Report - we14.mycima.cc/watch.php?vid=85007c6ef

Report Overview

Visited public
2023-08-30 19:48:30
Tags
URL
we14.mycima.cc/watch.php?vid=85007c6ef
Finishing URL
we15.mycima.cc/watch.php?vid=85007c6ef
IP / ASN
146.19.24.15
#201814 Meverywhere sp. z o.o.
Title
مشاهدة فيلم رمسيس باريس 2023 ماي سيما

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-08-30 06:23:23	909 B	36 kB	142.250.74.106
we14.mycima.cc	unknown	2022-06-21	2023-08-28 00:28:46	2023-08-30 14:14:02	494 B	1.1 kB	146.19.24.15
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-08-30 05:16:09	418 B	3.5 kB	69.16.175.42
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-08-30 06:02:27	423 B	743 B	139.45.195.8
offerimage.com	304078	2019-06-10	2019-06-10 13:11:53	2023-08-30 09:09:04	898 B	27 kB	172.67.22.216
almstda.tv	unknown	unknown	No data	No data	2.1 kB	76 kB	139.45.197.245
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-08-30 06:01:26	882 B	128 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-08-30 06:56:34	1.6 kB	65 kB	216.58.207.227
fleraprt.com	unknown	2022-01-14	2022-01-14 23:55:14	2023-08-30 06:33:26	527 B	482 B	139.45.195.254
goomaphy.com	unknown	2022-07-21	2022-07-22 21:39:03	2023-08-30 03:12:35	3.3 kB	95 kB	139.45.197.239
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-08-30 05:09:09	2.7 kB	5.6 kB	142.250.74.131
arglingpistole.com	unknown	2023-08-16	2023-08-29 18:12:39	2023-08-30 04:51:13	405 B	1.1 kB	142.91.159.88
tzegilo.com	unknown	2022-01-14	2022-01-14 16:27:15	2023-08-30 09:09:03	399 B	18 kB	172.64.163.34
we15.mycima.cc	unknown	2022-06-21	2023-08-30 04:41:02	2023-08-30 14:14:32	32 kB	1.4 MB	146.19.24.15
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-08-30 07:34:54	432 B	34 kB	142.250.74.138
netdna.bootstrapcdn.com	3413	2012-05-25	2012-09-07 17:11:00	2023-08-30 08:16:29	1.5 kB	126 kB	104.18.11.207
ocsp.sectigo.com	487	2018-08-16	2019-11-29 12:50:24	2023-08-30 06:04:24	330 B	963 B	104.18.14.101

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-08-30 19:47:58	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:58	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:58	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:58	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:58	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:47:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:48:00	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:48:00	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:48:07	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:48:08	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-08-30 19:48:08	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-08-30	medium	fleraprt.com	Sinkholed
2023-08-30	medium	goomaphy.com	Sinkholed
2023-08-30	medium	goomaphy.com	Sinkholed
2023-08-30	medium	goomaphy.com	Sinkholed
2023-08-30	medium	goomaphy.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (36)

	URL	From	Size	First Seen	Last Seen
	netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js	ScriptElement	32 kB	2023-03-07	2025-06-23
Pretty URL netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-23 04:08 Times Seen3100 Hash abda843684d022f3bc22bc83927fe05f 26908395e7a9a4eab607d80aa50a81d65f3017cb 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f Loading...

	almstda.tv/5/6205538	ScriptElement	67 kB	2023-08-30	2023-08-30
Pretty URL almstda.tv/5/6205538 IP 139.45.197.245 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-30 21:48 Last Seen2023-08-30 21:49 Times Seen2 Hash 8475ce0b333277a78461b8afaed21617 5687cd9a4789e5fd0c3bc7c8e0013f8f840f1c10 5c75aed152238a6815f43108465448ade4c2eefcb9d2c6913e8fa39e504f9fd5 Loading...

	we15.mycima.cc/watch.php?vid=85007c6ef	ScriptElement	904 B	2024-08-21	2024-08-21
Pretty URL we15.mycima.cc/watch.php?vid=85007c6ef IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 07:44 Last Seen2024-08-21 07:44 Times Seen1 Hash 87ae171679991c1f0662d19d3fd1dd26 03b0e641b6bae6e4fe0ea4ab4d23794b58282288 5660585d2a7a421f39a949df817fc7a59c499021b6e08569b2ebe35f50d6699f Loading...

	we15.mycima.cc/watch.php?vid=85007c6ef	ScriptElement	1.8 kB	2023-04-07	2025-06-21
Pretty URL we15.mycima.cc/watch.php?vid=85007c6ef IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 18:47 Last Seen2025-06-21 19:32 Times Seen71 Hash f48799c490867e10bf3fff06b38a3657 06d3e0bf82b5259b96e54c501ca2fb9b1f503ebf 5936461d2e0d0feabaae55dda4e14f6e68fe759a2a8ef4350b5de96be8a111ac Loading...

	we15.mycima.cc/watch.php?vid=85007c6ef	ScriptElement	399 B	2024-08-21	2024-08-21
Pretty URL we15.mycima.cc/watch.php?vid=85007c6ef IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 07:44 Last Seen2024-08-21 07:44 Times Seen1 Hash 967ee44bdc26bbdb2029f610a7ee2b74 1ab4b34727eb54a7dcd427f630fb42d86f9f38b8 c07cc879de345c83fe11f505c1beb9a53e6420212d564beddd48b5ae978e3ae6 Loading...

	www.googletagmanager.com/gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c	ScriptElement	242 kB	2023-08-30	2023-08-30
Pretty URL www.googletagmanager.com/gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-30 21:48 Last Seen2023-08-30 21:48 Times Seen1 Hash 780ae5e1a560ef2e3a471870f8c5cc0e 3e245615865eadd6cdd0efbada112c2ed68f0598 dfccccbe5d0f0c3b9b7732b8e3c6314f0f8ae848975cdd0f1322722fc160f06b Loading...

	we15.mycima.cc/templates/3arbserv/js/jquery.plugins.a.js	ScriptElement	9.8 kB	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/templates/3arbserv/js/jquery.plugins.a.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-06-21 19:32 Times Seen60 Hash d30d39ea7362e56afcdb14c1919e36b6 3d8ad768ea89003210bea45e8aacd038bae1ecf1 a01674489d3ae093a5909246b27d46e09a6f49bc6834094f5febfa056910e0e5 Loading...

	we15.mycima.cc/templates/3arbserv/js/jasny-bootstrap.min.js	ScriptElement	20 kB	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/templates/3arbserv/js/jasny-bootstrap.min.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-06-21 19:32 Times Seen210 Hash f6b6e524d29d54ada53e4172b9d91cf7 427153c7a2d83d2ca800e397779f29b857801ad2 e7ad856551c720cb7c6a24a8bf4a9d6b6b24c24f07109cde96366338e53a4ff8 Loading...

	www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID	ScriptElement	110 kB	2023-08-30	2023-08-30
Pretty URL www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-30 21:48 Last Seen2023-08-30 21:48 Times Seen1 Hash 220c5ffc38d9bf7a55be0fa97799795a ba10309188d9b9ed313b3a6c3ee34c3cc92a5951 32c119ec78a7f83b9cce65b97b0b1f981d835fcdec8eed2b2f62b503ba554ecf Loading...

	we15.mycima.cc/js/melody.dev.js	ScriptElement	23 kB	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/js/melody.dev.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12 Last Seen2025-06-21 19:32 Times Seen137 Hash e238acf58475d3cdb95d614582134b24 b13c1da1f5254cb14f4f187bd5174ed0feb08a23 f3a4cbf3a8090b121a0d6d6dd8feda9f92831cdb5a070a7eb9ef58234c1f4eab Loading...

	we15.mycima.cc/templates/3arbserv/js/melody.dev.js	ScriptElement	8.0 kB	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/templates/3arbserv/js/melody.dev.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-06-21 19:32 Times Seen60 Hash c3bde81760af5b3df4d0c56ba06a0fca ecf2f46def386ad8f62fad28edc36c8440f339cc c6f149f7dcbe38ff7b1391b1fab3462f06309f79df7bf9135ba1e75b13189af8 Loading...

	we15.mycima.cc/watch.php?vid=85007c6ef	ScriptElement	424 B	2023-03-14	2024-08-21
Pretty URL we15.mycima.cc/watch.php?vid=85007c6ef IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 09:22 Last Seen2024-08-21 08:04 Times Seen26 Hash 46b256492e5a9113be7522341c978ed3 31fe4598ef6ff326b0a3ad2c24e9e1aa0f952f16 3a523495841a30353a9e39aadae46c8e687b1e82e7380b1c2259fc76ba8439fd Loading...

	we15.mycima.cc/watch.php?vid=85007c6ef	ScriptElement	176 B	2023-08-25	2024-10-23
Pretty URL we15.mycima.cc/watch.php?vid=85007c6ef IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-25 21:17 Last Seen2024-10-23 22:55 Times Seen79 Hash a604d1494e55df24ad7c62a30cc0f058 baec845d909270888dbcde8945d9ed24c8b53fba 5ed57bccec3ae6d6233648e109470a51ab1afb262a3daf1d177aaf86b8a86b19 Loading...

	we15.mycima.cc/templates/3arbserv/js/jquery.cropit.js	ScriptElement	28 kB	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/templates/3arbserv/js/jquery.cropit.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01 Last Seen2025-06-21 19:32 Times Seen241 Hash cd82e0edbcecf087be901e8e7ed0d035 2cedce9f87501152efa36eb1949d95c0ca4ff200 b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840 Loading...

	we15.mycima.cc/watch.php?vid=85007c6ef	ScriptElement	3.5 kB	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/watch.php?vid=85007c6ef IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:15 Last Seen2025-06-21 19:32 Times Seen120 Hash c3d5e7ae44ebf7eec435c9325b6f676f 8b6342ac0b9b097678cb23ae693917b91090b944 6dab04cf1ed42a5675ee85fc766f21ccf9386c3e61f9081987b6de3ec7e7f23b Loading...

	code.jquery.com/jquery-migrate-1.2.1.min.js	ScriptElement	7.2 kB	2023-03-07	2025-06-23
Pretty URL code.jquery.com/jquery-migrate-1.2.1.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-23 03:17 Times Seen5712 Hash eb05d8d73b5b13d8d84308a4751ece96 743052320809514fb788fe1d3df37fc87ce90452 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d Loading...

	we15.mycima.cc/watch.php?vid=85007c6ef	ScriptElement	478 B	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/watch.php?vid=85007c6ef IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:12 Last Seen2025-06-21 19:32 Times Seen102 Hash b6ec630beba5aa234f361049d0162851 40852e09b7e6202ef51b85ecf775694b703442d7 79fdb7c25e266e76ee0ff619f2487f81f0b97bed193c569362bdd39d5dc6c859 Loading...

	we15.mycima.cc/js/jquery.typewatch.js	ScriptElement	1.7 kB	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/js/jquery.typewatch.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12 Last Seen2025-06-21 19:32 Times Seen111 Hash 6915a93382a7b35f40987fd648b43f9d b78c77cc774594df414a7b1fb99c28083d85bb80 1836dba8922ca00f9ac170122f314b2cd7bbb2eba09c73d8bce215597bd9cd2b Loading...

	we15.mycima.cc/watch.php?vid=85007c6ef	ScriptElement	190 B	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/watch.php?vid=85007c6ef IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:01 Last Seen2025-06-21 19:32 Times Seen145 Hash 29727d13fa2a206a7cc92a101c29ab33 647b9b2f5532aaee7217e70850589ad673938fcb 42ee5f253d773ac3a83d1fc0d0f922a4c502f66dddfb591593129586c4f2725a Loading...

	we15.mycima.cc/watch.php?vid=85007c6ef	ScriptElement	1.8 kB	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/watch.php?vid=85007c6ef IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:01 Last Seen2025-06-21 19:32 Times Seen138 Hash 7bc2250f798e8dd30269772ee8cf4599 3fb3ed5ea1a5c052fa3c26e45d4abd3e722b9700 cda4eff9500a8b16f33a54c6cd1ce7d2ec3bf66cecddb63d9c736078916c5035 Loading...

	tzegilo.com/stattag.js	ScriptElement	18 kB	2023-05-22	2023-09-06
Pretty URL tzegilo.com/stattag.js IP 172.64.163.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 16:37 Last Seen2023-09-06 23:37 Times Seen392 Hash dd2f9f2bb1e1c74b905556d0a7bc5545 0c831c8c56da8167b9e2dfd1d3eb3288348da85d 63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663 Loading...

	unknown	EventHandler	0 B	0001-01-01	2025-06-23
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-06-23 04:17 Times Seen5077755 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	we15.mycima.cc/watch.php?vid=85007c6ef	ScriptElement	1.4 kB	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/watch.php?vid=85007c6ef IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:12 Last Seen2025-06-21 19:32 Times Seen85 Hash 48b383db8c4b689d51c7fe7520af1108 464dbc35d23e717068b6c71c46c7e267bf8bf3c4 e23346daaea4662b4e261ddc679f7ef3e914155a66fc2ded5802809568638553 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js	ScriptElement	96 kB	2023-03-07	2025-06-23
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-23 03:48 Times Seen9157 Hash f03e5a3bf534f4a738bc350631fd05bd 37b1db88b57438f1072a8ebc7559c909c9d3a682 aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Loading...

	we15.mycima.cc/templates/3arbserv/js/jquery.readmore.js	ScriptElement	3.4 kB	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/templates/3arbserv/js/jquery.readmore.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-06-21 19:32 Times Seen66 Hash 081fe3d90aad9b9f11e4b1c0569530df ff566498ce6f25f4a3b28c0e2bb92b6b86fea6ed 98e825583e6fb4f7e8a65f9063fb7ea2d34aee8f9aa480dfee285ea27f4fca02 Loading...

	we15.mycima.cc/watch.php?vid=85007c6ef	ScriptElement	291 B	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/watch.php?vid=85007c6ef IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:59 Last Seen2025-06-21 19:32 Times Seen163 Hash 0b5c6ecfd31b214438c017f7840cab7d 5b0d464bbab33735e654f6d0b47dd2bcd47f8e5c e0d679f66eea8fae589016f89ff238618cabb4b802add68fcbf4d70498356ea1 Loading...

	goomaphy.com/401/6219621	ScriptElement	91 kB	2023-08-30	2023-08-30
Pretty URL goomaphy.com/401/6219621 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-30 21:48 Last Seen2023-08-30 21:48 Times Seen1 Hash d6754906e3fa6b499dde3daf9c275b94 d5370ec401292a59726ab1d8c989dffe7ccdde86 fa8a634e2d678529061eac6566665f96fa0c79769239dc59f82ae58eb149f2e3 Loading...

	we15.mycima.cc/js/bootstrap-notify.min.js	ScriptElement	8.2 kB	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/js/bootstrap-notify.min.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-06-21 19:32 Times Seen188 Hash 5ba070af9d1b1a2782851940de30879f d33390fc88bf68bd23eb182d7dbc77f5227081b2 a13a07b242c80b57e0cbbacc6cfedb538d4d331ff1f9dff370519ec57407e450 Loading...

	we15.mycima.cc/templates/3arbserv/js/jquery.plugins.b.js	ScriptElement	9.5 kB	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/templates/3arbserv/js/jquery.plugins.b.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-06-21 19:32 Times Seen60 Hash 443045e7fcb603ba92e473b0ec11d2b2 8d9dd41c01b0f2738d6bd1a3984095570bbeb0df 8084ff37c531acc28e0fa45ecb19d9a3c846a91f1b2e101801a9dada0cd31702 Loading...

	we15.mycima.cc/watch.php?vid=85007c6ef	ScriptElement	216 B	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/watch.php?vid=85007c6ef IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:59 Last Seen2025-06-21 19:32 Times Seen182 Hash 901d05a394689754b24c53a14ff0bb94 16e6750d0db26beda439d20147af2cdf6ee85f6c c8d34bfa528cee7507080fac65baab9a6eacb046b4c097cc3201ff3bba0d09c1 Loading...

	we15.mycima.cc/watch.php?vid=85007c6ef	ScriptElement	439 B	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/watch.php?vid=85007c6ef IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:59 Last Seen2025-06-21 19:32 Times Seen181 Hash 86a6965e541a781a37d669b260561c55 d507b1712d0947c35ca109d78453ad0706543594 d08064727885699b455486366ac7a1b6e9e298d7cb1d94d4e491088d0bb8ab94 Loading...

	we15.mycima.cc/watch.php?vid=85007c6ef	ScriptElement	5.3 kB	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/watch.php?vid=85007c6ef IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:01 Last Seen2025-06-21 19:32 Times Seen164 Hash 5d0f0b5b79e9f10c796e8a416e57dd2d acca3a159098bbc8a6313d6f496cfeef362c3171 452c276bbd878d6970a8f3a2b5ebea89fcc866c5aa58e5e56afcdc9c53c2b78f Loading...

	arglingpistole.com/1clkn/55455	ScriptElement	6 B	2023-03-07	2025-06-23
Pretty URL arglingpistole.com/1clkn/55455 IP 142.91.159.88 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-23 00:04 Times Seen13298 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	we15.mycima.cc/templates/3arbserv/js/theme.js	ScriptElement	45 kB	2023-03-07	2025-06-21
Pretty URL we15.mycima.cc/templates/3arbserv/js/theme.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-06-21 19:32 Times Seen56 Hash d8176b4cb2798d51558fe707c55d7fbb 2d49a0b8afb91121d20469c210566fb8d21e82d6 497a2c9b733f23e5ec7ba08698be68a7cc7c121213e78be6a9db5ceb3943b8c9 Loading...

	we15.mycima.cc/watch.php?vid=85007c6ef	ScriptElement	850 B	2023-03-13	2025-06-21
Pretty URL we15.mycima.cc/watch.php?vid=85007c6ef IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 17:01 Last Seen2025-06-21 19:32 Times Seen51 Hash c070828794e3692be0a52440af066ad7 a22ab13f7ad1693710e700a1e4af7b0b9a5d13c0 ef97c53f57f9b726c0bdc02f4fb9bb0e6e8d0e9f37f3c24d3f913abcc06ae14b Loading...

	we15.mycima.cc/watch.php?vid=85007c6ef	ScriptElement	160 B	2023-03-07	2025-03-22
Pretty URL we15.mycima.cc/watch.php?vid=85007c6ef IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:12 Last Seen2025-03-22 06:46 Times Seen57 Hash a33472397f886fcb3563c05e3d3b2a3e 69a1391e6eb1b5a70ebf9cd6cb75140f7d52b31f 2e05173f926dcf805c7ad1a037cd22d1c0151fe1b06d766dced7c7b0466148f8 Loading...

HTTP Transactions (91)

URL IP Response Size

GET we14.mycima.cc/watch.php?vid=85007c6ef

146.19.24.15

301 Moved Permanently

707 B

URL User Request GET HTTP/2
we14.mycima.cc/watch.php?vid=85007c6ef
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

HTTP Headers

GET /watch.php?vid=85007c6ef HTTP/1.1
Host: we14.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 707
date: Wed, 30 Aug 2023 19:48:08 GMT
server: LiteSpeed
location: https://we15.mycima.cc/watch.php?vid=85007c6ef
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/css/bootstrap.min.css

146.19.24.15

200 OK

18 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/css/bootstrap.min.css
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
ASCII text, with very long lines (65360), with CRLF line terminators
Size
18 kB (18184 bytes)
Hash
057c5534becfdb2d50350cbacfb8fa8c
aee8eea23cc9ade1f7e3de672f57a9f79e9e1516
00cce1553100d450fad1142957e5a2c793a1c5ba7877f5a119c704eb6acc1313

HTTP Headers

GET /templates/3arbserv/css/bootstrap.min.css HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:09 GMT
content-type: text/css
last-modified: Tue, 16 Apr 2019 09:05:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18184
date: Wed, 30 Aug 2023 19:48:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/css/jasny-bootstrap.min.css

146.19.24.15

200 OK

2.2 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/css/jasny-bootstrap.min.css
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
ASCII text, with very long lines (13803), with CRLF line terminators
Size
2.2 kB (2228 bytes)
Hash
56a224ccaaf1ad3df6ee7dbbc019aeac
2ce1ef76b342a8fafda1e03a62b99be5340812bf
777a9e5bb5d35fd671e5b252c67a0cf462baa8258db145ef6ea7dadf4de4b481

HTTP Headers

GET /templates/3arbserv/css/jasny-bootstrap.min.css HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:09 GMT
content-type: text/css
last-modified: Wed, 20 Apr 2016 09:46:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2228
date: Wed, 30 Aug 2023 19:48:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/css/echo.css

146.19.24.15

200 OK

47 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/css/echo.css
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
ASCII text, with CRLF line terminators
Size
47 kB (46677 bytes)
Hash
ddf860f5b206570261ecc17836030729
ade9251cb8b817c9686a075a15d59f4051e02ddd
992ceb90f0e31207c443dfd7dedcbcb1a0b612d0c9fe851bc838534d035181f7

HTTP Headers

GET /templates/3arbserv/css/echo.css HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:09 GMT
content-type: text/css
last-modified: Fri, 25 Mar 2022 14:00:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 46677
date: Wed, 30 Aug 2023 19:48:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/css/animate.min.css

146.19.24.15

200 OK

3.8 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/css/animate.min.css
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
ASCII text, with very long lines (319)
Size
3.8 kB (3849 bytes)
Hash
3d0a26b7c254da8c0d297e753ff23f65
877d0bcad6716a05066d9b6dab07e264f631a5f0
f1f0041c0c62f37ee475d174370f574a62afd842055e79a86dc4c722532de6bb

HTTP Headers

GET /templates/3arbserv/css/animate.min.css HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:09 GMT
content-type: text/css
last-modified: Tue, 16 Apr 2019 08:00:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3849
date: Wed, 30 Aug 2023 19:48:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/css/bootstrap.min.rtl.css

146.19.24.15

200 OK

4.2 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/css/bootstrap.min.rtl.css
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
ASCII text, with very long lines (540), with CRLF line terminators
Size
4.2 kB (4160 bytes)
Hash
50650996f24f8595aca871946cf4bfc7
7fa88ac85d0f97dcd3c80c62a62dca78aedf73f2
16725d7575da85e45223fc328ae010003775db250fda7bfdec9dc1e1676437a4

HTTP Headers

GET /templates/3arbserv/css/bootstrap.min.rtl.css HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:09 GMT
content-type: text/css
last-modified: Thu, 14 Apr 2016 08:16:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4160
date: Wed, 30 Aug 2023 19:48:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/social-thumb.php?vid=85007c6ef

146.19.24.15

200 OK

53 kB

URL GET HTTP/2
we15.mycima.cc/social-thumb.php?vid=85007c6ef
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 575x480, components 3\012- data
Size
53 kB (53088 bytes)
Hash
35490bb781c9666a44b338afaa69554d
6248c168f027df82100579f49764c30be6f5328f
8b863e0596126348aed33b608ec8a0ea8d9bef797313e1b39358c5a0c94b37d3

HTTP Headers

GET /social-thumb.php?vid=85007c6ef HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:09 GMT
content-length: 53088
date: Wed, 30 Aug 2023 19:48:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET code.jquery.com/jquery-migrate-1.2.1.min.js

69.16.175.42

200 OK

3.1 kB

URL GET HTTP/2
code.jquery.com/jquery-migrate-1.2.1.min.js
IP
69.16.175.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7085)
Size
3.1 kB (3063 bytes)
Hash
eb05d8d73b5b13d8d84308a4751ece96
743052320809514fb788fe1d3df37fc87ce90452
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

HTTP Headers

GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 30 Aug 2023 19:48:09 GMT
content-encoding: gzip
content-length: 3063
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1c1f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1693424889.dop208.sk1.t,1693424889.cds219.sk1.hn,1693424889.cds242.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b5489fedaa045bef07cc2b5a12e49964
f2d403c637e104fafb4e35016f359d98839ce015
4120d2fcbfc6b08d5fd867b07f64a1ed1958f05e56aa56f129cf25be80766d40

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Aug 2023 19:48:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b5489fedaa045bef07cc2b5a12e49964
f2d403c637e104fafb4e35016f359d98839ce015
4120d2fcbfc6b08d5fd867b07f64a1ed1958f05e56aa56f129cf25be80766d40

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Aug 2023 19:48:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
30d77ba439d53432eb4cd49e08a58d05
ecd7b3265d9a76dd0ad1ea89b383087421e576fa
1ca6fe6759134514df5ff4736556144a494f23f4a2061e9e0ef6ed1979053ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Aug 2023 19:48:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

142.250.74.138

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint94:C0:54:E4:BA:6C:E0:93:C6:8F:D9:27:1C:74:6F:E8:CE:6E:E2:BA
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
ASCII text, with very long lines (32038)
Size
34 kB (33507 bytes)
Hash
f03e5a3bf534f4a738bc350631fd05bd
37b1db88b57438f1072a8ebc7559c909c9d3a682
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

HTTP Headers

GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Aug 2023 17:47:15 GMT
expires: Thu, 29 Aug 2024 17:47:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 7255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID

142.250.74.168

200 OK

43 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint4E:35:EC:AC:A4:3A:09:F9:F3:9A:26:43:94:A7:BA:2C:01:54:DA:12
ValidityMon, 07 Aug 2023 12:16:40 GMT - Mon, 30 Oct 2023 12:16:39 GMT

File type
ASCII text, with very long lines (2271)
Size
43 kB (42762 bytes)
Hash
220c5ffc38d9bf7a55be0fa97799795a
ba10309188d9b9ed313b3a6c3ee34c3cc92a5951
32c119ec78a7f83b9cce65b97b0b1f981d835fcdec8eed2b2f62b503ba554ecf

HTTP Headers

GET /gtag/js?id=GA_MEASUREMENT_ID HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Aug 2023 19:48:10 GMT
expires: Wed, 30 Aug 2023 19:48:10 GMT
cache-control: private, max-age=900
last-modified: Wed, 30 Aug 2023 18:06:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42762
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b5489fedaa045bef07cc2b5a12e49964
f2d403c637e104fafb4e35016f359d98839ce015
4120d2fcbfc6b08d5fd867b07f64a1ed1958f05e56aa56f129cf25be80766d40

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Aug 2023 19:48:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
30d77ba439d53432eb4cd49e08a58d05
ecd7b3265d9a76dd0ad1ea89b383087421e576fa
1ca6fe6759134514df5ff4736556144a494f23f4a2061e9e0ef6ed1979053ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Aug 2023 19:48:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b5489fedaa045bef07cc2b5a12e49964
f2d403c637e104fafb4e35016f359d98839ce015
4120d2fcbfc6b08d5fd867b07f64a1ed1958f05e56aa56f129cf25be80766d40

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Aug 2023 19:48:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET arglingpistole.com/1clkn/55455

142.91.159.88

200 OK

26 B

URL GET HTTP/1.1
arglingpistole.com/1clkn/55455
IP
142.91.159.88:443
ASN
#7979 SERVERS-COM

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectarglingpistole.com
Fingerprint35:EF:B1:4B:FD:22:83:BF:DB:F9:AD:73:52:80:02:1A:30:08:CC:32
ValidityWed, 16 Aug 2023 12:04:29 GMT - Tue, 14 Nov 2023 12:04:28 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

HTTP Headers

GET /1clkn/55455 HTTP/1.1
Host: arglingpistole.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Aug 2023 19:48:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Thu, 31-Aug-2023 19:48:10 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjAC%2FAKJi1buM2WoQuvwDRiYJgjztjP3WeLd%2FG8SilOE7CdkFSFqXJTHk1xLkFPcNOCBw%2FdyPzuv6AZnJ%2FAs8euDU6yWhYf1z9g8zfIYn9x9pN14pZoxQfw2rbu7%2B5xuHY30KQJHEUzOIypAr00fl7rHdA%3D; expires=Thu, 31-Aug-2023 19:48:10 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET we15.mycima.cc/templates/3arbserv/css/echo.rtl.css

146.19.24.15

200 OK

3.6 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/css/echo.rtl.css
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
ASCII text, with CRLF, LF line terminators
Size
3.6 kB (3601 bytes)
Hash
133de044f542e50c4a5eae2799e148ac
c028504cf9a957ca86d7f1a06371fdc085deaace
e64aa5acc7482eb1a727ee2962407ce824e6f3cb5e22ceda2f27a0dd72072743

HTTP Headers

GET /templates/3arbserv/css/echo.rtl.css HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:10 GMT
content-type: text/css
last-modified: Mon, 06 May 2019 06:49:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3601
date: Wed, 30 Aug 2023 19:48:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/css/custom2.css?v=2

146.19.24.15

200 OK

9.0 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/css/custom2.css?v=2
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
ASCII text, with very long lines (6169), with CRLF line terminators
Size
9.0 kB (9028 bytes)
Hash
182b715de3f603e8ba4afcbb23998151
195778efe8fbb7292c2bb88fdcf1e74eef6f3653
7b7bf629e95f70350aef2045f55c58e43871de5a1c66f01022e61ee47cefa497

HTTP Headers

GET /templates/3arbserv/css/custom2.css?v=2 HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:10 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 08:12:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9028
date: Wed, 30 Aug 2023 19:48:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/custom-logo.png

146.19.24.15

200 OK

1.7 kB

URL GET HTTP/2
we15.mycima.cc/uploads/custom-logo.png
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
PNG image data, 261 x 80, 8-bit/color RGB, non-interlaced\012- data
Size
1.7 kB (1695 bytes)
Hash
3e53d26a827b96ee64d9acd4e9f6ca8c
dce6ba3cd6bb744cbf18af7845d6b2b6656d93d2
7528a0ef939cd8a7234300f5f244b8603a65f252beaa4fb4d69c564ba70c01e0

HTTP Headers

GET /uploads/custom-logo.png HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:10 GMT
content-type: image/png
last-modified: Wed, 30 Aug 2023 06:10:45 GMT
accept-ranges: bytes
content-length: 1695
date: Wed, 30 Aug 2023 19:48:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/images.png

146.19.24.15

200 OK

5.2 kB

URL GET HTTP/2
we15.mycima.cc/images.png
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
PNG image data, 348 x 145, 8-bit colormap, non-interlaced\012- data
Size
5.2 kB (5175 bytes)
Hash
a766d8c1a622eaf6f8c61923eb7b2ffa
0451f3b28a9d3ba5e86db5bf84647b2695d281df
c4708018079d00eb69f9401ede6757ad56d2debe193c0e2e5490229d5c4db8ea

HTTP Headers

GET /images.png HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:10 GMT
content-type: image/png
last-modified: Sat, 29 Apr 2023 00:41:07 GMT
accept-ranges: bytes
content-length: 5175
date: Wed, 30 Aug 2023 19:48:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/avatars/avatar795-1.jpg

146.19.24.15

200 OK

4.8 kB

URL GET HTTP/2
we15.mycima.cc/uploads/avatars/avatar795-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 120x120, components 3\012- data
Size
4.8 kB (4805 bytes)
Hash
8d40b6ddc977a84433c3df9117e5e5ed
b6502d175ff51f1fa47545cbb7dda578e0197349
34d406af254166de7eaf86cd6754a1a74ea12070ed90d1b9390ed0fce2f10f0f

HTTP Headers

GET /uploads/avatars/avatar795-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:10 GMT
content-type: image/jpeg
last-modified: Sun, 13 Nov 2022 20:45:32 GMT
accept-ranges: bytes
content-length: 4805
date: Wed, 30 Aug 2023 19:48:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/85007c6ef-1.jpg

146.19.24.15

200 OK

53 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/85007c6ef-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 575x480, components 3\012- data
Size
53 kB (52889 bytes)
Hash
9dd698387e46e3350b7ac4ad6879686c
06a621d2cb2bc6d8affe6df32b6def184145fd1a
ad85d3b2b1710f144acd08870dbfe12f3c32f20fae851bc5f822699c4e673807

HTTP Headers

GET /uploads/thumbs/85007c6ef-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:11 GMT
content-type: image/jpeg
last-modified: Thu, 13 Apr 2023 03:17:24 GMT
accept-ranges: bytes
content-length: 52889
date: Wed, 30 Aug 2023 19:48:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/img/icon-play-32.png

146.19.24.15

200 OK

2.4 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/img/icon-play-32.png
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 kB (2413 bytes)
Hash
35bd95e97ff446debcc363482550378d
91c8d90e0524e5346aa4f3ae0806893db5d95959
eee224146191f9cc5fabac0a105fe5b9b34750f8afe16823dbb593259d8a1d75

HTTP Headers

GET /templates/3arbserv/img/icon-play-32.png HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/templates/3arbserv/css/echo.css
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:11 GMT
content-type: image/png
last-modified: Sat, 05 Mar 2022 10:18:44 GMT
accept-ranges: bytes
content-length: 2413
date: Wed, 30 Aug 2023 19:48:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

104.18.11.207

200 OK

64 kB

URL GET HTTP/3
netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Size
64 kB (64464 bytes)
Hash
4b5a84aaf1c9485e060c503a0ff8cadb
574ea2698c03ae9477db2ea3baf460ee32f1a7ea
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

HTTP Headers

GET /font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we15.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://netdna.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 30 Aug 2023 19:48:11 GMT
content-type: font/woff2
content-length: 64464
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 06/09/2022 10:24:04
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: f7c3e3ce420ead735981622947150d81
cdn-cache: HIT
cf-cache-status: HIT
age: 61908
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7fef8cc17b59b4f3-OSL
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a874e7aca5e7262bca0ff6966ce091d4
fa7e9f81e3c36ef6aec21dc611499c2ed6e8f60c
80d1a5734ce97908c944906f9cd57a9a124f51ab340cfe3e3c4afbd9b83af3d7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Aug 2023 19:48:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2

216.58.207.227

200 OK

31 kB

URL GET HTTP/2
fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 31248, version 1.0\012- data
Size
31 kB (31248 bytes)
Hash
436938da6ed799ca17110e719e4d2e51
b7ef31b6085a9f0963dffe7939abca527724d389
a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2

HTTP Headers

GET /ea/droidarabickufi/v6/DroidKufi-Regular.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we15.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Aug 2023 01:36:32 GMT
expires: Wed, 28 Aug 2024 01:36:32 GMT
cache-control: public, max-age=31536000
age: 151899
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
content-type: font/woff2
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a874e7aca5e7262bca0ff6966ce091d4
fa7e9f81e3c36ef6aec21dc611499c2ed6e8f60c
80d1a5734ce97908c944906f9cd57a9a124f51ab340cfe3e3c4afbd9b83af3d7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Aug 2023 19:48:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintB4:02:64:AF:5C:AB:27:5B:1B:80:CF:C8:FF:EB:BF:43:29:C3:C5:C1
ValidityTue, 25 Jul 2023 06:29:27 GMT - Mon, 23 Oct 2023 06:29:26 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
3232e7eebe5eac605357ee2bbfc2b786
9b17d84e2b2875569e10bbe2dbc15ef9f8d76daf
1dfef39573e0709bb536ec2c4c936b887e122617280e7261a2cec0950befada1

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://we15.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 30 Aug 2023 19:48:11 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://we15.mycima.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=08c41867282e4d4aac0af3f997935129; expires=Thu, 29 Aug 2024 19:48:11 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET we15.mycima.cc/ajax.php?p=stats&do=show&aid=2&at=1

146.19.24.15

200 OK

1.9 kB

URL GET HTTP/2
we15.mycima.cc/ajax.php?p=stats&do=show&aid=2&at=1
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
1.9 kB (1877 bytes)
Hash
ea5b0d5698b66dcb73ae13a1dbed128c
45b47384e7aba9f11a4a10009cf004fb1f89dddf
c5d1184e8b84ba21fc5be0e9186b5ab63678a3ef4523322342b464e3f413218a

HTTP Headers

GET /ajax.php?p=stats&do=show&aid=2&at=1 HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
pragma: no-cache
content-type: image/gif
expires: Wed, 5 Feb 1986 06:06:06 GMT
cache-control: must-revalidate
date: Wed, 30 Aug 2023 19:48:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/img/pm-avatar.png

146.19.24.15

200 OK

2.1 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/img/pm-avatar.png
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
PNG image data, 140 x 140, 8-bit colormap, non-interlaced\012- data
Size
2.1 kB (2135 bytes)
Hash
be7a1517b84d3548fdb863e78c72a3fe
91a88cc99f02e7ed22274fc3a6f42c6a3148ef0d
bd2021d52dbb110212c08885e0dab9580282334d6f1d1e50b8da0270ce8c475e

HTTP Headers

GET /templates/3arbserv/img/pm-avatar.png HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:11 GMT
content-type: image/png
last-modified: Tue, 19 Apr 2016 15:56:34 GMT
accept-ranges: bytes
content-length: 2135
date: Wed, 30 Aug 2023 19:48:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/avatars/default.gif

146.19.24.15

200 OK

2.3 kB

URL GET HTTP/2
we15.mycima.cc/uploads/avatars/default.gif
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
GIF image data, version 89a, 66 x 66\012- data
Size
2.3 kB (2327 bytes)
Hash
09e2544297338b84eee1c2cd0eac23d8
4c07242aef5a58da166e675443bd1808e6b1c44c
bc5b030f6f3d3d309ee03d6e75e4391dd2ec1a380390c5d33fe0ea654b5fc968

HTTP Headers

GET /uploads/avatars/default.gif HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:11 GMT
content-type: image/gif
last-modified: Sun, 11 Sep 2022 14:13:11 GMT
accept-ranges: bytes
content-length: 2327
date: Wed, 30 Aug 2023 19:48:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/articles/1e0efd97.jpg

146.19.24.15

200 OK

46 kB

URL GET HTTP/2
we15.mycima.cc/uploads/articles/1e0efd97.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 315x420, components 3\012- data
Size
46 kB (46481 bytes)
Hash
2096356bc2f0b260e57301b48524c636
ad80a8b8e40fbdb5b483e258d99c4afabde40f19
6688b7900e8e10aba050cc00eca55900e497b0bbfe2270954ac6d7f59b1402b0

HTTP Headers

GET /uploads/articles/1e0efd97.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:11 GMT
content-type: image/jpeg
last-modified: Thu, 13 Apr 2023 03:11:52 GMT
accept-ranges: bytes
content-length: 46481
date: Wed, 30 Aug 2023 19:48:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.14.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
7e630bbd6e340fa441481ce7e4982882
85870784e18603ebc4c3b472084c132b8d4b43f5
bf17de5554d923e88344565ad4aa8430f1fc0e88c405d467a00e20f08caf2ac0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Aug 2023 19:48:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Aug 2023 15:04:25 GMT
Expires: Sun, 03 Sep 2023 15:04:24 GMT
Etag: "85870784e18603ebc4c3b472084c132b8d4b43f5"
Cache-Control: max-age=329388,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7fef8cc63e71b517-OSL

POST fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1325
Origin: https://we15.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 30 Aug 2023 19:49:18 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://we15.mycima.cc
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

GET offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg

172.67.22.216

200 OK

13 kB

URL GET HTTP/2
offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg
IP
172.67.22.216:443
ASN
#13335 CLOUDFLARENET

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
13 kB (13093 bytes)
Hash
1355aa125a385056845e0ee1d5384e9a
cfa5fd1b2dd6b299c0aecdf19fec3532ce4392ea
248797fff982ee400ab78ff6831182372f9ef8a6916364192ca0f30556577733

HTTP Headers

GET /www/images/1355aa125a385056845e0ee1d5384e9a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 30 Aug 2023 19:48:12 GMT
content-type: image/jpeg
content-length: 13093
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849b-3325"
expires: Thu, 31 Aug 2023 16:35:40 GMT
last-modified: Thu, 01 Dec 2022 10:40:27 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 11552
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fef8cc76db1b529-OSL
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/img/ico-verified.png

146.19.24.15

200 OK

275 B

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/img/ico-verified.png
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
275 B (275 bytes)
Hash
28d6bbbd9cde293a6ed65f84d949a789
e3ee56e6c0a0441320fa24160a9041b99934ae6d
7d3f6ea5d72f48f26ebffbded342570e69ca63693ee18a010233a9eb194e0fed

HTTP Headers

GET /templates/3arbserv/img/ico-verified.png HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:12 GMT
content-type: image/png
last-modified: Tue, 19 Apr 2016 15:56:34 GMT
accept-ranges: bytes
content-length: 275
date: Wed, 30 Aug 2023 19:48:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/ab052d759-1.jpg

146.19.24.15

200 OK

27 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/ab052d759-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x378, components 3\012- data
Size
27 kB (26881 bytes)
Hash
5b8bf6395a0cf361834b3454140eb285
484bb08fa43f0d5f645c449b2adf448f1f343acb
4cbaf7991280d7d93f66ef83e404d386fb1dbf9921c46a6168f1a70d8d9571c6

HTTP Headers

GET /uploads/thumbs/ab052d759-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:12 GMT
content-type: image/jpeg
last-modified: Thu, 19 Jan 2023 00:59:49 GMT
accept-ranges: bytes
content-length: 26881
date: Wed, 30 Aug 2023 19:48:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/6f525476e-1.jpg

146.19.24.15

200 OK

32 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/6f525476e-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 801x480, components 3\012- data
Size
32 kB (31974 bytes)
Hash
e22ceeb58da7b97d2e07d1c916bf0a4f
9c4727d9cd7aa0334a45f52009149e54f3ccb9d1
7b547b9ef81d303790cb81dde2097708ea725f7b8999f83423527eefa2435c62

HTTP Headers

GET /uploads/thumbs/6f525476e-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:12 GMT
content-type: image/jpeg
last-modified: Tue, 25 Jul 2023 17:40:28 GMT
accept-ranges: bytes
content-length: 31974
date: Wed, 30 Aug 2023 19:48:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/7fac21f9d-1.jpg

146.19.24.15

200 OK

25 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/7fac21f9d-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
25 kB (24721 bytes)
Hash
52717a80b70a8b026666944d1a359599
749cd596654da1e35b0cdc987bf48255e13a6768
917fc42cbbeace2be95c3ca1507d10c2db537dadbb61fa54f4a8c62568632d31

HTTP Headers

GET /uploads/thumbs/7fac21f9d-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:12 GMT
content-type: image/jpeg
last-modified: Sun, 13 Aug 2023 21:42:23 GMT
accept-ranges: bytes
content-length: 24721
date: Wed, 30 Aug 2023 19:48:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/de481289f-1.jpg

146.19.24.15

200 OK

61 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/de481289f-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x359, components 3\012- data
Size
61 kB (60712 bytes)
Hash
4ef81f4bad11d6edd668b15d27a05179
94f2e256eecd1616203f01f77d4f3647160b6679
5b89a674d47a9f3d3c3a4de252781358a7d4ae6646f2c53767a78ac3844eb985

HTTP Headers

GET /uploads/thumbs/de481289f-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:12 GMT
content-type: image/jpeg
last-modified: Sat, 15 Jul 2023 16:57:06 GMT
accept-ranges: bytes
content-length: 60712
date: Wed, 30 Aug 2023 19:48:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/f984ce5f8-1.jpg

146.19.24.15

200 OK

27 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/f984ce5f8-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x444, components 3\012- data
Size
27 kB (26949 bytes)
Hash
cc07eccad646171ab5ac6747f4abb4eb
9875bff163150ba9f873326efa477161bde182cc
86249d3974fe0a73969eeef6481090e27a66f1bb9ffe65752ac68d160ccbc978

HTTP Headers

GET /uploads/thumbs/f984ce5f8-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:13 GMT
content-type: image/jpeg
last-modified: Wed, 11 Jan 2023 15:01:19 GMT
accept-ranges: bytes
content-length: 26949
date: Wed, 30 Aug 2023 19:48:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/90ffecf36-1.jpg

146.19.24.15

200 OK

43 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/90ffecf36-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
43 kB (43129 bytes)
Hash
c7b5023884317915728b65b54eeb03f8
3f7067948cbcb2db606c27084ab6ecc53a5c8b00
0c29f15b852a4739bb6fd3dba22b06518e686c8d52bf4cca2795d32c2b10d9f2

HTTP Headers

GET /uploads/thumbs/90ffecf36-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:13 GMT
content-type: image/jpeg
last-modified: Sat, 14 Jan 2023 15:23:26 GMT
accept-ranges: bytes
content-length: 43129
date: Wed, 30 Aug 2023 19:48:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/fb899975b-1.jpg

146.19.24.15

200 OK

42 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/fb899975b-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x496, components 3\012- data
Size
42 kB (41665 bytes)
Hash
b332c8394d1e7d2c011b279ec622a37b
2eec8713af36e99afa48245598f634177d4d03e8
09a8155c58d42c18bff992571dc28e43813e89949961a72e5e7cdc464c798965

HTTP Headers

GET /uploads/thumbs/fb899975b-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:13 GMT
content-type: image/jpeg
last-modified: Sun, 08 Jan 2023 15:59:26 GMT
accept-ranges: bytes
content-length: 41665
date: Wed, 30 Aug 2023 19:48:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/9524be56b-1.jpg

146.19.24.15

200 OK

70 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/9524be56b-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
70 kB (69525 bytes)
Hash
8674110c112c4022726daf0949a599af
a69fca5e0c494e5312be01e01ba4ceb3095ef597
3c8acddcf7f2c6d3a1610e19dc627cbb7c1c0302a3e523774494a3ac53682f40

HTTP Headers

GET /uploads/thumbs/9524be56b-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:13 GMT
content-type: image/jpeg
last-modified: Tue, 17 Jan 2023 19:03:16 GMT
accept-ranges: bytes
content-length: 69525
date: Wed, 30 Aug 2023 19:48:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/5d6e5721d-1.jpg

146.19.24.15

200 OK

79 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/5d6e5721d-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
79 kB (78727 bytes)
Hash
059df150f4ff56f56df3c9bca561c3c4
3676fd004560e0764f53d4b29a6e546e80ca5e35
e5cc9ed99023f699a3d4ebde9eb60f2f98a89b384f424265e53fad54f9b5ea72

HTTP Headers

GET /uploads/thumbs/5d6e5721d-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:13 GMT
content-type: image/jpeg
last-modified: Sat, 14 Jan 2023 15:35:26 GMT
accept-ranges: bytes
content-length: 78727
date: Wed, 30 Aug 2023 19:48:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/210d42847-1.jpg

146.19.24.15

200 OK

25 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/210d42847-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
25 kB (24935 bytes)
Hash
48310fa37f6a4cf5ca694f5badae8848
5bcfdcc9a86b31682d11e13dced00732beed4922
770a20c74887e0b24800315cf9970f9328a8c24ec5a2777cea1299195cc8b1a3

HTTP Headers

GET /uploads/thumbs/210d42847-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:14 GMT
content-type: image/jpeg
last-modified: Thu, 19 Jan 2023 13:39:59 GMT
accept-ranges: bytes
content-length: 24935
date: Wed, 30 Aug 2023 19:48:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/29568397f-1.jpg

146.19.24.15

200 OK

45 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/29568397f-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
45 kB (44551 bytes)
Hash
6d79c5bc8db651018b00aff6c1557b8c
cf5cf47386a9ec5b5cfe038000999562e754a519
bc227b3fb013fcf8621a42310f1ebfcfc5a5238f18b70a5a437e40c4860b38e3

HTTP Headers

GET /uploads/thumbs/29568397f-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:14 GMT
content-type: image/jpeg
last-modified: Mon, 16 Jan 2023 22:13:36 GMT
accept-ranges: bytes
content-length: 44551
date: Wed, 30 Aug 2023 19:48:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/3df3d769d-1.jpg

146.19.24.15

200 OK

30 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/3df3d769d-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x390, components 3\012- data
Size
30 kB (30487 bytes)
Hash
20a695a54bdf98bd825c3302227d4944
c76fff22c6dc7c56a0626490794b54b06e7ccf1a
bbcb9b0ff72af4182af4fe92b4c4c965025e0924e91c25c580a535ed2ef0d811

HTTP Headers

GET /uploads/thumbs/3df3d769d-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:14 GMT
content-type: image/jpeg
last-modified: Fri, 13 Jan 2023 03:55:15 GMT
accept-ranges: bytes
content-length: 30487
date: Wed, 30 Aug 2023 19:48:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/2c3b666e2-1.jpg

146.19.24.15

200 OK

32 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/2c3b666e2-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x404, components 3\012- data
Size
32 kB (31571 bytes)
Hash
a1ad3d066b867ebd83544dadd3e4b730
be7a0639dfd3b2978e32ecc6baaf5ec0a39c2ac3
6159aad3e656c9b5d4839e9e6bef4b504d4467fdd13801a8b62a30d325cb181b

HTTP Headers

GET /uploads/thumbs/2c3b666e2-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:14 GMT
content-type: image/jpeg
last-modified: Fri, 24 Feb 2023 01:45:47 GMT
accept-ranges: bytes
content-length: 31571
date: Wed, 30 Aug 2023 19:48:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/b53f353ff-1.jpg

146.19.24.15

200 OK

62 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/b53f353ff-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
62 kB (61915 bytes)
Hash
238173b4049f7821912e54769dd4c4dd
762b521e783b2e321917e9ef58c1130722eda42d
69b0367a8887f707c9f1913adcc21e48b90e646e527912e5ed616a4db826e1c2

HTTP Headers

GET /uploads/thumbs/b53f353ff-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:14 GMT
content-type: image/jpeg
last-modified: Tue, 01 Aug 2023 16:49:16 GMT
accept-ranges: bytes
content-length: 61915
date: Wed, 30 Aug 2023 19:48:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/6239966df-1.jpg

146.19.24.15

200 OK

65 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/6239966df-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
65 kB (65447 bytes)
Hash
cead4fc67c7d538574feb2cfad2dd4e6
4ca857f84abbdac966a2f80200c7ed9ac3d30d99
db88d01e3c54751b0cb17edcb76011524cdf3b6ace81882946beba0730d4c286

HTTP Headers

GET /uploads/thumbs/6239966df-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:15 GMT
content-type: image/jpeg
last-modified: Wed, 08 Mar 2023 02:39:09 GMT
accept-ranges: bytes
content-length: 65447
date: Wed, 30 Aug 2023 19:48:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/bd4d99821-1.jpg

146.19.24.15

200 OK

63 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/bd4d99821-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
63 kB (62568 bytes)
Hash
8b74bdc34af5298aa84bf27549557c06
2e00bbee6f06f6ea3f0f7d1a463b43d738a9c777
f8709e5242e3d4f63e10e2cb88b51be09a5be1c7d5d188fd707339ecc2b5180e

HTTP Headers

GET /uploads/thumbs/bd4d99821-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:15 GMT
content-type: image/jpeg
last-modified: Tue, 07 Mar 2023 01:30:56 GMT
accept-ranges: bytes
content-length: 62568
date: Wed, 30 Aug 2023 19:48:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/17187aeb0-1.jpg

146.19.24.15

200 OK

29 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/17187aeb0-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
29 kB (28819 bytes)
Hash
7344629df630b21bb6fdb56fdcc3995b
a7bd417fa37b17708c06984b47aa81c4e09f16c4
69666de996e3af46dc0ca309a1cbb76bed5b6a048adaf46f5c5a93e5445b971b

HTTP Headers

GET /uploads/thumbs/17187aeb0-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:15 GMT
content-type: image/jpeg
last-modified: Wed, 11 Jan 2023 14:51:54 GMT
accept-ranges: bytes
content-length: 28819
date: Wed, 30 Aug 2023 19:48:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/51b9dbd41-1.jpg

146.19.24.15

200 OK

50 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/51b9dbd41-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x487, components 3\012- data
Size
50 kB (49558 bytes)
Hash
b374e43e4d7b84aefa2deec783b5e822
0e9d9c5c6d9ee2402bcb5b54b6955cef8d30c890
c93d3f8d624061593e67c3e5990f20fbd47ec142656a97a6ea82c4eeb46962c7

HTTP Headers

GET /uploads/thumbs/51b9dbd41-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:15 GMT
content-type: image/jpeg
last-modified: Thu, 19 Jan 2023 02:07:13 GMT
accept-ranges: bytes
content-length: 49558
date: Wed, 30 Aug 2023 19:48:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/c8c76655f-1.jpg

146.19.24.15

200 OK

56 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/c8c76655f-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
56 kB (55940 bytes)
Hash
4dd5c760e64e88c5f4bf2a71b9f4b790
d5f476ecb5b50c739e399507852b67204d4f3740
c7524b2488e281a4e8af0731902673337d4aa80d14d1d17b2b72db2e2a24d98a

HTTP Headers

GET /uploads/thumbs/c8c76655f-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:15 GMT
content-type: image/jpeg
last-modified: Tue, 17 Jan 2023 18:33:29 GMT
accept-ranges: bytes
content-length: 55940
date: Wed, 30 Aug 2023 19:48:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET goomaphy.com/impression/7oJNW0mL-tBjYMvLRZzdw2xJuxlogo9BBeih7InjEZAAlgugWN9QsC2gjCT19SOkfCqFN-MxBrcQ6rqanzr3e6PDa4XIDlJB1qQe-1x_egTEk67vHxes7jqjRW87sVekgs8yDkrGh-k-sJIvc-iFqB02Yt95v9lSJ-H0gG5660MpzstwCtPV6WCMV-nbXE0qmu0Kk6b1laATv2x1E67XQfjyndOHgKlmLtchp_oKJJ3ZbMjRtK2Eqpx3Q4VZT_NySbb0UbKNGSJssRk_2n0VDzxRCMgPLORDLr06PuTvBc-iP6ZmVqdqkqVdHqgeT2k4TSZTD1aTjNQGp9-XFR_ZAzCIB3USCb4nWyu_mAiE7lBT6Nlv4kWu2Y047mpAYbuBzz0ciffHn0L9c5mnYphU4drhrG5hkiQ475VP7q585kDf_8OM0cL16QRe-TVVcq0FKYrtGKw-AmwuI-vPB2weWOS1PtsKNL6GBDhduoR-9olfklC7_gzUlz-_z7AVVf4WbZmyMsvdmwVYKf7jscgTLHaJk4pT6CkyRywPGYpEKoyqVHPuKwcLr62AX0cdUJqgjWOUK-Kx1-ewPeS1FTrQzQ==?_z=6219621&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe15.mycima.cc%2Fwatch.php%3Fvid%3D85007c6ef&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=3&sw_version=v1.291.0

139.45.197.239

200 OK

43 B

URL GET HTTP/2
goomaphy.com/impression/7oJNW0mL-tBjYMvLRZzdw2xJuxlogo9BBeih7InjEZAAlgugWN9QsC2gjCT19SOkfCqFN-MxBrcQ6rqanzr3e6PDa4XIDlJB1qQe-1x_egTEk67vHxes7jqjRW87sVekgs8yDkrGh-k-sJIvc-iFqB02Yt95v9lSJ-H0gG5660MpzstwCtPV6WCMV-nbXE0qmu0Kk6b1laATv2x1E67XQfjyndOHgKlmLtchp_oKJJ3ZbMjRtK2Eqpx3Q4VZT_NySbb0UbKNGSJssRk_2n0VDzxRCMgPLORDLr06PuTvBc-iP6ZmVqdqkqVdHqgeT2k4TSZTD1aTjNQGp9-XFR_ZAzCIB3USCb4nWyu_mAiE7lBT6Nlv4kWu2Y047mpAYbuBzz0ciffHn0L9c5mnYphU4drhrG5hkiQ475VP7q585kDf_8OM0cL16QRe-TVVcq0FKYrtGKw-AmwuI-vPB2weWOS1PtsKNL6GBDhduoR-9olfklC7_gzUlz-_z7AVVf4WbZmyMsvdmwVYKf7jscgTLHaJk4pT6CkyRywPGYpEKoyqVHPuKwcLr62AX0cdUJqgjWOUK-Kx1-ewPeS1FTrQzQ==?_z=6219621&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe15.mycima.cc%2Fwatch.php%3Fvid%3D85007c6ef&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=3&sw_version=v1.291.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectgoomaphy.com
FingerprintC3:74:51:BB:A3:86:76:B1:BF:E9:5F:7B:8B:6D:B9:FA:A5:A9:BF:88
ValidityFri, 25 Aug 2023 05:21:05 GMT - Thu, 23 Nov 2023 05:21:04 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/7oJNW0mL-tBjYMvLRZzdw2xJuxlogo9BBeih7InjEZAAlgugWN9QsC2gjCT19SOkfCqFN-MxBrcQ6rqanzr3e6PDa4XIDlJB1qQe-1x_egTEk67vHxes7jqjRW87sVekgs8yDkrGh-k-sJIvc-iFqB02Yt95v9lSJ-H0gG5660MpzstwCtPV6WCMV-nbXE0qmu0Kk6b1laATv2x1E67XQfjyndOHgKlmLtchp_oKJJ3ZbMjRtK2Eqpx3Q4VZT_NySbb0UbKNGSJssRk_2n0VDzxRCMgPLORDLr06PuTvBc-iP6ZmVqdqkqVdHqgeT2k4TSZTD1aTjNQGp9-XFR_ZAzCIB3USCb4nWyu_mAiE7lBT6Nlv4kWu2Y047mpAYbuBzz0ciffHn0L9c5mnYphU4drhrG5hkiQ475VP7q585kDf_8OM0cL16QRe-TVVcq0FKYrtGKw-AmwuI-vPB2weWOS1PtsKNL6GBDhduoR-9olfklC7_gzUlz-_z7AVVf4WbZmyMsvdmwVYKf7jscgTLHaJk4pT6CkyRywPGYpEKoyqVHPuKwcLr62AX0cdUJqgjWOUK-Kx1-ewPeS1FTrQzQ==?_z=6219621&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe15.mycima.cc%2Fwatch.php%3Fvid%3D85007c6ef&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=3&sw_version=v1.291.0 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Cookie: OAID=08c41867282e4d4aac0af3f997935129
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Aug 2023 19:48:16 GMT
content-type: image/gif
content-length: 43
x-trace-id: 9dc7bfe854e56f4115fd7ffbabcbba00
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg

172.67.22.216

200 OK

13 kB

URL GET HTTP/2
offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg
IP
172.67.22.216:443
ASN
#13335 CLOUDFLARENET

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
13 kB (13093 bytes)
Hash
1355aa125a385056845e0ee1d5384e9a
cfa5fd1b2dd6b299c0aecdf19fec3532ce4392ea
248797fff982ee400ab78ff6831182372f9ef8a6916364192ca0f30556577733

HTTP Headers

GET /www/images/1355aa125a385056845e0ee1d5384e9a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Aug 2023 19:48:16 GMT
content-type: image/jpeg
content-length: 13093
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849b-3325"
expires: Thu, 31 Aug 2023 16:35:40 GMT
last-modified: Thu, 01 Dec 2022 10:40:27 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 11556
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fef8ce38c0cb529-OSL
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we15.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Aug 2023 10:05:24 GMT
expires: Sat, 24 Aug 2024 10:05:24 GMT
cache-control: public, max-age=31536000
age: 466972
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we15.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 04:50:55 GMT
expires: Fri, 23 Aug 2024 04:50:55 GMT
cache-control: public, max-age=31536000
age: 572241
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET we15.mycima.cc/uploads/thumbs/1a21537d1-1.jpg

146.19.24.15

200 OK

56 kB

URL GET HTTP/2
we15.mycima.cc/uploads/thumbs/1a21537d1-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x462, components 3\012- data
Size
56 kB (56036 bytes)
Hash
e1972c80bf62975af5ef3b5dee45f07d
448bc16f5d223a364d887de4b2320868ef49134f
207419252303975cc8f70d69374f3d34537588003469455d6c523b5a64c52ea2

HTTP Headers

GET /uploads/thumbs/1a21537d1-1.jpg HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:16 GMT
content-type: image/jpeg
last-modified: Sun, 08 Jan 2023 22:25:20 GMT
accept-ranges: bytes
content-length: 56036
date: Wed, 30 Aug 2023 19:48:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/js/theme.js

146.19.24.15

200 OK

14 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/js/theme.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
Unicode text, UTF-8 text, with very long lines (5357), with CRLF line terminators
Size
14 kB (13546 bytes)
Hash
d8176b4cb2798d51558fe707c55d7fbb
2d49a0b8afb91121d20469c210566fb8d21e82d6
497a2c9b733f23e5ec7ba08698be68a7cc7c121213e78be6a9db5ceb3943b8c9

HTTP Headers

GET /templates/3arbserv/js/theme.js HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:16 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2019 08:11:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13546
date: Wed, 30 Aug 2023 19:48:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/js/jquery.plugins.a.js

146.19.24.15

200 OK

3.3 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/js/jquery.plugins.a.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
ASCII text, with very long lines (5325), with CRLF line terminators
Size
3.3 kB (3303 bytes)
Hash
d30d39ea7362e56afcdb14c1919e36b6
3d8ad768ea89003210bea45e8aacd038bae1ecf1
a01674489d3ae093a5909246b27d46e09a6f49bc6834094f5febfa056910e0e5

HTTP Headers

GET /templates/3arbserv/js/jquery.plugins.a.js HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:16 GMT
content-type: application/javascript
last-modified: Tue, 05 Mar 2019 09:42:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3303
date: Wed, 30 Aug 2023 19:48:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/js/jquery.typewatch.js

146.19.24.15

200 OK

767 B

URL GET HTTP/2
we15.mycima.cc/js/jquery.typewatch.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
ASCII text, with very long lines (1440)
Size
767 B (767 bytes)
Hash
6915a93382a7b35f40987fd648b43f9d
b78c77cc774594df414a7b1fb99c28083d85bb80
1836dba8922ca00f9ac170122f314b2cd7bbb2eba09c73d8bce215597bd9cd2b

HTTP Headers

GET /js/jquery.typewatch.js HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:16 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2019 13:34:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 767
date: Wed, 30 Aug 2023 19:48:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/js/bootstrap-notify.min.js

146.19.24.15

200 OK

2.5 kB

URL GET HTTP/2
we15.mycima.cc/js/bootstrap-notify.min.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
HTML document, ASCII text, with very long lines (595)
Size
2.5 kB (2489 bytes)
Hash
5ba070af9d1b1a2782851940de30879f
d33390fc88bf68bd23eb182d7dbc77f5227081b2
a13a07b242c80b57e0cbbacc6cfedb538d4d331ff1f9dff370519ec57407e450

HTTP Headers

GET /js/bootstrap-notify.min.js HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:16 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2019 13:34:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2489
date: Wed, 30 Aug 2023 19:48:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/js/melody.dev.js

146.19.24.15

200 OK

4.0 kB

URL GET HTTP/2
we15.mycima.cc/js/melody.dev.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
ASCII text
Size
4.0 kB (4004 bytes)
Hash
e238acf58475d3cdb95d614582134b24
b13c1da1f5254cb14f4f187bd5174ed0feb08a23
f3a4cbf3a8090b121a0d6d6dd8feda9f92831cdb5a070a7eb9ef58234c1f4eab

HTTP Headers

GET /js/melody.dev.js HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:17 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2019 13:34:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4004
date: Wed, 30 Aug 2023 19:48:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/js/melody.dev.js

146.19.24.15

200 OK

2.1 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/js/melody.dev.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
ASCII text, with CRLF line terminators
Size
2.1 kB (2135 bytes)
Hash
c3bde81760af5b3df4d0c56ba06a0fca
ecf2f46def386ad8f62fad28edc36c8440f339cc
c6f149f7dcbe38ff7b1391b1fab3462f06309f79df7bf9135ba1e75b13189af8

HTTP Headers

GET /templates/3arbserv/js/melody.dev.js HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:17 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2019 08:11:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2135
date: Wed, 30 Aug 2023 19:48:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/js/jasny-bootstrap.min.js

146.19.24.15

200 OK

5.0 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/js/jasny-bootstrap.min.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
ASCII text, with very long lines (343)
Size
5.0 kB (4986 bytes)
Hash
f6b6e524d29d54ada53e4172b9d91cf7
427153c7a2d83d2ca800e397779f29b857801ad2
e7ad856551c720cb7c6a24a8bf4a9d6b6b24c24f07109cde96366338e53a4ff8

HTTP Headers

GET /templates/3arbserv/js/jasny-bootstrap.min.js HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:17 GMT
content-type: application/javascript
last-modified: Wed, 20 Apr 2016 07:26:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4986
date: Wed, 30 Aug 2023 19:48:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/js/jquery.plugins.b.js

146.19.24.15

200 OK

3.6 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/js/jquery.plugins.b.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
Unicode text, UTF-8 text, with very long lines (5838), with CRLF line terminators
Size
3.6 kB (3596 bytes)
Hash
443045e7fcb603ba92e473b0ec11d2b2
8d9dd41c01b0f2738d6bd1a3984095570bbeb0df
8084ff37c531acc28e0fa45ecb19d9a3c846a91f1b2e101801a9dada0cd31702

HTTP Headers

GET /templates/3arbserv/js/jquery.plugins.b.js HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:17 GMT
content-type: application/javascript
last-modified: Tue, 05 Mar 2019 09:45:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3596
date: Wed, 30 Aug 2023 19:48:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/js/jquery.readmore.js

146.19.24.15

200 OK

1.1 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/js/jquery.readmore.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
HTML document, ASCII text, with very long lines (531), with CRLF line terminators
Size
1.1 kB (1147 bytes)
Hash
081fe3d90aad9b9f11e4b1c0569530df
ff566498ce6f25f4a3b28c0e2bb92b6b86fea6ed
98e825583e6fb4f7e8a65f9063fb7ea2d34aee8f9aa480dfee285ea27f4fca02

HTTP Headers

GET /templates/3arbserv/js/jquery.readmore.js HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:17 GMT
content-type: application/javascript
last-modified: Thu, 29 Oct 2015 08:29:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1147
date: Wed, 30 Aug 2023 19:48:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/js/jquery.cropit.js

146.19.24.15

200 OK

6.6 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/js/jquery.cropit.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
ASCII text, with very long lines (27266)
Size
6.6 kB (6593 bytes)
Hash
cd82e0edbcecf087be901e8e7ed0d035
2cedce9f87501152efa36eb1949d95c0ca4ff200
b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840

HTTP Headers

GET /templates/3arbserv/js/jquery.cropit.js HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:18 GMT
content-type: application/javascript
last-modified: Tue, 07 Mar 2017 13:47:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6593
date: Wed, 30 Aug 2023 19:48:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/templates/3arbserv/js/jquery.readmore.js

146.19.24.15

200 OK

1.1 kB

URL GET HTTP/2
we15.mycima.cc/templates/3arbserv/js/jquery.readmore.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
HTML document, ASCII text, with very long lines (531), with CRLF line terminators
Size
1.1 kB (1147 bytes)
Hash
081fe3d90aad9b9f11e4b1c0569530df
ff566498ce6f25f4a3b28c0e2bb92b6b86fea6ed
98e825583e6fb4f7e8a65f9063fb7ea2d34aee8f9aa480dfee285ea27f4fca02

HTTP Headers

GET /templates/3arbserv/js/jquery.readmore.js HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D; prefetchAd_6205538=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 29 Aug 2024 19:48:18 GMT
content-type: application/javascript
last-modified: Thu, 29 Oct 2015 08:29:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1147
date: Wed, 30 Aug 2023 19:48:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

142.250.74.106

200 OK

23 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint94:C0:54:E4:BA:6C:E0:93:C6:8F:D9:27:1C:74:6F:E8:CE:6E:E2:BA
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
gzip compressed data, max compression\012- data
Size
23 kB (23105 bytes)
Hash
20b591eaac5540067370819f4a873b0b
8c677e358bf10da153d5c5ebd3b5d29e2fa4071a
4c8986ffa68fce3f1aaf60b8d7b304babdda7ee5def17ddf98b91065087f1161

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Aug 2023 19:48:16 GMT
date: Wed, 30 Aug 2023 19:48:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET we15.mycima.cc/favicons/favicon-16x16.png

146.19.24.15

200 OK

1.0 kB

URL GET HTTP/2
we15.mycima.cc/favicons/favicon-16x16.png
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1017 bytes)
Hash
2f9e3795889ec567bbb1124b6b1f73c8
1587f8e10111dda099a9453850224807334ec44b
c994effa2226581104a4963c1c0ced8b6009e06a8ac49b4cdb09ce1c84443a65

HTTP Headers

GET /favicons/favicon-16x16.png HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D; prefetchAd_6205538=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:18 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 13:44:34 GMT
accept-ranges: bytes
content-length: 1017
date: Wed, 30 Aug 2023 19:48:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c

142.250.74.168

200 OK

84 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint4E:35:EC:AC:A4:3A:09:F9:F3:9A:26:43:94:A7:BA:2C:01:54:DA:12
ValidityMon, 07 Aug 2023 12:16:40 GMT - Mon, 30 Oct 2023 12:16:39 GMT

File type
ASCII text, with very long lines (3034)
Size
84 kB (83667 bytes)
Hash
780ae5e1a560ef2e3a471870f8c5cc0e
3e245615865eadd6cdd0efbada112c2ed68f0598
dfccccbe5d0f0c3b9b7732b8e3c6314f0f8ae848975cdd0f1322722fc160f06b

HTTP Headers

GET /gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Aug 2023 19:48:19 GMT
expires: Wed, 30 Aug 2023 19:48:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83667
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET we15.mycima.cc/include/securimage_show.php?sid=097048aa1e59e01b200f32874cc78693

146.19.24.15

200 OK

3.2 kB

URL GET HTTP/2
we15.mycima.cc/include/securimage_show.php?sid=097048aa1e59e01b200f32874cc78693
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
PNG image data, 158 x 35, 8-bit/color RGB, non-interlaced\012- data
Size
3.2 kB (3153 bytes)
Hash
5dbfaabe1841fa9caa9290e07a530110
ddaa7ceff33dc73f60c2bfcf30de49d191088922
91268d6e69171e0f72e2f94dc32feb991498736bcad92645e44381070f5197fd

HTTP Headers

GET /include/securimage_show.php?sid=097048aa1e59e01b200f32874cc78693 HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 30 Aug 2023 19:48:09GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0,pre-check=0
pragma: no-cache
content-type: image/png
date: Wed, 30 Aug 2023 19:48:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/include/securimage_show.php?sid=fc5c41f018f07bae32ee6c4f88e29a9c

146.19.24.15

200 OK

2.9 kB

URL GET HTTP/2
we15.mycima.cc/include/securimage_show.php?sid=fc5c41f018f07bae32ee6c4f88e29a9c
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
PNG image data, 158 x 35, 8-bit/color RGB, non-interlaced\012- data
Size
2.9 kB (2930 bytes)
Hash
409af40f4fa36b591a432a6e6d034de7
8f871991dff5502203bfc5c62c32b297859e0f19
1ed5495e7b9375ca5ccb208ec923921d30a9fa1de77f3cce6b5b2f9112a6a806

HTTP Headers

GET /include/securimage_show.php?sid=fc5c41f018f07bae32ee6c4f88e29a9c HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 30 Aug 2023 19:48:09GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0,pre-check=0
pragma: no-cache
content-type: image/png
date: Wed, 30 Aug 2023 19:48:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/watch.php?vid=85007c6ef

146.19.24.15

200 OK

125 kB

URL User Request GET HTTP/2
we15.mycima.cc/watch.php?vid=85007c6ef
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type

Size
125 kB (125196 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.php?vid=85007c6ef HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
set-cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; path=/; secure
watched_video_list=NzM3Mw%3D%3D; expires=Thu, 31-Aug-2023 19:48:09 GMT; Max-Age=86400; path=/; secure
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Aug 2023 19:48:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET tzegilo.com/stattag.js

172.64.163.34

200 OK

18 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
172.64.163.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint42:15:A6:1F:C2:2C:D5:FF:32:2C:B9:6C:84:A6:86:63:B0:45:C5:20
ValidityMon, 07 Aug 2023 17:09:01 GMT - Sun, 05 Nov 2023 17:09:00 GMT

File type
ASCII text, with very long lines (17479), with no line terminators
Size
18 kB (17479 bytes)
Hash
dd2f9f2bb1e1c74b905556d0a7bc5545
0c831c8c56da8167b9e2dfd1d3eb3288348da85d
63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 30 Aug 2023 19:48:11 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:59 GMT
etag: W/"646736cf-4447"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4175
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUt2Sy6XOMQsB6%2BKg9uLmLtqqYsU8WoObJade43bZNdAI53JF3Y%2BIbjJGC4y79s%2B42qtKp2ksEgN46VUKh84aYEcignNjqapWTI2KvbUIRCVv40KNX2xf8GE8EDsTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fef8cc48be87753-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET almstda.tv/5/6205538/?abt_opts=1&js_build=iclick-v1.594.0&userId=08c41867282e4d4aac0af3f997935129

139.45.197.245

200 OK

2.8 kB

URL GET HTTP/2
almstda.tv/5/6205538/?abt_opts=1&js_build=iclick-v1.594.0&userId=08c41867282e4d4aac0af3f997935129
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectalmstda.tv
FingerprintAE:4E:66:5E:2D:DC:98:41:FA:9A:A0:80:65:3F:17:4F:9D:84:45:D0
ValidityFri, 21 Jul 2023 14:02:13 GMT - Thu, 19 Oct 2023 14:02:12 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2996), with no line terminators
Size
2.8 kB (2756 bytes)
Hash
f48a481ddba03f36fe60d5d340e081a2
32918400ea56484551b35c7ec729f36257b4f787
54f35412e07a1a274211590bfcc036476c0d8513a4731159519f0c83b1521b3d

HTTP Headers

GET /5/6205538/?abt_opts=1&js_build=iclick-v1.594.0&userId=08c41867282e4d4aac0af3f997935129 HTTP/1.1
Host: almstda.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://we15.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Cookie: OAID=6662a9c202c3412e9e233383453a226a; oaidts=1693424890
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 30 Aug 2023 19:48:11 GMT
content-type: application/json
x-trace-id: f5ea5197091eec6b76d9782d0fe5ee9d
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://we15.mycima.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=08c41867282e4d4aac0af3f997935129; expires=Thu, 29 Aug 2024 19:48:11 GMT; path=/; secure; SameSite=None
oaidts=1693424891; expires=Thu, 29 Aug 2024 19:48:11 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 06 Sep 2023 19:48:11 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

104.18.11.207

200 OK

27 kB

URL GET HTTP/2
netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (26548)
Size
27 kB (26711 bytes)
Hash
0831cba6a670e405168b84aa20798347
05ea25bc9b3ac48993e1fee322d3bc94b49a6e22
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

HTTP Headers

GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 30 Aug 2023 19:48:09 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 12/13/2021 21:25:06
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 632
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: ce46644f14621522f2593a9762829805
cdn-cache: HIT
cf-cache-status: HIT
age: 7330241
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7fef8cb9399a0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET we15.mycima.cc/include/securimage_show.php?sid=a8299f5c1f8d3650cb12cce68f384450

146.19.24.15

200 OK

2.8 kB

URL GET HTTP/2
we15.mycima.cc/include/securimage_show.php?sid=a8299f5c1f8d3650cb12cce68f384450
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
PNG image data, 158 x 35, 8-bit/color RGB, non-interlaced\012- data
Size
2.8 kB (2834 bytes)
Hash
742b5d1c9e022c3085b02f577f85e713
c1e3ba509c8ed5b73397b4a609756487bb910b98
24164c6545f21de21aec6efc862b1490abaf710a39dbfea5c0aa1776a4c32e7c

HTTP Headers

GET /include/securimage_show.php?sid=a8299f5c1f8d3650cb12cce68f384450 HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 30 Aug 2023 19:48:09GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0,pre-check=0
pragma: no-cache
content-type: image/png
date: Wed, 30 Aug 2023 19:48:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

OPTIONS goomaphy.com/500/6219621?excludes=&oaid=08c41867282e4d4aac0af3f997935129&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe15.mycima.cc%2Fwatch.php%3Fvid%3D85007c6ef&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=3&sw_version=v1.291.0

139.45.197.239

200 OK

0 B

URL OPTIONS HTTP/2
goomaphy.com/500/6219621?excludes=&oaid=08c41867282e4d4aac0af3f997935129&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe15.mycima.cc%2Fwatch.php%3Fvid%3D85007c6ef&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=3&sw_version=v1.291.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectgoomaphy.com
FingerprintC3:74:51:BB:A3:86:76:B1:BF:E9:5F:7B:8B:6D:B9:FA:A5:A9:BF:88
ValidityFri, 25 Aug 2023 05:21:05 GMT - Thu, 23 Nov 2023 05:21:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/6219621?excludes=&oaid=08c41867282e4d4aac0af3f997935129&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe15.mycima.cc%2Fwatch.php%3Fvid%3D85007c6ef&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=3&sw_version=v1.291.0 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://we15.mycima.cc/
Origin: https://we15.mycima.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 30 Aug 2023 19:48:11 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://we15.mycima.cc
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

GET we15.mycima.cc/favicons/android-icon-192x192.png

146.19.24.15

200 OK

22 kB

URL GET HTTP/2
we15.mycima.cc/favicons/android-icon-192x192.png
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22310 bytes)
Hash
dcf7d645053c0bb7e0edd25960004324
5951f5ffde7d819e499f69540b0d95cc39d0a8bd
ce2f656adb31855d7886fbcf54add26d85fe22f49a1712cde1779bc905384700

HTTP Headers

GET /favicons/android-icon-192x192.png HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D; prefetchAd_6205538=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Fri, 29 Sep 2023 19:48:18 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 13:43:53 GMT
accept-ranges: bytes
content-length: 22310
date: Wed, 30 Aug 2023 19:48:18 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET we15.mycima.cc/ajax.php?p=stats&do=show&aid=3&at=1

146.19.24.15

200 OK

42 B

URL GET HTTP/2
we15.mycima.cc/ajax.php?p=stats&do=show&aid=3&at=1
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectwebdisk.mycima.cc
Fingerprint0B:C0:D1:EC:5E:61:CB:85:8B:74:28:07:7C:D7:A0:8A:54:DD:F7:F9
ValidityWed, 30 Aug 2023 03:56:42 GMT - Tue, 28 Nov 2023 03:56:41 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
9b5e8704c89f018cff215cb5ed3e0128
2a9fa3661b326c503e492b89cdd9130d12ead03d
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

HTTP Headers

GET /ajax.php?p=stats&do=show&aid=3&at=1 HTTP/1.1
Host: we15.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/watch.php?vid=85007c6ef
Cookie: PHPSESSID=35d62d92ce045355c4ddd3b5cf83d4c9; watched_video_list=NzM3Mw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
pragma: no-cache
content-type: image/gif
expires: Wed, 5 Feb 1986 06:06:06 GMT
cache-control: must-revalidate
date: Wed, 30 Aug 2023 19:48:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

GET almstda.tv/5/6205538

139.45.197.245

200 OK

67 kB

URL GET HTTP/2
almstda.tv/5/6205538
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectalmstda.tv
FingerprintAE:4E:66:5E:2D:DC:98:41:FA:9A:A0:80:65:3F:17:4F:9D:84:45:D0
ValidityFri, 21 Jul 2023 14:02:13 GMT - Thu, 19 Oct 2023 14:02:12 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
67 kB (67432 bytes)
Hash
8475ce0b333277a78461b8afaed21617
5687cd9a4789e5fd0c3bc7c8e0013f8f840f1c10
5c75aed152238a6815f43108465448ade4c2eefcb9d2c6913e8fa39e504f9fd5

HTTP Headers

GET /5/6205538 HTTP/1.1
Host: almstda.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 30 Aug 2023 19:48:10 GMT
content-type: application/javascript
x-trace-id: 1c64b31c98259a39d2e26b473678045d
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=6662a9c202c3412e9e233383453a226a; expires=Thu, 29 Aug 2024 19:48:10 GMT; path=/; secure; SameSite=None
oaidts=1693424890; expires=Thu, 29 Aug 2024 19:48:10 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js

104.18.11.207

200 OK

32 kB

URL GET HTTP/2
netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (31650)
Size
32 kB (31819 bytes)
Hash
abda843684d022f3bc22bc83927fe05f
26908395e7a9a4eab607d80aa50a81d65f3017cb
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

HTTP Headers

GET /bootstrap/3.2.0/js/bootstrap.min.js HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 30 Aug 2023 19:48:09 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 11/03/2021 03:23:08
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 0b7e42ce5c8ad95295886cdcce8be1f4
cdn-cache: HIT
cf-cache-status: HIT
age: 19321285
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7fef8cb959fe0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET goomaphy.com/401/6219621

139.45.197.239

200 OK

91 kB

URL GET HTTP/2
goomaphy.com/401/6219621
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectgoomaphy.com
FingerprintC3:74:51:BB:A3:86:76:B1:BF:E9:5F:7B:8B:6D:B9:FA:A5:A9:BF:88
ValidityFri, 25 Aug 2023 05:21:05 GMT - Thu, 23 Nov 2023 05:21:04 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
91 kB (90691 bytes)
Hash
d6754906e3fa6b499dde3daf9c275b94
d5370ec401292a59726ab1d8c989dffe7ccdde86
fa8a634e2d678529061eac6566665f96fa0c79769239dc59f82ae58eb149f2e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/6219621 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 30 Aug 2023 19:48:11 GMT
content-type: application/javascript
x-trace-id: 2a8801927035cd7b25b00866080078a3
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=bffcd8f24394402480bf576c577d3052; expires=Thu, 29 Aug 2024 19:48:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

GET almstda.tv/?rb=yM-v-gVHhMMB1K1iUBpBu35MNhrU4o-cWKvGY0_TJ3bncm3r4dqIMkgL9NNNX8yG9xpUOKL4F8PXEH7QCIL2pFun6FeA2BxUD-NNseRJWNhpf77OmAipwXnxKXIfnRkxwt7gAMdgZxCA-QNfa3AJlcYnONYseVc25FNPYQKVROn1TZUu2XMmtfINTv_sImi9mG7c5T6KHTMtW7eWyXlsboRVF9GyhALX&request_ab2=150002&zoneid=6205538&js_build=iclick-v1.594.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fwe15.mycima.cc%2Fwatch.php%3Fvid%3D85007c6ef&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.594.0&bs=9213115c-e79a-44ab-9ed7-3247195593d3&userId=08c41867282e4d4aac0af3f997935129&m=link

139.45.197.245

200 OK

2.4 kB

URL GET HTTP/2
almstda.tv/?rb=yM-v-gVHhMMB1K1iUBpBu35MNhrU4o-cWKvGY0_TJ3bncm3r4dqIMkgL9NNNX8yG9xpUOKL4F8PXEH7QCIL2pFun6FeA2BxUD-NNseRJWNhpf77OmAipwXnxKXIfnRkxwt7gAMdgZxCA-QNfa3AJlcYnONYseVc25FNPYQKVROn1TZUu2XMmtfINTv_sImi9mG7c5T6KHTMtW7eWyXlsboRVF9GyhALX&request_ab2=150002&zoneid=6205538&js_build=iclick-v1.594.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fwe15.mycima.cc%2Fwatch.php%3Fvid%3D85007c6ef&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.594.0&bs=9213115c-e79a-44ab-9ed7-3247195593d3&userId=08c41867282e4d4aac0af3f997935129&m=link
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectalmstda.tv
FingerprintAE:4E:66:5E:2D:DC:98:41:FA:9A:A0:80:65:3F:17:4F:9D:84:45:D0
ValidityFri, 21 Jul 2023 14:02:13 GMT - Thu, 19 Oct 2023 14:02:12 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2393), with no line terminators
Size
2.4 kB (2364 bytes)
Hash
6aa419735457edddf6221dee66771ac1
86781c0b745117ca907cdab5051fb86aa01ad912
112657612a9375037d1b520d2fdfd4d2847ad5948fde3f736e42b1953224ce9e

HTTP Headers

GET /?rb=yM-v-gVHhMMB1K1iUBpBu35MNhrU4o-cWKvGY0_TJ3bncm3r4dqIMkgL9NNNX8yG9xpUOKL4F8PXEH7QCIL2pFun6FeA2BxUD-NNseRJWNhpf77OmAipwXnxKXIfnRkxwt7gAMdgZxCA-QNfa3AJlcYnONYseVc25FNPYQKVROn1TZUu2XMmtfINTv_sImi9mG7c5T6KHTMtW7eWyXlsboRVF9GyhALX&request_ab2=150002&zoneid=6205538&js_build=iclick-v1.594.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fwe15.mycima.cc%2Fwatch.php%3Fvid%3D85007c6ef&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.594.0&bs=9213115c-e79a-44ab-9ed7-3247195593d3&userId=08c41867282e4d4aac0af3f997935129&m=link HTTP/1.1
Host: almstda.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://we15.mycima.cc/
Origin: https://we15.mycima.cc
DNT: 1
Connection: keep-alive
Cookie: OAID=08c41867282e4d4aac0af3f997935129; oaidts=1693424891; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 30 Aug 2023 19:48:11 GMT
content-type: application/json
x-trace-id: 1ebae7baf3885aa54da1dd38932b413a
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://we15.mycima.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=08c41867282e4d4aac0af3f997935129; expires=Thu, 29 Aug 2024 19:48:11 GMT; path=/; secure; SameSite=None
oaidts=1693424891; expires=Thu, 29 Aug 2024 19:48:11 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 06 Sep 2023 19:48:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

GET goomaphy.com/500/6219621?excludes=&oaid=08c41867282e4d4aac0af3f997935129&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe15.mycima.cc%2Fwatch.php%3Fvid%3D85007c6ef&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=3&sw_version=v1.291.0

139.45.197.239

200 OK

1.3 kB

URL GET HTTP/2
goomaphy.com/500/6219621?excludes=&oaid=08c41867282e4d4aac0af3f997935129&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe15.mycima.cc%2Fwatch.php%3Fvid%3D85007c6ef&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=3&sw_version=v1.291.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerLet's Encrypt
Subjectgoomaphy.com
FingerprintC3:74:51:BB:A3:86:76:B1:BF:E9:5F:7B:8B:6D:B9:FA:A5:A9:BF:88
ValidityFri, 25 Aug 2023 05:21:05 GMT - Thu, 23 Nov 2023 05:21:04 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1274), with no line terminators
Size
1.3 kB (1260 bytes)
Hash
8a4aaf0e0d58c78b41676002a870eb55
b3973f5071c66f99253e7cc9448b89e7b097308b
f734e6870c872a94ce5d076350ace66957bc8680c2bd17ea7df05f0f3f17cec7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /500/6219621?excludes=&oaid=08c41867282e4d4aac0af3f997935129&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe15.mycima.cc%2Fwatch.php%3Fvid%3D85007c6ef&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=3&sw_version=v1.291.0 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://we15.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Cookie: OAID=bffcd8f24394402480bf576c577d3052
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 30 Aug 2023 19:48:11 GMT
content-type: application/javascript
x-trace-id: d6fdf44721c57c8d753b3b70e594ee27
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://we15.mycima.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=08c41867282e4d4aac0af3f997935129; expires=Thu, 29 Aug 2024 19:48:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://we15.mycima.cc/watch.php?vid=85007c6ef
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint94:C0:54:E4:BA:6C:E0:93:C6:8F:D9:27:1C:74:6F:E8:CE:6E:E2:BA
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
ASCII text
Size
12 kB (11978 bytes)
Hash
06596cfa2dee431129c328e050b9fb2a
1a991c51ab2b2da5647e83f481e7d18d60a45b3b
bf6fe0ffee1d57731da4d1cf3cfe88e1effa9b36c51a85018a91ed43b91c3de6

HTTP Headers

GET /css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we15.mycima.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Aug 2023 19:48:10 GMT
date: Wed, 30 Aug 2023 19:48:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (36)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by