Report - wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/

Report Overview

Visited public
2024-12-05 23:42:22
Tags
URL
wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Finishing URL
wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
IP / ASN
104.21.14.103
#13335 CLOUDFLARENET
Title
مشاهدة انمي Beastars موسم 3 حلقة 1 - وى سيما wecima ماى سيما mycima

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
varcdnx9-16.erea12.shop	unknown	unknown	No data	No data	619 B	891 kB	185.40.4.54
bytogeticr.com	unknown	2022-05-19	2022-05-19	2024-12-01	473 B	1.2 kB	104.21.17.211
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2024-12-04	429 B	91 kB	104.17.24.14
unpkg.com	11693	2016-01-06	2016-01-07	2024-12-04	2.6 kB	1.5 MB	104.17.248.203
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-12-04	457 B	19 kB	188.114.97.1
wecima.tube	unknown	2023-02-02	2023-02-02	2024-11-29	1.0 kB	234 kB	188.114.96.1
gekeebsirs.com	unknown	2024-08-13	2024-08-13	2024-12-03	398 B	73 kB	188.114.96.1
greerogloo.net	unknown	2024-11-16	2024-11-16	2024-12-05	3.7 kB	19 kB	139.45.197.245
inklinkor.com	unknown	2022-04-01	2022-04-01	2024-11-28	395 B	34 kB	172.67.211.29
site-assets.fontawesome.com	299062	2012-10-18	2022-02-10	2024-12-04	2.6 kB	1.6 MB	172.64.147.188
code.jquery.com	634	2005-12-10	2012-05-21	2024-12-04	406 B	32 kB	151.101.2.137
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2024-12-04	446 B	1.7 kB	142.250.74.74
tgb4.top15top.shop	unknown	2023-12-15	2024-02-03	2024-11-19	581 B	969 B	104.21.41.189
www.googletagmanager.com	75	2011-11-11	2012-10-04	2024-12-04	899 B	188 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2024-12-04	2.6 kB	62 kB	216.58.207.227
wecima.movie	unknown	2024-09-18	2024-10-16	2024-11-29	10 kB	2.0 MB	172.67.158.161

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-05	medium	greerogloo.net	Sinkholed
2024-12-05	medium	greerogloo.net	Sinkholed
2024-12-05	medium	greerogloo.net	Sinkholed
2024-12-05	medium	greerogloo.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (23)

	URL	From	Size	First Seen	Last Seen
	gekeebsirs.com/tag.min.js	ScriptElement	71 kB	2024-12-05	2024-12-09
Pretty URL gekeebsirs.com/tag.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 13:06 Last Seen2024-12-09 13:08 Times Seen177 Hash 2eeea61eb013dc83a41eafa1703c29b2 a50df19172681e73e3d4f561e5ce1d0b1e7009ca a11d2141877d0c5e71945d23d73045d76d56813b6664477d8c03eed853b2b64b Loading...

	unknown	ScriptElement	170 B	2024-12-05	2024-12-05
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 23:42 Last Seen2024-12-05 23:42 Times Seen1 Hash d10f552b6439aa1d3aa3b79b89cd7e8f 9bc9993af8dcbd37f85805511bb3a47e0ec2a248 b5e3bbdcd6b4ce4af38c09c48c6fd4476015aa80f385a162d4c65b6c6a2ded52 Loading...

	www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c&gtm=45je4c40v899650979za200	ScriptElement	215 kB	2024-12-05	2024-12-05
Pretty URL www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c&gtm=45je4c40v899650979za200 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 23:42 Last Seen2024-12-05 23:42 Times Seen1 Hash 10a9c51281c395d8f838d3bba062b7fa 2f50bde32a0e6786ef094a1e8c0262adf756b41c 67743a137dbddde633580e031890ef20330bd3cbb4c561adc63df8685f7173ad Loading...

	code.jquery.com/jquery-3.5.1.min.js	ScriptElement	90 kB	2023-03-07	2025-06-15
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-15 10:22 Times Seen113763 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/sandbox%20eval%20code		147 B	2023-04-11	2025-06-15
Pretty URL wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-15 10:30 Times Seen354240 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	unknown	Function	79 B	2023-04-11	2025-06-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-06-15 10:06 Times Seen114898 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/	ScriptElement	158 B	2023-03-25	2025-06-12
Pretty URL wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/ IP 172.67.158.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-25 21:52 Last Seen2025-06-12 17:37 Times Seen117 Hash d8df6d4045b4e1124661b5df5086c10e c17b97603a604f539a451c6d001308b0654b909c b9848daa1b8d843e20a1540f95910ea8e5190b6e22ba895ed2d1ab380f7c48d1 Loading...

	unpkg.com/videojs-flash/dist/videojs-flash.js	ScriptElement	39 kB	2023-03-07	2025-06-15
Pretty URL unpkg.com/videojs-flash/dist/videojs-flash.js IP 104.17.248.203 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39 Last Seen2025-06-15 10:20 Times Seen188 Hash b671db9a73a06770313c1a05bcdc0b58 12280acce4192448e93e3b2ef9e1adf6c6eba94a 9162832cc3ed9507d8f869dd0d4fd0dacde05a078172d82a98b05e0aef1f1a34 Loading...

	unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js	ScriptElement	717 kB	2023-03-07	2025-05-26
Pretty URL unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js IP 104.17.248.203 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-05-26 17:47 Times Seen70 Hash f4cfc74056724c22c4841e1d085e51e2 c9d7412fe37b091832074ee9c5656849e87ef41c aa938226e6eddc96da5a52d7a9aba85c6b4eed0e56ad1ca66fd8f5ee8bb0acd1 Loading...

	unknown	ScriptElement	172 B	2024-12-05	2024-12-05
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 23:42 Last Seen2024-12-05 23:42 Times Seen1 Hash c2382dab1817aa2ee0c523d37e52002c 3745b05c0e6765e2c870a762a18fd4048c7bd20a ee9409a006ba56daba7cb818172a0054ba8480d015eebc960349f416a30f6f25 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-06-15
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-15 10:30 Times Seen353512 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	wecima.movie/wp-content/themes/Mycima2021/js/vidjs-2.js	ScriptElement	27 kB	2023-06-08	2025-04-09
Pretty URL wecima.movie/wp-content/themes/Mycima2021/js/vidjs-2.js IP 172.67.158.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 23:32 Last Seen2025-04-09 05:14 Times Seen30 Hash 406de09ea0c4fcf430d7892e791d4023 791aeaa7193be874b8afd390a0283d3118e79d44 f134a2cd798e0b14125b8b625c46317eb16a70e5032ad0029bae6f0c5c087e51 Loading...

	wecima.movie/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?1428071396&ver=6.4.3	ScriptElement	135 kB	2024-09-28	2025-06-12
Pretty URL wecima.movie/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?1428071396&ver=6.4.3 IP 172.67.158.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 16:08 Last Seen2025-06-12 17:37 Times Seen27 Hash a8bd7b842936f3a8ddd5cdfe7b49d43b 7813b3c365438f65cae4e1bc5c1f51407d890fab 8da8f40ecf024082922df25fc51477cb33a9e06b23bfe28dd664ba89f3988693 Loading...

	wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/	ScriptElement	752 B	2024-09-28	2024-12-15
Pretty URL wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/ IP 172.67.158.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-28 16:08 Last Seen2024-12-15 17:49 Times Seen11 Hash 7fdfb67ef14776dece8c6b33b408d8e3 a862f579f16cd9ca726de15a68c247f7385d712d bcf0522b00c8787321494e81e897b6c42154a7244149f07fd17138866ad400da Loading...

	wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521	ScriptElement	3.9 kB	2023-06-08	2025-04-09
Pretty URL wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521 IP 172.67.158.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-08 23:32 Last Seen2025-04-09 05:14 Times Seen30 Hash bb3e4f03b87b3b3a6de5024626ff1b00 9b89fdf8178bba86940ef981524e7ff6b900c86a 2dfad1dd618978e8aaea97be4ff1d7b750b6cf8c72854c68ca4d15734e050f6f Loading...

	cdnjs.cloudflare.com/ajax/libs/video.js/7.0.0/video.min.js	ScriptElement	396 kB	2023-06-08	2025-04-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/video.js/7.0.0/video.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 23:32 Last Seen2025-04-09 05:14 Times Seen33 Hash 32803413b97579648bb6d086fde72f08 8a7d229a24879f094e80b78e417c90d07cdc4f13 8636f49e04c3b2b95dbdc4bc2dfff6d5babbfd642eab954087deaa7c2c2fae11 Loading...

	wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/	ScriptElement	194 B	2024-11-29	2025-03-04
Pretty URL wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/ IP 172.67.158.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-29 09:32 Last Seen2025-03-04 13:52 Times Seen11 Hash 271144f763876b6ba5b66d7430bac965 a00024928c84915a58bf41433ce054bf2043ea84 511105bbd7a3e246f6d9c17a327497d98f5821dec2ecb881990f0992b4acf902 Loading...

	wecima.movie/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.4.3	ScriptElement	88 kB	2023-03-07	2025-06-12
Pretty URL wecima.movie/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.4.3 IP 172.67.158.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26 Last Seen2025-06-12 17:37 Times Seen285 Hash b4999cbb6a73a9b312f635cff75e5a53 c7b683fc72d06eac129185c3e60362f5c1adc2a8 736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302 Loading...

	unknown	Function	37 B	2023-04-11	2025-06-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-06-15 10:06 Times Seen272087 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/	ScriptElement	193 B	2024-11-29	2025-03-04
Pretty URL wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/ IP 172.67.158.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-29 09:32 Last Seen2025-03-04 13:52 Times Seen12 Hash 7e562cbc27fef3cad030670bccbc1592 c30b096aa3cbaa7ae40ecdf7bceeb2761dcf9a7b 57bab7fbd320e7fe6f5eeb98ec182ec73967f56f4b6d02e7ff1654567a836600 Loading...

	wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521	ScriptElement	7.2 kB	2024-08-29	2025-04-01
Pretty URL wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521 IP 172.67.158.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-29 17:54 Last Seen2025-04-01 23:19 Times Seen5 Hash fab39396f155cb5fb7eb63c8f23e8c26 eab11e1995701774feed80f5db3d2427c9ac00fe 8c7d97ee28eeaf7323586d39754f4305ae4ddaa05f1bcc59eff1233cdad65224 Loading...

	wecima.movie/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.4.3	ScriptElement	95 kB	2023-03-07	2025-06-12
Pretty URL wecima.movie/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.4.3 IP 172.67.158.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39 Last Seen2025-06-12 17:37 Times Seen136 Hash fcdee094e98d38fe380e1b5aad9bf444 d0ea8bb98673c7daa2da3af292eeea39a4f7479a ab97310577a6474ae4b0bd9bb8ef5267698bb9fa61127cb358d4512676d90488 Loading...

	www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3	ScriptElement	324 kB	2024-12-05	2024-12-05
Pretty URL www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 23:42 Last Seen2024-12-05 23:42 Times Seen1 Hash d9e01753036891916adbc802777f030f 28c5ec2223dc646620e87f88b332cf4566e257b1 b10280fefea086070c70945488ccb75c64f24a685751357c30c42ea204590976 Loading...

HTTP Transactions (47)

URL IP Response Size

www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3

142.250.74.168

200 OK

108 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint8F:6D:67:20:75:1C:E2:F2:C3:65:DF:AC:EA:22:D8:AD:ED:0A:08:BA
ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT

File type
JavaScript source, ASCII text, with very long lines (3969)
Size
108 kB (108221 bytes)
Hash
d9e01753036891916adbc802777f030f
28c5ec2223dc646620e87f88b332cf4566e257b1
b10280fefea086070c70945488ccb75c64f24a685751357c30c42ea204590976

HTTP Headers

GET /gtag/js?id=G-6JHTFKY3P3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 05 Dec 2024 23:41:54 GMT
expires: Thu, 05 Dec 2024 23:41:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 108221
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2

216.58.207.227

200 OK

8.5 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8488, version 1.0
Size
8.5 kB (8488 bytes)
Hash
b405dddf4639fdf946fed00d4b91139c
5df4eb97753c51715b996fcec1dec7e55877404b
b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.movie
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8488
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 30 Nov 2024 06:54:52 GMT
expires: Sun, 30 Nov 2025 06:54:52 GMT
cache-control: public, max-age=31536000
age: 492422
last-modified: Tue, 16 Jul 2019 03:31:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2

216.58.207.227

200 OK

9.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9864, version 1.0
Size
9.9 kB (9864 bytes)
Hash
9751651b345afc0e49ca1a302c19a294
05393c6e747f5e8a3c7fbee5fe15cad4c80837e1
d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.movie
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9864
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 29 Nov 2024 00:15:22 GMT
expires: Sat, 29 Nov 2025 00:15:22 GMT
cache-control: public, max-age=31536000
age: 602792
last-modified: Tue, 16 Jul 2019 03:31:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2

216.58.207.227

200 OK

11 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10580, version 1.0
Size
11 kB (10580 bytes)
Hash
245d8f75ea8c5799e5de85a8a7bd4172
7f546a6c551e87bb224124789c11fdb2f6429479
2f96f4fd6fe569f64e044e0409274b2f2d79976497a9b275deb497dbbfc542b0

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.movie
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Dec 2024 16:47:52 GMT
expires: Thu, 04 Dec 2025 16:47:52 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Jul 2019 03:31:01 GMT
content-type: font/woff2
age: 111242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2

216.58.207.227

200 OK

8.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8948, version 1.0
Size
8.9 kB (8948 bytes)
Hash
3ca4aaa12ffa2e1f165db59f857ee5b0
1a72fa6677fa1b70f43d4a0abf3c309c211ee9fa
d404f987f0d261c3eff16cd778fb138d5c604af7f361e609ef0b91bac16d7e67

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.movie
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 29 Nov 2024 19:02:38 GMT
expires: Sat, 29 Nov 2025 19:02:38 GMT
cache-control: public, max-age=31536000
age: 535156
last-modified: Tue, 16 Jul 2019 03:31:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19984, version 1.0
Size
20 kB (19984 bytes)
Hash
0db10b5d1f471ef6c3a30158ff403106
ea993e87704687d1399a3b1fd79aa84c47659c82
e0e544b2864b4c3d7425f4eff9f9365b629abcbaf37f03d0bf5ba381f227d48a

HTTP Headers

GET /s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.movie
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19984
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Dec 2024 09:31:27 GMT
expires: Thu, 04 Dec 2025 09:31:27 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Sep 2020 03:51:37 GMT
content-type: font/woff2
age: 137428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

inklinkor.com/tag.min.js

172.67.211.29

200 OK

32 kB

URL GET HTTP/2
inklinkor.com/tag.min.js
IP
172.67.211.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subjectinklinkor.com
Fingerprint52:8E:10:F1:5C:29:14:7F:FE:B6:DE:F2:0B:B2:FC:A0:8A:A8:B1:09
ValidityFri, 11 Oct 2024 22:36:07 GMT - Thu, 09 Jan 2025 22:36:06 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
32 kB (32387 bytes)
Hash
2eeea61eb013dc83a41eafa1703c29b2
a50df19172681e73e3d4f561e5ce1d0b1e7009ca
a11d2141877d0c5e71945d23d73045d76d56813b6664477d8c03eed853b2b64b

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 21e17e6530d224119b1bf1d376d89fd9
cache-control: max-age=86400
last-modified: Thu, 05 Dec 2024 12:18:18 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Fri, 06 Dec 2024 22:27:05 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJZHgVssCPz7TmySCb0ohsNO0ukSNe9BuMxQK3N%2Bm9EycI%2BQQVa4%2Fo7nzrjGk48k101reGL8sEqZH2%2FPHlmu4arE25RQTgTR9qWF7BJ2pZkviccKT0PYDtb0X7OTBBrN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ed7e3c34f321bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=573&min_rtt=480&rtt_var=192&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3204&recv_bytes=1054&delivery_rate=7192052&cwnd=254&unsent_bytes=0&cid=fd1b53d36b6af8f5&ts=31&x=0"
X-Firefox-Spdy: h2

wecima.movie/wp-content/uploads/2021/01/MV5BNTc4MmE4MGYtNWIwNC00MjdkLTkxMDYtZjkyZTgzNTRkMmIxXkEyXkFqcGdeQXVyODEyMDIxNDY@._V1_UY12001402771539.jpg

172.67.158.161

200 OK

227 kB

URL GET HTTP/3
wecima.movie/wp-content/uploads/2021/01/MV5BNTc4MmE4MGYtNWIwNC00MjdkLTkxMDYtZjkyZTgzNTRkMmIxXkEyXkFqcGdeQXVyODEyMDIxNDY@._V1_UY12001402771539.jpg
IP
172.67.158.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Certificate
IssuerGoogle Trust Services
Subjectwecima.movie
Fingerprint31:FF:8D:26:E2:AA:CC:32:27:AC:85:62:83:DB:89:29:82:3A:23:2A
ValiditySat, 16 Nov 2024 14:58:51 GMT - Fri, 14 Feb 2025 14:58:50 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 853x1200, components 3
Size
227 kB (226556 bytes)
Hash
6a149e4d445c212493e5a0505f9b3ec3
669d48dd6df0655d1325b36153ff2a6427df1fc7
f3dd8a9b83a28282e4c0d414a101dd9fc151ecbd4d4d77fdd688e06cf7f8a9b1

HTTP Headers

GET /wp-content/uploads/2021/01/MV5BNTc4MmE4MGYtNWIwNC00MjdkLTkxMDYtZjkyZTgzNTRkMmIxXkEyXkFqcGdeQXVyODEyMDIxNDY@._V1_UY12001402771539.jpg HTTP/1.1
Host: wecima.movie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.movie/
DNT: 1
Connection: keep-alive
Cookie: _ga_6JHTFKY3P3=GS1.1.1733442115.1.0.1733442115.0.0.0; _ga=GA1.1.661441047.1733442115
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: image/jpeg
content-length: 226556
last-modified: Wed, 06 Jan 2021 17:31:53 GMT
etag: "5ff5f409-374fc"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6388
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wKyUjJDUlkdDOQ78LVlnS6w%2BtyRuvKFolzgD9Bdg0PlISnH2nmHDOyiybYqXuMtyZXmcKW4ZqFAC6km7KdM%2FaVCT1KQUTnuv50zwmwAd7iz8%2ByTFuKM8gT4z1sRB3xA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ed7e3c57937712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6518&min_rtt=1184&rtt_var=4901&sent=106&recv=24&lost=0&retrans=0&sent_bytes=105591&recv_bytes=4977&delivery_rate=36320&cwnd=48000&unsent_bytes=0&cid=646bfdc71df57faa&ts=1121&x=1", cfExtPri, cfHdrFlush;dur=0

www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c&gtm=45je4c40v899650979za200

142.250.74.168

200 OK

77 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c&gtm=45je4c40v899650979za200
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint8F:6D:67:20:75:1C:E2:F2:C3:65:DF:AC:EA:22:D8:AD:ED:0A:08:BA
ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT

File type
JavaScript source, ASCII text, with very long lines (2310)
Size
77 kB (77436 bytes)
Hash
10a9c51281c395d8f838d3bba062b7fa
2f50bde32a0e6786ef094a1e8c0262adf756b41c
67743a137dbddde633580e031890ef20330bd3cbb4c561adc63df8685f7173ad

HTTP Headers

GET /gtag/js?id=UA-128370636-1&l=dataLayer&cx=c&gtm=45je4c40v899650979za200 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 05 Dec 2024 23:41:55 GMT
expires: Thu, 05 Dec 2024 23:41:55 GMT
cache-control: private, max-age=900
last-modified: Thu, 05 Dec 2024 22:58:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 77436
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

wecima.movie/AjaxCenter/RightBar/

172.67.158.161

200 OK

9.5 kB

URL GET HTTP/3
wecima.movie/AjaxCenter/RightBar/
IP
172.67.158.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subjectwecima.movie
Fingerprint31:FF:8D:26:E2:AA:CC:32:27:AC:85:62:83:DB:89:29:82:3A:23:2A
ValiditySat, 16 Nov 2024 14:58:51 GMT - Fri, 14 Feb 2025 14:58:50 GMT

File type
JSON text data
Size
9.5 kB (9496 bytes)
Hash
68570b50c45c81be9b7e4a30d1ecf51d
641c2ba5a5cc26995c9e5a04c1514d35c3ee2645
4be7501c914b339e0ff4949e5335bfe0b933d074a4009916f909f55f6da8a944

HTTP Headers

GET /AjaxCenter/RightBar/ HTTP/1.1
Host: wecima.movie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Cookie: _ga_6JHTFKY3P3=GS1.1.1733442115.1.0.1733442115.0.0.0; _ga=GA1.1.661441047.1733442115
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: application/json
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wAQc%2B0phtQjQnXneb4%2F4J%2BsouHfgH1afgg96UtCTlGDcRnB0N6hOSKwog%2BRFTflq4k%2FKzv7bk3IJC6y45qg%2FGPl%2BeHVgVwRD5Gm2paMdUV56meicZWCqc4ruPTcvcL0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ed7e3c47899712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7526&min_rtt=1184&rtt_var=5833&sent=95&recv=21&lost=0&retrans=0&sent_bytes=94313&recv_bytes=4458&delivery_rate=230027&cwnd=48000&unsent_bytes=0&cid=646bfdc71df57faa&ts=1035&x=1", cfExtPri, cfHdrFlush;dur=0

site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-brands-400.woff2

172.64.147.188

200 OK

105 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-brands-400.woff2
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
FingerprintB1:69:23:88:5E:EA:EA:76:BC:90:A2:CE:D9:3B:3F:5D:FE:5F:13:09
ValidityTue, 30 Jul 2024 00:00:00 GMT - Mon, 27 Jan 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 104740, version 768.256
Size
105 kB (104740 bytes)
Hash
27ed7b486bfe3163c0d312b6d2aa9069
97cb3773774b591841557c859b0f1b4b1b1cde09
fb347c28258cfeeb9b0904c469d8049fcb2ad4d1bb5e4c9601e0edda3b76bb69

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.movie
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: font/woff2
content-length: 104740
x-amz-id-2: f9sxFJ3Hkcb2fVHoOrLw6bhUKulEoTVpZO70bN0ds6wLBDPPl1nmbjVcLgbONXVchGke1Ath5B4=
x-amz-request-id: WQ5VRRKBPWSZ230W
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "27ed7b486bfe3163c0d312b6d2aa9069"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1030235
accept-ranges: bytes
server: cloudflare
cf-ray: 8ed7e3c69ab956ca-OSL
X-Firefox-Spdy: h2

site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-solid-900.woff2

172.64.147.188

200 OK

304 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-solid-900.woff2
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
FingerprintB1:69:23:88:5E:EA:EA:76:BC:90:A2:CE:D9:3B:3F:5D:FE:5F:13:09
ValidityTue, 30 Jul 2024 00:00:00 GMT - Mon, 27 Jan 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 303544, version 768.256
Size
304 kB (303544 bytes)
Hash
78863e0f6e65fbe6175866e6d5b6f18a
8cda0fc2a701bd6dcfaa94261178fa78df1d15de
82877c6d33c5d786db4815f756437c3e853e08bf8c6c267fd246760d2a96d029

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.movie
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: font/woff2
content-length: 303544
x-amz-id-2: lUpeH/o/7FejMOvVhxCAbOjcr5c6bH70h9JSjBVs4otmJJZjw+D32qicw0eflbElZtFAP1q8uNJykngl5pf5wMWcXSyvHoYCVuWGbXVVkRY=
x-amz-request-id: Q2180AYJTN9T3JQM
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "78863e0f6e65fbe6175866e6d5b6f18a"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 6523278
accept-ranges: bytes
server: cloudflare
cf-ray: 8ed7e3c6aabc56ca-OSL
X-Firefox-Spdy: h2

site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-light-300.woff2

172.64.147.188

200 OK

392 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-light-300.woff2
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
FingerprintB1:69:23:88:5E:EA:EA:76:BC:90:A2:CE:D9:3B:3F:5D:FE:5F:13:09
ValidityTue, 30 Jul 2024 00:00:00 GMT - Mon, 27 Jan 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 392136, version 768.256
Size
392 kB (392136 bytes)
Hash
2cb9262f4870f225de120af23500828a
0330732496c970248a96c6df732b4b6e8407246f
d9c0c73c3e6a75d59ff20ce5e1d4bdec5ee8c6f2724ff0deb6cddb8f7f207dbe

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-light-300.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.movie
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: font/woff2
content-length: 392136
x-amz-id-2: R1Kc2yZgjEXg7FSWCDd84Y9Za9OVI1lL6Vch0ceNgA3ZMRSxGkizrLCaqDKpnuKRvUo1ONJXKxE=
x-amz-request-id: Q21DYMFT5QRYF7GW
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "2cb9262f4870f225de120af23500828a"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 6523278
accept-ranges: bytes
server: cloudflare
cf-ray: 8ed7e3c6aaca56ca-OSL
X-Firefox-Spdy: h2

site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-regular-400.woff2

172.64.147.188

200 OK

358 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-regular-400.woff2
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
FingerprintB1:69:23:88:5E:EA:EA:76:BC:90:A2:CE:D9:3B:3F:5D:FE:5F:13:09
ValidityTue, 30 Jul 2024 00:00:00 GMT - Mon, 27 Jan 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 357732, version 768.256
Size
358 kB (357732 bytes)
Hash
aca950cc283a103f77e0001fb67043b7
bf0d2965fbc75a8a23ca081c7094a95535d46ca6
d2d786476ddb1827a07bc0ac83e78cee6d262a16092b6064c166091132f09b65

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wecima.movie
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: font/woff2
content-length: 357732
x-amz-id-2: sTfJvGbmK8MCsYg48Kn85GbDSswdMNvJgf6H/aTsRlGnjgsay5HO5msOlv2he+Blz9zLj9VHKzlBGAhJTTtiYijMtyt2TbX1bWqIsLEkmMM=
x-amz-request-id: Q21DWSTY1E940268
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "aca950cc283a103f77e0001fb67043b7"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 6523278
accept-ranges: bytes
server: cloudflare
cf-ray: 8ed7e3c6aacd56ca-OSL
X-Firefox-Spdy: h2

wecima.movie/wp-content/uploads/2023/02/wecima-favicon-1.png

172.67.158.161

200 OK

5.5 kB

URL GET HTTP/3
wecima.movie/wp-content/uploads/2023/02/wecima-favicon-1.png
IP
172.67.158.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subjectwecima.movie
Fingerprint31:FF:8D:26:E2:AA:CC:32:27:AC:85:62:83:DB:89:29:82:3A:23:2A
ValiditySat, 16 Nov 2024 14:58:51 GMT - Fri, 14 Feb 2025 14:58:50 GMT

File type
PNG image data, 271 x 211, 8-bit/color RGBA, non-interlaced
Size
5.5 kB (5499 bytes)
Hash
de6cab0eb34528ddc75c0bba91468367
805566b4421a52ccbc7ddea87282ce4df241f64e
ab33b59200764ca718a5f977d0eccf57c27d02560c59ba3a9b12af1819b1f7fa

HTTP Headers

GET /wp-content/uploads/2023/02/wecima-favicon-1.png HTTP/1.1
Host: wecima.movie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.movie/
DNT: 1
Connection: keep-alive
Cookie: _ga_6JHTFKY3P3=GS1.1.1733442115.1.0.1733442115.0.0.0; _ga=GA1.1.661441047.1733442115
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: image/png
content-length: 5499
last-modified: Mon, 13 Feb 2023 20:21:20 GMT
etag: "63ea9bc0-157b"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6763
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UR6qDccwXUP8%2B2Plgogan4S86zuZbq3aASFrkWpKW4fVx%2FOoGHobJB7I5oNK7eyC0xbgw8AS4gfniNcH9Lb1YkSaNtZdZxUb3SCmT%2BVIEkE1iYrgPcaNW1zyWp9Joxo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ed7e3c80b3a712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10271&min_rtt=1059&rtt_var=14974&sent=324&recv=33&lost=0&retrans=1&sent_bytes=357451&recv_bytes=6302&delivery_rate=56221&cwnd=192000&unsent_bytes=0&cid=646bfdc71df57faa&ts=1531&x=1", cfExtPri, cfHdrFlush;dur=0

cdnjs.cloudflare.com/ajax/libs/video.js/7.0.0/video.min.js

104.17.24.14

200 OK

90 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/video.js/7.0.0/video.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02
ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65141)
Size
90 kB (89934 bytes)
Hash
32803413b97579648bb6d086fde72f08
8a7d229a24879f094e80b78e417c90d07cdc4f13
8636f49e04c3b2b95dbdc4bc2dfff6d5babbfd642eab954087deaa7c2c2fae11

HTTP Headers

GET /ajax/libs/video.js/7.0.0/video.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 05 Dec 2024 23:41:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 89934
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0401f-6092d"
last-modified: Mon, 04 May 2020 16:17:35 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 607046
expires: Tue, 25 Nov 2025 23:41:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JyeLy1sE1eiM%2FQHa8%2FW6dvoRZdAkKJQ1DfVUCA7kqM%2ByD00wKonLrHRFb%2FZ8jiUz5RDIRDJQ5Rf3A3edFJCRZTlLsG7Kf0HEwf7AWabnlCb4TYNZCUZTjCBGtw%2BLboDVYg8AcM6X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8ed7e3c9b8cd5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.5.1.min.js

151.101.2.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.5.1.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30879 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d84"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 05 Dec 2024 23:41:56 GMT
age: 2816791
x-served-by: cache-lga21981-LGA, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 64, 37427
x-timer: S1733442116.196334,VS0,VE0
vary: Accept-Encoding
content-length: 30879
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic

142.250.74.74

200 OK

1.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintE8:18:86:79:89:2E:F0:7C:66:1F:C3:43:81:D2:6D:9E:0C:9C:AB:05
ValidityMon, 21 Oct 2024 08:38:00 GMT - Mon, 13 Jan 2025 08:37:59 GMT

File type
gzip compressed data, max compression
Size
1.0 kB (1024 bytes)
Hash
9ed63453fc9cc2410acaba1b7a4ef683
5bfd50903e8c2d0db2f3d83b2e80e901bf247708
40a75781da7529b866178d65f56c19e2e762934c2606a5de0fb0fef5280d08d4

HTTP Headers

GET /css?family=Tajawal:500,800&subset=arabic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 05 Dec 2024 23:41:56 GMT
date: Thu, 05 Dec 2024 23:41:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

wecima.tube/wp-content/uploads/2021/01/MV5BNTc4MmE4MGYtNWIwNC00MjdkLTkxMDYtZjkyZTgzNTRkMmIxXkEyXkFqcGdeQXVyODEyMDIxNDY@._V1_UY12001402771539.jpg

188.114.96.1

301 Moved Permanently

227 kB

URL GET HTTP/3
wecima.tube/wp-content/uploads/2021/01/MV5BNTc4MmE4MGYtNWIwNC00MjdkLTkxMDYtZjkyZTgzNTRkMmIxXkEyXkFqcGdeQXVyODEyMDIxNDY@._V1_UY12001402771539.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Certificate
IssuerGoogle Trust Services
Subjectwecima.tube
Fingerprint6B:42:B2:44:3A:16:0D:38:DD:05:A4:F8:28:EA:5A:9D:39:4D:5E:8C
ValidityThu, 24 Oct 2024 02:34:48 GMT - Wed, 22 Jan 2025 02:34:47 GMT

File type
data
Size
227 kB (226718 bytes)
Hash
3ddc37604bf5e13fb641c9936b061ca9
42de185b51a7a9e0114ff0bcf15e936a240ac99e
3cb67789857ddfc4f80c40fa5d1cbc1579872a091d3f3b8053ac62449aadf824

HTTP Headers

GET /wp-content/uploads/2021/01/MV5BNTc4MmE4MGYtNWIwNC00MjdkLTkxMDYtZjkyZTgzNTRkMmIxXkEyXkFqcGdeQXVyODEyMDIxNDY@._V1_UY12001402771539.jpg HTTP/1.1
Host: wecima.tube
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Thu, 05 Dec 2024 23:41:56 GMT
content-type: text/html
location: https://wecima.movie/wp-content/uploads/2021/01/MV5BNTc4MmE4MGYtNWIwNC00MjdkLTkxMDYtZjkyZTgzNTRkMmIxXkEyXkFqcGdeQXVyODEyMDIxNDY@._V1_UY12001402771539.jpg
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BwQapFU%2B4HKvR%2FdIU9GSZ7T3l65aTXUy9h5B8fAm0BTJ9Zquj4yDKGAbPbjCxgFvhwDBDganDZiDA7iDhts2b18oDRuVxDbidSJzB78u8sQh%2FlTICo1EOw2OxNsiBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ed7e3cc6e07b527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4193&min_rtt=1450&rtt_var=2502&sent=12&recv=6&lost=0&retrans=0&sent_bytes=4062&recv_bytes=1185&delivery_rate=405933&cwnd=12000&unsent_bytes=0&cid=24ae0ab0fd76737d&ts=1280&x=1", cfExtPri, cfHdrFlush;dur=0

tgb4.top15top.shop/xr30ziegp67y/Beastars.S03E01.720p.WEBRip.Wecima.tube.mp4.html?Key=LnNfbHLW_vYvD1hFai8Z4A&Expires=1733451523

104.21.41.189

302 Found

0 B

URL GET HTTP/2
tgb4.top15top.shop/xr30ziegp67y/Beastars.S03E01.720p.WEBRip.Wecima.tube.mp4.html?Key=LnNfbHLW_vYvD1hFai8Z4A&Expires=1733451523
IP
104.21.41.189:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Certificate
IssuerGoogle Trust Services
Subjecttop15top.shop
FingerprintC5:64:60:7B:65:E4:5B:9C:86:31:AB:32:30:79:1E:CB:09:30:7F:E4
ValidityTue, 08 Oct 2024 00:31:16 GMT - Mon, 06 Jan 2025 00:31:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xr30ziegp67y/Beastars.S03E01.720p.WEBRip.Wecima.tube.mp4.html?Key=LnNfbHLW_vYvD1hFai8Z4A&Expires=1733451523 HTTP/1.1
Host: tgb4.top15top.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 05 Dec 2024 23:41:56 GMT
content-length: 0
location: https://varcdnx9-16.erea12.shop:82/d/n5rqqfysbgeyf3tkdypjt3snf3nuebcwhixlo2j5inofzavd2u5fkbhwjvle3epjtofy7g4p/Beastars.S03E01.720p.WEBRip.Wecima.tube.mp4
set-cookie: lang=english; domain=.tgb4.top15top.shop; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mPfqcT7a6v%2BpxrUOhWCOyJhXpJS%2FOwykrPgJadbYiBCzrE4rFDRDpVDyqcpjUmgjnhD52ebe64PkOIMQXBatzleqLVZv9WNGhLqq2%2BJN1Rhr2MkWDZxLslmad1ZMjOADC0KTfIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ed7e3cd9fcb569d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=591&min_rtt=519&rtt_var=153&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3204&recv_bytes=1190&delivery_rate=6259365&cwnd=254&unsent_bytes=0&cid=aefeb09715502a64&ts=155&x=0"
X-Firefox-Spdy: h2

unpkg.com/@videojs/themes@1/dist/forest/index.css

104.17.248.203

302 Found

574 B

URL GET HTTP/2
unpkg.com/@videojs/themes@1/dist/forest/index.css
IP
104.17.248.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint55:F7:12:1C:45:DD:C3:DF:92:D5:D7:DB:17:9D:F2:78:B2:CF:FF:E1
ValiditySat, 23 Nov 2024 09:43:46 GMT - Fri, 21 Feb 2025 09:43:45 GMT

File type
ASCII text, with no line terminators
Size
574 B (574 bytes)
Hash
a0c45873abcf490e08dea28ec700a32b
59dbfe79533bbce749155f6ca998b4cc25ac4388
2cba5442f8102c3d1868e6ec2f6ea895e651e9ec7a498985d74ae7308ca5a578

HTTP Headers

GET /@videojs/themes@1/dist/forest/index.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 05 Dec 2024 23:41:56 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /@videojs/themes@1.0.1/dist/forest/index.css
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01JECK1QWSKTDPBFCFEZ9V1SYC-arn
cf-cache-status: HIT
age: 179
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8ed7e3c95bfa569d-OSL
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=008129b33d4b4ff8f6c161ff72928708

188.114.97.1

200 OK

18 kB

URL GET HTTP/2
my.rtmark.net/gid.js?userId=008129b33d4b4ff8f6c161ff72928708
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint8A:B7:CD:87:FA:39:07:A8:88:41:1C:9E:2D:0E:97:51:61:75:C1:34
ValidityWed, 06 Nov 2024 10:31:42 GMT - Tue, 04 Feb 2025 10:31:41 GMT

File type
JSON text data
Size
18 kB (18002 bytes)
Hash
f29b6850b601817abccf1f2e6931698a
e9389c8324fae9f088679bf4a5279b56315c0d7c
fde5a630fa596caa756e43865ed8121482324f9c2373cad953de540298570bc4

HTTP Headers

GET /gid.js?userId=008129b33d4b4ff8f6c161ff72928708 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wecima.movie
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wecima.movie
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
set-cookie: ID=008129b33d4b4ff8f6c161ff72928708; expires=Fri, 05 Dec 2025 23:41:55 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xX6E98658t0SiznHswLwS3XgkV%2BWkNRipd%2BxV9qz6awv3oHC%2Fbeg7NPa0MqJ3m70VU1etNR9vJ9EWoVNogKmsn%2B5UqxEGygFCwJBKh17Q1DIZ4FIXMLMqxEBLkNt5j8w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ed7e3c85a72712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2207&min_rtt=2174&rtt_var=384&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3203&recv_bytes=1102&delivery_rate=1907773&cwnd=253&unsent_bytes=0&cid=e94b23187481f879&ts=62&x=0"
X-Firefox-Spdy: h2

varcdnx9-16.erea12.shop:82/d/n5rqqfysbgeyf3tkdypjt3snf3nuebcwhixlo2j5inofzavd2u5fkbhwjvle3epjtofy7g4p/Beastars.S03E01.720p.WEBRip.Wecima.tube.mp4

185.40.4.54

206 Partial Content

891 kB

URL GET HTTP/1.1
varcdnx9-16.erea12.shop:82/d/n5rqqfysbgeyf3tkdypjt3snf3nuebcwhixlo2j5inofzavd2u5fkbhwjvle3epjtofy7g4p/Beastars.S03E01.720p.WEBRip.Wecima.tube.mp4
IP
185.40.4.54:82
ASN
#200195 Verasel, Inc.

Requested by
https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Certificate
IssuerLet's Encrypt
Subject*.erea12.shop
Fingerprint76:B8:25:4C:C5:1F:63:78:E1:0F:38:C3:6B:82:3A:55:D6:92:6C:06
ValidityMon, 18 Nov 2024 14:05:02 GMT - Sun, 16 Feb 2025 14:05:01 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
891 kB (890955 bytes)
Hash
9afbaaacbaa8a3de2973bfb85ef57565
90f4ceb10741d0a4ab45b6750a660dc06c8640a2
7dda65d2aee1f2b841ae9a0e41942f8832d02b2043bc9ebba50024ae942fb6ed

HTTP Headers

GET /d/n5rqqfysbgeyf3tkdypjt3snf3nuebcwhixlo2j5inofzavd2u5fkbhwjvle3epjtofy7g4p/Beastars.S03E01.720p.WEBRip.Wecima.tube.mp4 HTTP/1.1
Host: varcdnx9-16.erea12.shop:82
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, identity
Range: bytes=0-
Referer: https://wecima.movie/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Server: nginx
Date: Thu, 05 Dec 2024 23:16:43 GMT
Content-Type: application/octet-stream
Content-Length: 193880025
Last-Modified: Thu, 05 Dec 2024 10:15:47 GMT
Connection: close
Content-Disposition: attachment
ETag: "67517d53-b8e5fd9"
Content-Range: bytes 0-193880024/193880025

wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521

172.67.158.161

301 Moved Permanently

3.5 kB

URL GET HTTP/3
wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
IP
172.67.158.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subjectwecima.movie
Fingerprint31:FF:8D:26:E2:AA:CC:32:27:AC:85:62:83:DB:89:29:82:3A:23:2A
ValiditySat, 16 Nov 2024 14:58:51 GMT - Fri, 14 Feb 2025 14:58:50 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3
Size
3.5 kB (3532 bytes)
Hash
1b4af8bb671188cded46f36a48ce971e
101518b0ffcdfb5475e48564cc2fd85baa50aa68
ff4c8688bf1bd1580602a15917acdda12a0635816ad4d385b2156a81c6cb43e1

HTTP Headers

GET /run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521 HTTP/1.1
Host: wecima.movie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Cookie: _ga_6JHTFKY3P3=GS1.1.1733442115.1.0.1733442115.0.0.0; _ga=GA1.1.661441047.1733442115
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: text/html; charset=UTF-8
location: https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
expires: Fri, 06 Dec 2024 00:18:43 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FvaflITuwG8SLjoQItjr2iLC4UYaSncZuw6clQ6aur6109HHOZaHcYGGQb47AI1JK3B4qzhnokBvG2EqVJPE01qaMfyIyd6YV5XcS6j59P%2Ba7m%2BkDZo%2FE1n6AvsYzQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ed7e3c4c8c7712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6735&min_rtt=1184&rtt_var=5957&sent=104&recv=22&lost=0&retrans=0&sent_bytes=104656&recv_bytes=4503&delivery_rate=268798&cwnd=48000&unsent_bytes=0&cid=646bfdc71df57faa&ts=1077&x=1", cfExtPri, cfHdrFlush;dur=0

wecima.movie/insights.php

172.67.158.161

200 OK

35 B

URL POST HTTP/3
wecima.movie/insights.php
IP
172.67.158.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subjectwecima.movie
Fingerprint31:FF:8D:26:E2:AA:CC:32:27:AC:85:62:83:DB:89:29:82:3A:23:2A
ValiditySat, 16 Nov 2024 14:58:51 GMT - Fri, 14 Feb 2025 14:58:50 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
35 B (35 bytes)
Hash
6b652cac01878c3fd56eb6144f8ec758
2fb0dbad10a7c55b807ebc198e20ed61e8e1569f
95eff1092198a47f11a7261d5419945c9b7745f457589fc3c9f1cbac4cd5fe95

HTTP Headers

POST /insights.php HTTP/1.1
Host: wecima.movie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 12
Origin: https://wecima.movie
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 05 Dec 2024 23:41:54 GMT
content-type: application/json
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8pWXx%2F8eWO12Mi8D7RJCZgcQfJJlVBvTYn9caNG3IIJLKhTTWOfzNxqOC0bnrNuKZDzEUwsbVLojWO%2BJEj1PAYg8v6w8mJkpr%2BqxaRfKahsYaSEbduCctSSAAtD%2Fji0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ed7e3c22ec0712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7800&min_rtt=1184&rtt_var=6651&sent=87&recv=16&lost=0&retrans=0&sent_bytes=89227&recv_bytes=2778&delivery_rate=10070733&cwnd=48000&unsent_bytes=0&cid=646bfdc71df57faa&ts=651&x=1", cfExtPri, cfHdrFlush;dur=0

greerogloo.net/5/8568904/?oo=1&js_build=iclick-v1.1021.0&dmn=gekeebsirs.com&tt=2&ix=0

139.45.197.245

200 OK

4.0 kB

URL GET HTTP/2
greerogloo.net/5/8568904/?oo=1&js_build=iclick-v1.1021.0&dmn=gekeebsirs.com&tt=2&ix=0
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerLet's Encrypt
Subjectgreerogloo.net
Fingerprint89:CE:B7:E4:4A:48:BF:EF:98:19:E7:8E:47:B2:75:00:47:C9:A0:C1
ValiditySat, 16 Nov 2024 16:41:45 GMT - Fri, 14 Feb 2025 16:41:44 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3979), with no line terminators
Size
4.0 kB (3975 bytes)
Hash
9037f0e7876f62231624c2ed33daee91
16f42f878198eab6b908071f4dee14e7c03d13ed
f082097685e5ec679fc5230625eb0e0f4903794045f77ccc0ae55310604c46f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/8568904/?oo=1&js_build=iclick-v1.1021.0&dmn=gekeebsirs.com&tt=2&ix=0 HTTP/1.1
Host: greerogloo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wecima.movie
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: application/json
x-trace-id: 4aaba54811e20f4eeda8e19aea1fc5e0
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://wecima.movie
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=008129b33d4b4ff8f6c161ff72928708; expires=Fri, 05 Dec 2025 23:41:55 GMT; path=/; secure; SameSite=None
oaidts=1733442115; expires=Fri, 05 Dec 2025 23:41:55 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

greerogloo.net/?rb=lNeZKNfJF5Oi-nasaRLRt-Lp_GYG6_BiZEyej32Hv_MALHY2pIChl1LbicVOVuli7IlnQbF3l4ZBBjJReg-AYdXaJN4WKglFEt-MRINzQu7TEGjm4rjeU5W1pugGB4LNps0GREfRURu78LO3DASOai9rnRsPSnlxfGfE9zQ80ZSNnc6-bO5Fb9cNd5ZcDBf58eKAAoP3nXrh_7ayY970BRPm8b26uc4yTgqfyaIEBqCaRA9f08-UTbvfbFNQqE_0oD9wB_GH6eH_FOdX72DCvA%3D%3D&request_ab2=0&zoneid=8568904&js_build=iclick-v1.1021.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=981&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fwecima.movie%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D8%25A7%25D9%2586%25D9%2585%25D9%258A-beastars-%25D9%2585%25D9%2588%25D8%25B3%25D9%2585-3-%25D8%25AD%25D9%2584%25D9%2582%25D8%25A9-1%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=2&wgl=&js_build=iclick-v1.1021.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=70fe57bc-37e2-4bb1-a587-616d200cd14c&wasm=1&userId=008129b33d4b4ff8f6c161ff72928708&m=link

139.45.197.245

200 OK

2.9 kB

URL GET HTTP/2
greerogloo.net/?rb=lNeZKNfJF5Oi-nasaRLRt-Lp_GYG6_BiZEyej32Hv_MALHY2pIChl1LbicVOVuli7IlnQbF3l4ZBBjJReg-AYdXaJN4WKglFEt-MRINzQu7TEGjm4rjeU5W1pugGB4LNps0GREfRURu78LO3DASOai9rnRsPSnlxfGfE9zQ80ZSNnc6-bO5Fb9cNd5ZcDBf58eKAAoP3nXrh_7ayY970BRPm8b26uc4yTgqfyaIEBqCaRA9f08-UTbvfbFNQqE_0oD9wB_GH6eH_FOdX72DCvA%3D%3D&request_ab2=0&zoneid=8568904&js_build=iclick-v1.1021.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=981&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fwecima.movie%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D8%25A7%25D9%2586%25D9%2585%25D9%258A-beastars-%25D9%2585%25D9%2588%25D8%25B3%25D9%2585-3-%25D8%25AD%25D9%2584%25D9%2582%25D8%25A9-1%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=2&wgl=&js_build=iclick-v1.1021.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=70fe57bc-37e2-4bb1-a587-616d200cd14c&wasm=1&userId=008129b33d4b4ff8f6c161ff72928708&m=link
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerLet's Encrypt
Subjectgreerogloo.net
Fingerprint89:CE:B7:E4:4A:48:BF:EF:98:19:E7:8E:47:B2:75:00:47:C9:A0:C1
ValiditySat, 16 Nov 2024 16:41:45 GMT - Fri, 14 Feb 2025 16:41:44 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2971), with no line terminators
Size
2.9 kB (2942 bytes)
Hash
38e9b54037fe23a8c9e9d8534d33cdf4
952a1f98b7b52fef362b4e66800594a0430416b2
6c6e4b09801b6b7bd0c8c6091f121f7ca78f017fc5eccfeab88d857c6e96cbb8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=lNeZKNfJF5Oi-nasaRLRt-Lp_GYG6_BiZEyej32Hv_MALHY2pIChl1LbicVOVuli7IlnQbF3l4ZBBjJReg-AYdXaJN4WKglFEt-MRINzQu7TEGjm4rjeU5W1pugGB4LNps0GREfRURu78LO3DASOai9rnRsPSnlxfGfE9zQ80ZSNnc6-bO5Fb9cNd5ZcDBf58eKAAoP3nXrh_7ayY970BRPm8b26uc4yTgqfyaIEBqCaRA9f08-UTbvfbFNQqE_0oD9wB_GH6eH_FOdX72DCvA%3D%3D&request_ab2=0&zoneid=8568904&js_build=iclick-v1.1021.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=981&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fwecima.movie%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D8%25A7%25D9%2586%25D9%2585%25D9%258A-beastars-%25D9%2585%25D9%2588%25D8%25B3%25D9%2585-3-%25D8%25AD%25D9%2584%25D9%2582%25D8%25A9-1%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=2&wgl=&js_build=iclick-v1.1021.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=70fe57bc-37e2-4bb1-a587-616d200cd14c&wasm=1&userId=008129b33d4b4ff8f6c161ff72928708&m=link HTTP/1.1
Host: greerogloo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.movie/
Origin: https://wecima.movie
DNT: 1
Connection: keep-alive
Cookie: OAID=008129d4542346b9f5b8b9d02de88e72; oaidts=1733442115
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 05 Dec 2024 23:41:56 GMT
content-type: application/json
x-trace-id: 15b2962867c7e29c5353592aeb8f8728
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://wecima.movie
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008129b33d4b4ff8f6c161ff72928708; expires=Fri, 05 Dec 2025 23:41:56 GMT; path=/; secure; SameSite=None
oaidts=1733442116; expires=Fri, 05 Dec 2025 23:41:56 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 12 Dec 2024 23:41:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

site-assets.fontawesome.com/releases/v6.0.0/css/all.css

172.64.147.188

200 OK

466 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/css/all.css
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
FingerprintB1:69:23:88:5E:EA:EA:76:BC:90:A2:CE:D9:3B:3F:5D:FE:5F:13:09
ValidityTue, 30 Jul 2024 00:00:00 GMT - Mon, 27 Jan 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65360)
Size
466 kB (465728 bytes)
Hash
c8ccf9786058107114b343d52efb40bc
f690727a3f4aede7f2287320db4a07874381c10c
7ef19507353beb14a0415f80892c79742e8bd5072cfafd0e8806b12baeb7ef2d

HTTP Headers

GET /releases/v6.0.0/css/all.css HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: text/css
x-amz-id-2: 6rd4Tm76W7rxugdRlrT+jgYl+eQawQykYtRAMG3YKtc0mobcvp99oVPCk274jjIt6/ja46B0EdR/9iafQ1N28dA3bKEEEofTgVjLmyTWeoM=
x-amz-request-id: 4RBCW07ZNRJM8HTC
last-modified: Mon, 07 Feb 2022 20:23:49 GMT
etag: W/"c8ccf9786058107114b343d52efb40bc"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 852738
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ed7e3c4cff0568b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

wecima.movie/wp-content/themes/Mycima2021/components/packs/%23header/netflix.png

172.67.158.161

200 OK

3.5 kB

URL GET HTTP/3
wecima.movie/wp-content/themes/Mycima2021/components/packs/%23header/netflix.png
IP
172.67.158.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subjectwecima.movie
Fingerprint31:FF:8D:26:E2:AA:CC:32:27:AC:85:62:83:DB:89:29:82:3A:23:2A
ValiditySat, 16 Nov 2024 14:58:51 GMT - Fri, 14 Feb 2025 14:58:50 GMT

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Size
3.5 kB (3533 bytes)
Hash
54110064037a44285faf10b2cbe55e87
b2677d46ed052bfda6eecbb61ee5539349f5603d
c5b633a4f58b811923c6d41cbe24939af6aebb02e6796169c1797f0eeb31bdd4

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23header/netflix.png HTTP/1.1
Host: wecima.movie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Cookie: _ga_6JHTFKY3P3=GS1.1.1733442115.1.0.1733442115.0.0.0; _ga=GA1.1.661441047.1733442115
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: image/png
content-length: 3533
last-modified: Sun, 22 Aug 2021 16:56:59 GMT
etag: "612281db-dcd"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4766
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vFOJ46toPN7TudMFS8ZqA6ZtH01YSQqTRchEg7Rku%2F71uiPaLP3e1zDaovwW87VCx6%2Bn1WAyiNJokN%2BkX6P8FMGdSTET3bgaC26CGyiapyxdx%2FVXow6Ok%2F6YB%2BHE%2BNY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ed7e3c488a1712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8241&min_rtt=1184&rtt_var=5871&sent=90&recv=19&lost=0&retrans=0&sent_bytes=89964&recv_bytes=3760&delivery_rate=6978&cwnd=48000&unsent_bytes=0&cid=646bfdc71df57faa&ts=970&x=1", cfExtPri, cfHdrFlush;dur=0

wecima.movie/wp-content/themes/Mycima2021/js/vidjs-2.js

172.67.158.161

200 OK

27 kB

URL GET HTTP/3
wecima.movie/wp-content/themes/Mycima2021/js/vidjs-2.js
IP
172.67.158.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Certificate
IssuerGoogle Trust Services
Subjectwecima.movie
Fingerprint31:FF:8D:26:E2:AA:CC:32:27:AC:85:62:83:DB:89:29:82:3A:23:2A
ValiditySat, 16 Nov 2024 14:58:51 GMT - Fri, 14 Feb 2025 14:58:50 GMT

File type

Size
27 kB (27283 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/Mycima2021/js/vidjs-2.js HTTP/1.1
Host: wecima.movie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Cookie: _ga_6JHTFKY3P3=GS1.1.1733442115.1.0.1733442115.0.0.0; _ga=GA1.1.661441047.1733442115; prefetchAd_8568904=true; prefetchAd_4796941=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 05 Dec 2024 23:41:56 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 06 Jun 2023 18:43:27 GMT
etag: W/"647f7e4f-6a93"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4370
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6aBkM%2BM8c2DHYBe8oQyRlSqizXpEetJUdKUzGWIydgL%2BM9TkMpJax5uZfM9OFVYwvMqLRt3ni5qrpHrHs%2BQbridji7Ebsnpvr6HxjeXPd3iZec7enBmNv0bH1NDnRAA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ed7e3c93cba712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9393&min_rtt=1059&rtt_var=12988&sent=332&recv=36&lost=0&retrans=1&sent_bytes=364925&recv_bytes=7461&delivery_rate=576285&cwnd=192000&unsent_bytes=0&cid=646bfdc71df57faa&ts=1722&x=1", cfExtPri, cfHdrFlush;dur=0

unpkg.com/@videojs/themes@1.0.1/dist/forest/index.css

104.17.248.203

200 OK

4.7 kB

URL GET HTTP/2
unpkg.com/@videojs/themes@1.0.1/dist/forest/index.css
IP
104.17.248.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint55:F7:12:1C:45:DD:C3:DF:92:D5:D7:DB:17:9D:F2:78:B2:CF:FF:E1
ValiditySat, 23 Nov 2024 09:43:46 GMT - Fri, 21 Feb 2025 09:43:45 GMT

File type
ASCII text, with very long lines (4713), with no line terminators
Size
4.7 kB (4705 bytes)
Hash
f4eae9a8afcd9abd6c0a15a152e1bce8
9ab77953e7fe073c1e4075e3196613b9c8a06d60
0dc7cd97035d0073354825aa89d32ad41d8c0a3422226be471831cc28d8d024d

HTTP Headers

GET /@videojs/themes@1.0.1/dist/forest/index.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.movie/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 05 Dec 2024 23:41:56 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Wed, 28 Oct 2020 04:24:35 GMT
etag: "1261-TREtap8czYudjMboZWzHkoZFOgs"
via: 1.1 fly.io
fly-request-id: 01JDDTRPXDZ56Z8DEY4JPM332B-arn
cf-cache-status: HIT
age: 1032273
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8ed7e3caad1c569d-OSL
X-Firefox-Spdy: h2

172.67.158.161

200 OK

1.1 MB

URL GET HTTP/3
wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
IP
172.67.158.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subjectwecima.movie
Fingerprint31:FF:8D:26:E2:AA:CC:32:27:AC:85:62:83:DB:89:29:82:3A:23:2A
ValiditySat, 16 Nov 2024 14:58:51 GMT - Fri, 14 Feb 2025 14:58:50 GMT

File type

Size
1.1 MB (1085696 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521 HTTP/1.1
Host: wecima.movie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
DNT: 1
Connection: keep-alive
Cookie: _ga_6JHTFKY3P3=GS1.1.1733442115.1.0.1733442115.0.0.0; _ga=GA1.1.661441047.1733442115
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kjskk%2B%2FaCAeJK9Tb5Adh1tLJych88MVLyAzLRp7VBah1lOCFlP8tQR3J%2BRHz%2FJ6Xm3lUOYH5WVPHbf8fC6zuOM%2Bg7wJLnuU6StYWEWYWbwOa8lnSZrmD4uZI7FLZhdQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ed7e3c60989712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5500&min_rtt=1184&rtt_var=3584&sent=302&recv=28&lost=0&retrans=0&sent_bytes=338522&recv_bytes=5767&delivery_rate=9144654&cwnd=192000&unsent_bytes=0&cid=646bfdc71df57faa&ts=1279&x=1", cfExtPri, cfHdrFlush;dur=0

wecima.movie/wp-content/themes/Mycima2021/Style/fonts.css

172.67.158.161

200 OK

1.0 kB

URL GET HTTP/3
wecima.movie/wp-content/themes/Mycima2021/Style/fonts.css
IP
172.67.158.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Certificate
IssuerGoogle Trust Services
Subjectwecima.movie
Fingerprint31:FF:8D:26:E2:AA:CC:32:27:AC:85:62:83:DB:89:29:82:3A:23:2A
ValiditySat, 16 Nov 2024 14:58:51 GMT - Fri, 14 Feb 2025 14:58:50 GMT

File type
ASCII text, with very long lines (1057), with no line terminators
Size
1.0 kB (1035 bytes)
Hash
4cea7e0ed8c2d676c77f2be620a29806
e58b3c26c71935975c80a40bd2e8a5ccd8f4955c
9e6bb67fc5f5b4678f046a71bc2e452b93e7225ad235c1800ec6785543674c8c

HTTP Headers

GET /wp-content/themes/Mycima2021/Style/fonts.css HTTP/1.1
Host: wecima.movie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Cookie: _ga_6JHTFKY3P3=GS1.1.1733442115.1.0.1733442115.0.0.0; _ga=GA1.1.661441047.1733442115; prefetchAd_8568904=true; prefetchAd_4796941=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 05 Dec 2024 23:41:56 GMT
content-type: text/css
last-modified: Fri, 31 Jan 2020 22:37:49 GMT
etag: W/"5e34ac3d-40b"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4370
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WzUv2VxGJxG4%2FwKE87rSrxCisClQR6el%2FMFCRJMbzt%2FAKXe2bLR14M5zAvAUEP1HwaWuhEzycPHioAJBOByck%2FUiiu3oCoggy%2FPkxy4yyl6weAwnKDUhjUOows%2B90zo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ed7e3c92c75712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9393&min_rtt=1059&rtt_var=12988&sent=331&recv=36&lost=0&retrans=1&sent_bytes=363818&recv_bytes=7461&delivery_rate=576285&cwnd=192000&unsent_bytes=0&cid=646bfdc71df57faa&ts=1712&x=1", cfExtPri, cfHdrFlush;dur=0

unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js

104.17.248.203

200 OK

39 kB

URL GET HTTP/2
unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js
IP
104.17.248.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint55:F7:12:1C:45:DD:C3:DF:92:D5:D7:DB:17:9D:F2:78:B2:CF:FF:E1
ValiditySat, 23 Nov 2024 09:43:46 GMT - Fri, 21 Feb 2025 09:43:45 GMT

File type
JavaScript source, ASCII text
Size
39 kB (39407 bytes)
Hash
b671db9a73a06770313c1a05bcdc0b58
12280acce4192448e93e3b2ef9e1adf6c6eba94a
9162832cc3ed9507d8f869dd0d4fd0dacde05a078172d82a98b05e0aef1f1a34

HTTP Headers

GET /videojs-flash@2.2.1/dist/videojs-flash.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.movie/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 05 Dec 2024 23:41:56 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "99ef-EigKzOQZJEjpPjsu+eGt9sbrqUo"
via: 1.1 fly.io
fly-request-id: 01JDK6PTNVTJ5E5WW58P8XWGBK-arn
cf-cache-status: HIT
age: 851978
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8ed7e3cabd24569d-OSL
X-Firefox-Spdy: h2

wecima.movie/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.4.3

172.67.158.161

200 OK

88 kB

URL GET HTTP/3
wecima.movie/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.4.3
IP
172.67.158.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subjectwecima.movie
Fingerprint31:FF:8D:26:E2:AA:CC:32:27:AC:85:62:83:DB:89:29:82:3A:23:2A
ValiditySat, 16 Nov 2024 14:58:51 GMT - Fri, 14 Feb 2025 14:58:50 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
88 kB (88059 bytes)
Hash
b4999cbb6a73a9b312f635cff75e5a53
c7b683fc72d06eac129185c3e60362f5c1adc2a8
736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.4.3 HTTP/1.1
Host: wecima.movie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 05 Dec 2024 23:41:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 22 Aug 2021 16:57:00 GMT
etag: W/"612281dc-157fb"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 5118
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x8%2ByGPRXkHXtCRufJKYoLUVGV4p66uB%2BRqPWiuEbDmNHGwVgvH9PO0pPZzpby3L%2Ba2bO5XPRYvXrVSTxvGRBUBKJ%2BQEOzO%2BiT6AG1qXg3J8osweJHaJeP9%2BURdk%2FLuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ed7e3c06d67712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10243&min_rtt=1184&rtt_var=6726&sent=35&recv=12&lost=0&retrans=0&sent_bytes=28507&recv_bytes=2176&delivery_rate=10431654&cwnd=24000&unsent_bytes=0&cid=646bfdc71df57faa&ts=316&x=1", cfExtPri, cfHdrFlush;dur=0

bytogeticr.com/split_track?action=check_overlay&dlShown=false&zone=8568904

104.21.17.211

200 OK

0 B

URL GET HTTP/2
bytogeticr.com/split_track?action=check_overlay&dlShown=false&zone=8568904
IP
104.21.17.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subjectbytogeticr.com
Fingerprint00:D2:2D:27:94:3B:34:18:82:85:D1:2C:95:DE:B0:31:7B:D1:B6:4F
ValidityFri, 29 Nov 2024 09:58:38 GMT - Thu, 27 Feb 2025 09:58:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /split_track?action=check_overlay&dlShown=false&zone=8568904 HTTP/1.1
Host: bytogeticr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.movie/
Origin: https://wecima.movie
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LZMHH8lccdH86tZBNupjCT6QbvPrsH3RiOP2xdheVpsTbu8ONcMDdK2U%2B1XwoR4Phxdtk8ED4eFx1oEb4iGgj7wqrT83r5bfhdPFXZnfZ%2FHlqTTC7NIM%2BFyc%2BbRhqQGcmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ed7e3c59984568e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6476&min_rtt=492&rtt_var=11608&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3205&recv_bytes=1111&delivery_rate=7300840&cwnd=254&unsent_bytes=0&cid=1635a27b28f07180&ts=80&x=0"
X-Firefox-Spdy: h2

wecima.movie/wp-content/themes/Mycima2021/Style/Font/Ionicons/ionicons.min.css

172.67.158.161

200 OK

45 kB

URL GET HTTP/3
wecima.movie/wp-content/themes/Mycima2021/Style/Font/Ionicons/ionicons.min.css
IP
172.67.158.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Certificate
IssuerGoogle Trust Services
Subjectwecima.movie
Fingerprint31:FF:8D:26:E2:AA:CC:32:27:AC:85:62:83:DB:89:29:82:3A:23:2A
ValiditySat, 16 Nov 2024 14:58:51 GMT - Fri, 14 Feb 2025 14:58:50 GMT

File type

Size
45 kB (44637 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/Mycima2021/Style/Font/Ionicons/ionicons.min.css HTTP/1.1
Host: wecima.movie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/wp-content/themes/Mycima2021/Style/fonts.css
Cookie: _ga_6JHTFKY3P3=GS1.1.1733442115.1.0.1733442115.0.0.0; _ga=GA1.1.661441047.1733442115; prefetchAd_8568904=true; prefetchAd_4796941=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 05 Dec 2024 23:41:56 GMT
content-type: text/css
last-modified: Mon, 13 Apr 2020 00:29:44 GMT
etag: W/"5e93b278-ae5d"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4370
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wwctpA%2FYgOqLLox4f2kTfBcNhEMHXKI2ROFT2Wg6k8svoYWH1dFdK2J7WXyBQ35hpiiasqNze9d6MJABiJQNMad53hClW%2FbSNjDQFSrNLMAnvVfV3d4QHfX%2FgbDSXE8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ed7e3ca2d9f712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7898&min_rtt=1059&rtt_var=9916&sent=342&recv=39&lost=0&retrans=1&sent_bytes=374819&recv_bytes=7982&delivery_rate=408238&cwnd=192000&unsent_bytes=0&cid=646bfdc71df57faa&ts=1873&x=1", cfExtPri, cfHdrFlush;dur=0

wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/

172.67.158.161

200 OK

295 kB

URL User Request GET HTTP/2
wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
IP
172.67.158.161:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectwecima.movie
Fingerprint31:FF:8D:26:E2:AA:CC:32:27:AC:85:62:83:DB:89:29:82:3A:23:2A
ValiditySat, 16 Nov 2024 14:58:51 GMT - Fri, 14 Feb 2025 14:58:50 GMT

File type

Size
295 kB (295282 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/ HTTP/1.1
Host: wecima.movie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 05 Dec 2024 23:41:54 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XQjB4BvH%2BmsUqSL2%2FMjTxs9Qsz1E6WEWcR7qOremf6bTgRfv0ZfHQ7htpkD7geJRrr1vi8t9UxRDBQPRUIUlkYlHrao85aJ8a5ap3WuRd8j1xJEoIo9irjLSc2O67B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ed7e3be0d22b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6149&min_rtt=419&rtt_var=11446&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3279&recv_bytes=1340&delivery_rate=6950400&cwnd=254&unsent_bytes=0&cid=3f82f75619bfbefb&ts=96&x=0"
X-Firefox-Spdy: h2

gekeebsirs.com/tag.min.js

188.114.96.1

200 OK

71 kB

URL GET HTTP/2
gekeebsirs.com/tag.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subjectgekeebsirs.com
FingerprintE5:18:7A:22:4A:61:36:AC:67:09:0A:86:CA:D5:56:80:33:97:DD:43
ValidityFri, 11 Oct 2024 13:57:40 GMT - Thu, 09 Jan 2025 13:57:39 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
71 kB (71412 bytes)
Hash
2eeea61eb013dc83a41eafa1703c29b2
a50df19172681e73e3d4f561e5ce1d0b1e7009ca
a11d2141877d0c5e71945d23d73045d76d56813b6664477d8c03eed853b2b64b

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: gekeebsirs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: a323b0f30d19bdfd789b8139cfa1919f
cache-control: max-age=86400
last-modified: Thu, 05 Dec 2024 12:21:52 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Fri, 06 Dec 2024 12:25:24 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 40591
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MVgvQRrMKCONMOcwaQuyMTNHh9GxEzo5WuwQNY5HaVphGMsO98KrLh1ljhPbEeFsK%2BsmfrU2LzdrphLQ8HfyEKp8DCFQubQPzhmcgiBqCaawjU9iZfNfIbKat3oKwlnGbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ed7e3c33b8c56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=501&min_rtt=446&rtt_var=162&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3207&recv_bytes=1054&delivery_rate=8211720&cwnd=253&unsent_bytes=0&cid=26c8b217e4048eec&ts=42&x=0"
X-Firefox-Spdy: h2

wecima.tube/wp-content/uploads/2023/02/wecima-favicon-1.png

188.114.96.1

301 Moved Permanently

5.5 kB

URL GET HTTP/2
wecima.tube/wp-content/uploads/2023/02/wecima-favicon-1.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subjectwecima.tube
Fingerprint6B:42:B2:44:3A:16:0D:38:DD:05:A4:F8:28:EA:5A:9D:39:4D:5E:8C
ValidityThu, 24 Oct 2024 02:34:48 GMT - Wed, 22 Jan 2025 02:34:47 GMT

File type

Size
5.5 kB (5499 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/uploads/2023/02/wecima-favicon-1.png HTTP/1.1
Host: wecima.tube
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: text/html
location: https://wecima.movie/wp-content/uploads/2023/02/wecima-favicon-1.png
cache-control: max-age=31536000
cf-cache-status: HIT
age: 237
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=52fYJSjUzi5EWBjypHYtG%2FUO5%2Fan8mhkjIn54yBtuYi3yoOdPZSv5njcPQC4wY5S%2FMFVXhSezVgr1MKMAGXLP4KQAxmwpX16aSYLkPAj0wLuvKqdUq7QZhTX07Y7Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ed7e3c4495db51e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=502&min_rtt=436&rtt_var=138&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3274&recv_bytes=1218&delivery_rate=7688495&cwnd=254&unsent_bytes=0&cid=1b6fac9ac3123ce7&ts=29&x=0"
X-Firefox-Spdy: h2

greerogloo.net/5/4796941/?oo=1&js_build=iclick-v1.1021.0&dmn=inklinkor.com&tt=2&ix=0

139.45.197.245

200 OK

4.2 kB

URL GET HTTP/2
greerogloo.net/5/4796941/?oo=1&js_build=iclick-v1.1021.0&dmn=inklinkor.com&tt=2&ix=0
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerLet's Encrypt
Subjectgreerogloo.net
Fingerprint89:CE:B7:E4:4A:48:BF:EF:98:19:E7:8E:47:B2:75:00:47:C9:A0:C1
ValiditySat, 16 Nov 2024 16:41:45 GMT - Fri, 14 Feb 2025 16:41:44 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (4187), with no line terminators
Size
4.2 kB (4183 bytes)
Hash
af74ec4c1b8646e8ec74398c6dad1a06
a01e07b76911e98ddd26f451d10f6e51681842a6
ff8cfe3ffe40e3b46875e626e1bc7428e7df4d2d3abb7eb76642769d0867bd3f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/4796941/?oo=1&js_build=iclick-v1.1021.0&dmn=inklinkor.com&tt=2&ix=0 HTTP/1.1
Host: greerogloo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wecima.movie
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 05 Dec 2024 23:41:55 GMT
content-type: application/json
x-trace-id: 61842b9bccfeb3d308eb4d313bb94f17
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://wecima.movie
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=008129d4542346b9f5b8b9d02de88e72; expires=Fri, 05 Dec 2025 23:41:55 GMT; path=/; secure; SameSite=None
oaidts=1733442115; expires=Fri, 05 Dec 2025 23:41:55 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

greerogloo.net/?rb=oK3H79n_TQNnN12QpScuLQQM-ykLplHRAZnjBzQaBy7T6DiRf6Ls_kv8mpWs-9MxXXqBgakO6Yn3Y-1j7qYy0KyTIR--69gmQHo1Ig_ovjIuojS7AzRjpZuzGYZPBBnKnc8PNY-25hOqBh7tF2Z1mojvc-UDPNCJcfIVkAkTCWlOdtSvK0xKWakaug-xBDUNkuFHhC89F86EMrMq5M14k3U2RbtmVc39FH_1XwtrIskVuhuqcKbQYNGkowr7GX1Io2116AVrsowI9aQ3GUOdlw%3D%3D&request_ab2=0&zoneid=4796941&js_build=iclick-v1.1021.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=981&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fwecima.movie%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D8%25A7%25D9%2586%25D9%2585%25D9%258A-beastars-%25D9%2585%25D9%2588%25D8%25B3%25D9%2585-3-%25D8%25AD%25D9%2584%25D9%2582%25D8%25A9-1%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=2&wgl=&js_build=iclick-v1.1021.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=4a83e6e8-42f1-46a2-b619-16c6ec4ee763&wasm=1&userId=008129b33d4b4ff8f6c161ff72928708&m=link

139.45.197.245

200 OK

2.4 kB

URL GET HTTP/2
greerogloo.net/?rb=oK3H79n_TQNnN12QpScuLQQM-ykLplHRAZnjBzQaBy7T6DiRf6Ls_kv8mpWs-9MxXXqBgakO6Yn3Y-1j7qYy0KyTIR--69gmQHo1Ig_ovjIuojS7AzRjpZuzGYZPBBnKnc8PNY-25hOqBh7tF2Z1mojvc-UDPNCJcfIVkAkTCWlOdtSvK0xKWakaug-xBDUNkuFHhC89F86EMrMq5M14k3U2RbtmVc39FH_1XwtrIskVuhuqcKbQYNGkowr7GX1Io2116AVrsowI9aQ3GUOdlw%3D%3D&request_ab2=0&zoneid=4796941&js_build=iclick-v1.1021.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=981&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fwecima.movie%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D8%25A7%25D9%2586%25D9%2585%25D9%258A-beastars-%25D9%2585%25D9%2588%25D8%25B3%25D9%2585-3-%25D8%25AD%25D9%2584%25D9%2582%25D8%25A9-1%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=2&wgl=&js_build=iclick-v1.1021.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=4a83e6e8-42f1-46a2-b619-16c6ec4ee763&wasm=1&userId=008129b33d4b4ff8f6c161ff72928708&m=link
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerLet's Encrypt
Subjectgreerogloo.net
Fingerprint89:CE:B7:E4:4A:48:BF:EF:98:19:E7:8E:47:B2:75:00:47:C9:A0:C1
ValiditySat, 16 Nov 2024 16:41:45 GMT - Fri, 14 Feb 2025 16:41:44 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2452), with no line terminators
Size
2.4 kB (2433 bytes)
Hash
a31f8fea3ca946d810436c6b70f094c0
9cbb1ffde35b491824f6d6d4dd47ac9f44f70771
4c046be984f8cd0adb21af5eac2987c5e24df8e5eb55cfec25e9b0abf8447cc9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=oK3H79n_TQNnN12QpScuLQQM-ykLplHRAZnjBzQaBy7T6DiRf6Ls_kv8mpWs-9MxXXqBgakO6Yn3Y-1j7qYy0KyTIR--69gmQHo1Ig_ovjIuojS7AzRjpZuzGYZPBBnKnc8PNY-25hOqBh7tF2Z1mojvc-UDPNCJcfIVkAkTCWlOdtSvK0xKWakaug-xBDUNkuFHhC89F86EMrMq5M14k3U2RbtmVc39FH_1XwtrIskVuhuqcKbQYNGkowr7GX1Io2116AVrsowI9aQ3GUOdlw%3D%3D&request_ab2=0&zoneid=4796941&js_build=iclick-v1.1021.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=981&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fwecima.movie%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D8%25A7%25D9%2586%25D9%2585%25D9%258A-beastars-%25D9%2585%25D9%2588%25D8%25B3%25D9%2585-3-%25D8%25AD%25D9%2584%25D9%2582%25D8%25A9-1%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=2&wgl=&js_build=iclick-v1.1021.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=4a83e6e8-42f1-46a2-b619-16c6ec4ee763&wasm=1&userId=008129b33d4b4ff8f6c161ff72928708&m=link HTTP/1.1
Host: greerogloo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.movie/
Origin: https://wecima.movie
DNT: 1
Connection: keep-alive
Cookie: OAID=008129d4542346b9f5b8b9d02de88e72; oaidts=1733442115
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 05 Dec 2024 23:41:56 GMT
content-type: application/json
x-trace-id: 497002d69087a421be223e370d5ada7d
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://wecima.movie
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008129b33d4b4ff8f6c161ff72928708; expires=Fri, 05 Dec 2025 23:41:56 GMT; path=/; secure; SameSite=None
oaidts=1733442116; expires=Fri, 05 Dec 2025 23:41:56 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 12 Dec 2024 23:41:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

wecima.movie/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.4.3

172.67.158.161

200 OK

95 kB

URL GET HTTP/3
wecima.movie/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.4.3
IP
172.67.158.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subjectwecima.movie
Fingerprint31:FF:8D:26:E2:AA:CC:32:27:AC:85:62:83:DB:89:29:82:3A:23:2A
ValiditySat, 16 Nov 2024 14:58:51 GMT - Fri, 14 Feb 2025 14:58:50 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
95 kB (95124 bytes)
Hash
fcdee094e98d38fe380e1b5aad9bf444
d0ea8bb98673c7daa2da3af292eeea39a4f7479a
ab97310577a6474ae4b0bd9bb8ef5267698bb9fa61127cb358d4512676d90488

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.4.3 HTTP/1.1
Host: wecima.movie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 05 Dec 2024 23:41:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 22 Aug 2021 16:57:00 GMT
etag: W/"612281dc-17394"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 5118
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oZfe1Li1%2FpULDCD%2B9DHfonk5vJdIZFctXJfZ%2FH0bvSeNv9Pd4TiSpxD40Eng4OODjLkuFhT6PTRtfHm0dR3stq5rHNQKtq4hG23A6kdzAyE5RehZfHTPuqnjWkQfrDM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ed7e3c06d69712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11778&min_rtt=5001&rtt_var=6715&sent=14&recv=10&lost=0&retrans=0&sent_bytes=4146&recv_bytes=2090&delivery_rate=117754&cwnd=12000&unsent_bytes=0&cid=646bfdc71df57faa&ts=309&x=1", cfExtPri, cfHdrFlush;dur=0

unpkg.com/videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js

104.17.248.203

200 OK

717 kB

URL GET HTTP/2
unpkg.com/videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js
IP
104.17.248.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint55:F7:12:1C:45:DD:C3:DF:92:D5:D7:DB:17:9D:F2:78:B2:CF:FF:E1
ValiditySat, 23 Nov 2024 09:43:46 GMT - Fri, 21 Feb 2025 09:43:45 GMT

File type

Size
717 kB (717184 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wecima.movie/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 05 Dec 2024 23:41:56 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "af180-yddBL+N7CRgyB07pxWVoSeh+9Bw"
via: 1.1 fly.io
fly-request-id: 01JB084H2T0A159S15R2X65AX1-ams
cf-cache-status: HIT
age: 3635500
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8ed7e3cabd25569d-OSL
X-Firefox-Spdy: h2

unpkg.com/videojs-flash/dist/videojs-flash.js

104.17.248.203

302 Found

39 kB

URL GET HTTP/2
unpkg.com/videojs-flash/dist/videojs-flash.js
IP
104.17.248.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint55:F7:12:1C:45:DD:C3:DF:92:D5:D7:DB:17:9D:F2:78:B2:CF:FF:E1
ValiditySat, 23 Nov 2024 09:43:46 GMT - Fri, 21 Feb 2025 09:43:45 GMT

File type

Size
39 kB (39407 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /videojs-flash/dist/videojs-flash.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 05 Dec 2024 23:41:56 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /videojs-flash@2.2.1/dist/videojs-flash.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01JECJV7P6F4YD3PCFNWF5TBDM-arn
cf-cache-status: HIT
age: 392
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8ed7e3c98c21569d-OSL
X-Firefox-Spdy: h2

wecima.movie/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?1428071396&ver=6.4.3

172.67.158.161

200 OK

135 kB

URL GET HTTP/3
wecima.movie/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?1428071396&ver=6.4.3
IP
172.67.158.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Certificate
IssuerGoogle Trust Services
Subjectwecima.movie
Fingerprint31:FF:8D:26:E2:AA:CC:32:27:AC:85:62:83:DB:89:29:82:3A:23:2A
ValiditySat, 16 Nov 2024 14:58:51 GMT - Fri, 14 Feb 2025 14:58:50 GMT

File type

Size
135 kB (134877 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?1428071396&ver=6.4.3 HTTP/1.1
Host: wecima.movie
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D8%A7%D9%86%D9%85%D9%8A-beastars-%D9%85%D9%88%D8%B3%D9%85-3-%D8%AD%D9%84%D9%82%D8%A9-1/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 05 Dec 2024 23:41:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 22 Sep 2024 13:17:41 GMT
etag: W/"66f018f5-20edd"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7bqaozCKhOZTT8jwFIarc%2FFkYCz1SJQlbaKnk8XnTIdBjEna7zayCinECZtGYjW1o0FFae8T5DHifxg%2BZoAIHKvurC3pNv3fZVQ8qYLOXwf0tPgQ3oC3moELZaW3L1o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ed7e3c06d6a712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8642&min_rtt=1184&rtt_var=6621&sent=62&recv=14&lost=0&retrans=0&sent_bytes=60631&recv_bytes=2262&delivery_rate=2982969&cwnd=48000&unsent_bytes=0&cid=646bfdc71df57faa&ts=410&x=1", cfExtPri, cfHdrFlush;dur=0

unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js

104.17.248.203

302 Found

717 kB

URL GET HTTP/2
unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js
IP
104.17.248.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wecima.movie/run/6f5977236a53fd22733188c7de6028c335fd95d81fd031173dae901fbadd2c8fc24358686828c2b972b0d53b682c877edf9513a5e3d1de59ca4b1ee627e4b6d119aa6c5a819f039137baa853cd4450fd5b0ce3d74e7e6cea896632da73e5e61d1b5490/?Key=BerzlDW5m1RD8DjMc9T-MA&Expires=1733451521
Certificate
IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint55:F7:12:1C:45:DD:C3:DF:92:D5:D7:DB:17:9D:F2:78:B2:CF:FF:E1
ValiditySat, 23 Nov 2024 09:43:46 GMT - Fri, 21 Feb 2025 09:43:45 GMT

File type

Size
717 kB (717184 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /videojs-contrib-hls/dist/videojs-contrib-hls.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wecima.movie/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 05 Dec 2024 23:41:56 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01JECK4T642FWMD2DCP86C2B1W-arn
cf-cache-status: HIT
age: 78
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8ed7e3c98c26569d-OSL
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash