:8A:24:AE:48:92:CB
ValidityMon, 15 May 2023 00:00:00 GMT - Tue, 14 May 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with very long lines (662), with no line terminators
Size
651 B (651 bytes)
Hash
226ca09f7c67e7d33aa73b26454092c2
e55835ed651c34a18b63b3763092a561f0c3ed8d
c8c814927e438e46ff4175252f1b5c4c7c59d1a41c094ba6606360d5016ee41e

HTTP Headers

GET /hls2/01/00088/n2b52dw3uezr_n/master.m3u8?t=7PtkxxVnqKU5mDRwFz_JvD1Sd1FVg7jolstHeLUDJYA&s=1701900033&e=43200&f=442126&i=91.90&sp=0 HTTP/1.1
Host: qfilm2rfewecvbrui743wjfvjnvjsd2ldkjof9432jfsdkjjksd8932knmkv.liiivideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cimastream.xyz
DNT: 1
Connection: keep-alive
Referer: https://cimastream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:34 GMT
Content-Type: application/vnd.apple.mpegurl
Last-Modified: Wed, 06 Dec 2023 22:00:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 15 Mar 2024 22:00:34 GMT
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
Content-Encoding: gzip

augailou.com/5/6205538

139.45.197.243

200 OK

72 kB

URL GET HTTP/2
augailou.com/5/6205538
IP
139.45.197.243:443
ASN
#9002 RETN Limited

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectaugailou.com
FingerprintE0:0C:00:44:87:43:31:19:C2:B7:27:67:A4:64:F4:85:B0:0D:D7:36
ValiditySat, 28 Oct 2023 05:47:21 GMT - Fri, 26 Jan 2024 05:47:20 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
72 kB (71680 bytes)
Hash
98139d7a111219afb620cecf18a28daa
a8cee4afaa316cfed4453d634275920004f30ffd
293eb896e4a48cf41e17ea03c966c9c49379354a6eaed36fa4ff5dba27f6a0a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/6205538 HTTP/1.1
Host: augailou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 22:00:33 GMT
content-type: application/javascript
x-trace-id: e5fdc765e9600684378824d56af2c268
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=95162b0364d442e5935353201ae6cffa; expires=Thu, 05 Dec 2024 22:00:33 GMT; path=/; secure; SameSite=None
oaidts=1701900033; expires=Thu, 05 Dec 2024 22:00:33 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

goomaphy.com/401/6219621

139.45.197.239

200 OK

89 kB

URL GET HTTP/2
goomaphy.com/401/6219621
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://mail.mycima.cc/play.php?vid=9ccd11855
Certificate
IssuerLet's Encrypt
Subjectgoomaphy.com
Fingerprint76:09:CE:CA:DB:32:34:61:6D:9D:6E:FC:84:17:F2:07:82:3C:FE:73
ValidityMon, 13 Nov 2023 05:07:14 GMT - Sun, 11 Feb 2024 05:07:13 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
89 kB (88926 bytes)
Hash
f416916d1ce7341bbcf905314afcfb94
7e269df003845d3e677d11df647ab42e49943e15
5265ff43e45796f202fb6b3cb6aa73668734bab4f9d3a8fa67b9f6eb33d5293d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/6219621 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 22:00:33 GMT
content-type: application/javascript
x-trace-id: 94668b04464b3da8cb97d85adc5437a6
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=c843e7358afe4b1bb738c9a2011c513b; expires=Thu, 05 Dec 2024 22:00:33 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

cimastream.xyz/js/jquery.cookie.js

172.67.159.19

200 OK

990 B

URL GET HTTP/3
cimastream.xyz/js/jquery.cookie.js
IP
172.67.159.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cimastream.xyz/embed-n2b52dw3uezr.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcimastream.xyz
Fingerprint0C:8F:EC:28:25:20:D6:A5:E9:FE:A9:AD:A2:82:76:A1:A6:82:9D:72
ValidityThu, 30 Nov 2023 23:38:39 GMT - Wed, 28 Feb 2024 23:38:38 GMT

File type
ASCII text, with very long lines (994), with no line terminators
Size
990 B (990 bytes)
Hash
2af5e791a2ced283f5c0683bc8a73e23
6e7d535372bfd4a13da00e5ee913d18d7d47a023
e6cb21733bd4a2be7662f823f8c1507c2717783298b80cd703119127e88c6dd7

HTTP Headers

GET /js/jquery.cookie.js HTTP/1.1
Host: cimastream.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cimastream.xyz/embed-n2b52dw3uezr.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 06 Dec 2023 22:00:33 GMT
content-type: text/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=4331
expires: Sun, 31 Dec 2023 01:18:26 GMT
last-modified: Tue, 31 May 2011 12:53:56 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 504156
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QkePuF34Avf2%2FhFFnO%2FtYdhG6KSRW0xbojoe0wsjGiwRTriM2PSZyy%2BvXkjMcRq81AYX5xvosutAaSeCwAqT%2FCWgZtLS4vXhbXw4LrCNcAUqinR3oxNDfpw91FgYyd25w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8317cd6a5f6956bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qfilm2rfewecvbrui743wjfvjnvjsd2ldkjof9432jfsdkjjksd8932knmkv.liiivideo.com/hls2/01/00088/n2b52dw3uezr_n/seg-1-v1-a1.ts?t=7PtkxxVnqKU5mDRwFz_JvD1Sd1FVg7jolstHeLUDJYA&s=1701900033&e=43200&f=442126&i=91.90&sp=0

46.4.244.54

200 OK

2.1 MB

URL GET HTTP/1.1
qfilm2rfewecvbrui743wjfvjnvjsd2ldkjof9432jfsdkjjksd8932knmkv.liiivideo.com/hls2/01/00088/n2b52dw3uezr_n/seg-1-v1-a1.ts?t=7PtkxxVnqKU5mDRwFz_JvD1Sd1FVg7jolstHeLUDJYA&s=1701900033&e=43200&f=442126&i=91.90&sp=0
IP
46.4.244.54:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://cimastream.xyz/embed-n2b52dw3uezr.html
Certificate
IssuerSectigo Limited
Subject*.liiivideo.com
FingerprintBC:CC:BE:99:31:4B:F5:C7:E1:6A:4B:A2:D3:39:8A:24:AE:48:92:CB
ValidityMon, 15 May 2023 00:00:00 GMT - Tue, 14 May 2024 23:59:59 GMT

File type

Size
2.1 MB (2115000 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /hls2/01/00088/n2b52dw3uezr_n/seg-1-v1-a1.ts?t=7PtkxxVnqKU5mDRwFz_JvD1Sd1FVg7jolstHeLUDJYA&s=1701900033&e=43200&f=442126&i=91.90&sp=0 HTTP/1.1
Host: qfilm2rfewecvbrui743wjfvjnvjsd2ldkjof9432jfsdkjjksd8932knmkv.liiivideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cimastream.xyz
DNT: 1
Connection: keep-alive
Referer: https://cimastream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 22:00:34 GMT
Content-Type: video/MP2T
Content-Length: 2115000
Connection: keep-alive
Expires: Fri, 15 Mar 2024 22:00:34 GMT
ETag: "5f693e80-2045b8"
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (47)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash