Report - we20.mycima.cc/watch.php?vid=ac5bcf622

Report Overview

Visited public
2023-09-17 12:48:22
Tags
URL
we20.mycima.cc/watch.php?vid=ac5bcf622
Finishing URL
we20.mycima.cc/watch.php?vid=ac5bcf622
IP / ASN
146.19.24.15
#201814 Meverywhere sp. z o.o.
Title
مشاهدة فيلم شوجر دادي 2023 ماي سيما

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
we20.mycima.cc	unknown	2022-06-21	2023-09-17 00:01:10	2023-09-17 14:47:55	30 kB	1.3 MB	146.19.24.15
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-09-16 18:14:54	418 B	3.6 kB	151.101.194.137
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-09-16 22:00:45	432 B	34 kB	142.250.74.106
ocsp.sectigo.com	487	2018-08-16	2019-11-29 12:50:24	2023-09-16 21:00:49	330 B	963 B	104.18.14.101
arglingpistole.com	unknown	2023-08-16	2023-08-29 18:12:39	2023-09-05 05:20:03	405 B	1.1 kB	23.109.82.181
augailou.com	unknown	2022-12-12	2022-12-12 14:30:37	2023-09-15 18:39:38	2.1 kB	34 kB	139.45.197.243
netdna.bootstrapcdn.com	3413	2012-05-25	2012-09-07 17:11:00	2023-09-16 18:52:47	1.5 kB	134 kB	104.18.11.207
tzegilo.com	unknown	2022-01-14	2022-01-14 16:27:15	2023-09-16 14:39:20	397 B	8.2 kB	104.21.6.68
goomaphy.com	unknown	2022-07-21	2022-07-22 21:39:03	2023-09-16 15:03:56	3.3 kB	41 kB	139.45.197.239
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-09-16 18:33:00	423 B	743 B	139.45.195.8
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-09-16 21:38:01	909 B	30 kB	142.250.74.106
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-16 18:12:02	1.7 kB	3.5 kB	142.250.74.131
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-09-16 21:55:53	882 B	131 kB	142.250.74.168
offerimage.com	304078	2019-06-10	2019-06-10 13:11:53	2023-09-16 15:03:57	898 B	27 kB	104.22.33.172
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-09-16 19:42:01	1.6 kB	65 kB	216.58.207.227
fleraprt.com	unknown	2022-01-14	2022-01-14 23:55:14	2023-09-16 14:39:21	529 B	484 B	139.45.195.254

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-17 12:48:01	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:01	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:01	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:02	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:03	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:04	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:10	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-09-17 12:48:10	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-17	medium	augailou.com	Sinkholed
2023-09-17	medium	goomaphy.com	Sinkholed
2023-09-17	medium	goomaphy.com	Sinkholed
2023-09-17	medium	fleraprt.com	Sinkholed
2023-09-17	medium	goomaphy.com	Sinkholed
2023-09-17	medium	goomaphy.com	Sinkholed
2023-09-17	medium	augailou.com	Sinkholed
2023-09-17	medium	augailou.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (36)

	URL	From	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js	ScriptElement	96 kB	2023-03-07	2025-05-27
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-27 14:40 Times Seen8620 Hash f03e5a3bf534f4a738bc350631fd05bd 37b1db88b57438f1072a8ebc7559c909c9d3a682 aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Loading...

	we20.mycima.cc/templates/3arbserv/js/theme.js	ScriptElement	45 kB	2023-03-07	2025-04-25
Pretty URL we20.mycima.cc/templates/3arbserv/js/theme.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-04-25 00:46 Times Seen51 Hash d8176b4cb2798d51558fe707c55d7fbb 2d49a0b8afb91121d20469c210566fb8d21e82d6 497a2c9b733f23e5ec7ba08698be68a7cc7c121213e78be6a9db5ceb3943b8c9 Loading...

	we20.mycima.cc/js/jquery.typewatch.js	ScriptElement	1.7 kB	2023-03-07	2025-05-27
Pretty URL we20.mycima.cc/js/jquery.typewatch.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12 Last Seen2025-05-27 09:08 Times Seen104 Hash 6915a93382a7b35f40987fd648b43f9d b78c77cc774594df414a7b1fb99c28083d85bb80 1836dba8922ca00f9ac170122f314b2cd7bbb2eba09c73d8bce215597bd9cd2b Loading...

	we20.mycima.cc/templates/3arbserv/js/jquery.plugins.b.js	ScriptElement	9.5 kB	2023-03-07	2025-04-25
Pretty URL we20.mycima.cc/templates/3arbserv/js/jquery.plugins.b.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-04-25 00:46 Times Seen55 Hash 443045e7fcb603ba92e473b0ec11d2b2 8d9dd41c01b0f2738d6bd1a3984095570bbeb0df 8084ff37c531acc28e0fa45ecb19d9a3c846a91f1b2e101801a9dada0cd31702 Loading...

	we20.mycima.cc/templates/3arbserv/js/jquery.cropit.js	ScriptElement	28 kB	2023-03-07	2025-05-27
Pretty URL we20.mycima.cc/templates/3arbserv/js/jquery.cropit.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01 Last Seen2025-05-27 09:08 Times Seen233 Hash cd82e0edbcecf087be901e8e7ed0d035 2cedce9f87501152efa36eb1949d95c0ca4ff200 b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840 Loading...

	we20.mycima.cc/watch.php?vid=ac5bcf622	ScriptElement	888 B	2024-08-21	2024-08-21
Pretty URL we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 06:34 Last Seen2024-08-21 06:34 Times Seen1 Hash 0b58f45ad29e5fad71020f7b6e157489 effda5d7e60fc8db5bde234db166992d8424bf96 3a4f604763caf0b9ea847d2dcfc8fb6b0da0a2fc6d5f436fd067de546232dc9e Loading...

	we20.mycima.cc/watch.php?vid=ac5bcf622	ScriptElement	1.8 kB	2023-04-07	2025-05-22
Pretty URL we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 18:47 Last Seen2025-05-22 03:32 Times Seen70 Hash f48799c490867e10bf3fff06b38a3657 06d3e0bf82b5259b96e54c501ca2fb9b1f503ebf 5936461d2e0d0feabaae55dda4e14f6e68fe759a2a8ef4350b5de96be8a111ac Loading...

	we20.mycima.cc/watch.php?vid=ac5bcf622	ScriptElement	461 B	2024-08-21	2024-08-21
Pretty URL we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 06:34 Last Seen2024-08-21 06:34 Times Seen1 Hash e4a3c8ff7bc5acc7b1b88658af30108f b243162ed05c5285ee0ff356f2c37de89f4f44a0 c554cf73eed1a4580d5c964d3e51c61bf61a5a5aacf5140c3a6f222b080736df Loading...

	code.jquery.com/jquery-migrate-1.2.1.min.js	ScriptElement	7.2 kB	2023-03-07	2025-05-27
Pretty URL code.jquery.com/jquery-migrate-1.2.1.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-27 15:05 Times Seen5050 Hash eb05d8d73b5b13d8d84308a4751ece96 743052320809514fb788fe1d3df37fc87ce90452 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d Loading...

	netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js	ScriptElement	32 kB	2023-03-07	2025-05-27
Pretty URL netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-27 15:24 Times Seen2988 Hash abda843684d022f3bc22bc83927fe05f 26908395e7a9a4eab607d80aa50a81d65f3017cb 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f Loading...

	augailou.com/5/6205538	ScriptElement	68 kB	2023-09-16	2024-08-21
Pretty URL augailou.com/5/6205538 IP 139.45.197.243 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-16 19:32 Last Seen2024-08-21 06:41 Times Seen2 Hash 59a0363840fd7e748322c25299c3e3d3 5b39d1e1fdfdf3131ea7680f7fbd08034bc2f7ea 9a873ffbd5adcccfff63be652c65ee2d00a05f9499dc4095cc0457db5e307c61 Loading...

	goomaphy.com/401/6219621	ScriptElement	91 kB	2024-08-21	2024-08-21
Pretty URL goomaphy.com/401/6219621 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 06:34 Last Seen2024-08-21 06:34 Times Seen1 Hash 039aa7f60e6e92a4b7862aeb6d22dc57 e60c305b1f788f302ed0e8c5e0731fb66429fb91 5a0b897bac0753ec3fd280a6c90c4d59cab8e1a2cf034b5df789f0e83423ac95 Loading...

	unknown	EventHandler	0 B	0001-01-01	2025-05-27
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-27 19:00 Times Seen4771263 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	we20.mycima.cc/js/bootstrap-notify.min.js	ScriptElement	8.2 kB	2023-03-07	2025-05-27
Pretty URL we20.mycima.cc/js/bootstrap-notify.min.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-05-27 09:08 Times Seen182 Hash 5ba070af9d1b1a2782851940de30879f d33390fc88bf68bd23eb182d7dbc77f5227081b2 a13a07b242c80b57e0cbbacc6cfedb538d4d331ff1f9dff370519ec57407e450 Loading...

	we20.mycima.cc/watch.php?vid=ac5bcf622	ScriptElement	424 B	2023-03-14	2024-08-21
Pretty URL we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 09:22 Last Seen2024-08-21 08:04 Times Seen26 Hash 46b256492e5a9113be7522341c978ed3 31fe4598ef6ff326b0a3ad2c24e9e1aa0f952f16 3a523495841a30353a9e39aadae46c8e687b1e82e7380b1c2259fc76ba8439fd Loading...

	we20.mycima.cc/templates/3arbserv/js/jasny-bootstrap.min.js	ScriptElement	20 kB	2023-03-07	2025-05-27
Pretty URL we20.mycima.cc/templates/3arbserv/js/jasny-bootstrap.min.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-05-27 09:08 Times Seen203 Hash f6b6e524d29d54ada53e4172b9d91cf7 427153c7a2d83d2ca800e397779f29b857801ad2 e7ad856551c720cb7c6a24a8bf4a9d6b6b24c24f07109cde96366338e53a4ff8 Loading...

	we20.mycima.cc/templates/3arbserv/js/jquery.readmore.js	ScriptElement	3.4 kB	2023-03-07	2025-04-25
Pretty URL we20.mycima.cc/templates/3arbserv/js/jquery.readmore.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-04-25 00:46 Times Seen61 Hash 081fe3d90aad9b9f11e4b1c0569530df ff566498ce6f25f4a3b28c0e2bb92b6b86fea6ed 98e825583e6fb4f7e8a65f9063fb7ea2d34aee8f9aa480dfee285ea27f4fca02 Loading...

	we20.mycima.cc/watch.php?vid=ac5bcf622	ScriptElement	176 B	2023-08-25	2024-10-23
Pretty URL we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-25 21:17 Last Seen2024-10-23 22:55 Times Seen79 Hash a604d1494e55df24ad7c62a30cc0f058 baec845d909270888dbcde8945d9ed24c8b53fba 5ed57bccec3ae6d6233648e109470a51ab1afb262a3daf1d177aaf86b8a86b19 Loading...

	we20.mycima.cc/watch.php?vid=ac5bcf622	ScriptElement	3.5 kB	2023-03-07	2025-05-22
Pretty URL we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:15 Last Seen2025-05-22 03:32 Times Seen119 Hash c3d5e7ae44ebf7eec435c9325b6f676f 8b6342ac0b9b097678cb23ae693917b91090b944 6dab04cf1ed42a5675ee85fc766f21ccf9386c3e61f9081987b6de3ec7e7f23b Loading...

	tzegilo.com/stattag.js	ScriptElement	19 kB	2023-09-07	2024-08-21
Pretty URL tzegilo.com/stattag.js IP 104.21.6.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-07 20:07 Last Seen2024-08-21 07:20 Times Seen2395 Hash 89e89aea544ea2785d49cc4cd9cf26f6 7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b 86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9 Loading...

	we20.mycima.cc/js/melody.dev.js	ScriptElement	23 kB	2023-03-07	2025-05-27
Pretty URL we20.mycima.cc/js/melody.dev.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12 Last Seen2025-05-27 09:08 Times Seen129 Hash e238acf58475d3cdb95d614582134b24 b13c1da1f5254cb14f4f187bd5174ed0feb08a23 f3a4cbf3a8090b121a0d6d6dd8feda9f92831cdb5a070a7eb9ef58234c1f4eab Loading...

	we20.mycima.cc/watch.php?vid=ac5bcf622	ScriptElement	478 B	2023-03-07	2025-05-27
Pretty URL we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:12 Last Seen2025-05-27 09:08 Times Seen98 Hash b6ec630beba5aa234f361049d0162851 40852e09b7e6202ef51b85ecf775694b703442d7 79fdb7c25e266e76ee0ff619f2487f81f0b97bed193c569362bdd39d5dc6c859 Loading...

	we20.mycima.cc/watch.php?vid=ac5bcf622	ScriptElement	190 B	2023-03-07	2025-05-22
Pretty URL we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:01 Last Seen2025-05-22 03:32 Times Seen140 Hash 29727d13fa2a206a7cc92a101c29ab33 647b9b2f5532aaee7217e70850589ad673938fcb 42ee5f253d773ac3a83d1fc0d0f922a4c502f66dddfb591593129586c4f2725a Loading...

	we20.mycima.cc/watch.php?vid=ac5bcf622	ScriptElement	1.8 kB	2023-03-07	2025-04-11
Pretty URL we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:01 Last Seen2025-04-11 21:47 Times Seen133 Hash 7bc2250f798e8dd30269772ee8cf4599 3fb3ed5ea1a5c052fa3c26e45d4abd3e722b9700 cda4eff9500a8b16f33a54c6cd1ce7d2ec3bf66cecddb63d9c736078916c5035 Loading...

	we20.mycima.cc/watch.php?vid=ac5bcf622	ScriptElement	1.4 kB	2023-03-07	2025-05-22
Pretty URL we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:12 Last Seen2025-05-22 03:32 Times Seen84 Hash 48b383db8c4b689d51c7fe7520af1108 464dbc35d23e717068b6c71c46c7e267bf8bf3c4 e23346daaea4662b4e261ddc679f7ef3e914155a66fc2ded5802809568638553 Loading...

	www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID	ScriptElement	113 kB	2023-09-17	2023-09-17
Pretty URL www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-17 14:48 Last Seen2023-09-17 14:48 Times Seen1 Hash b813346a31fd23c1648e96f1dad17421 14ded76482c44f7b7dd69d88bde9663abf500fa9 277a12880459e6c496c7d9ce700e8eafc1a6b04727329d19084a4527a54ad91a Loading...

	www.googletagmanager.com/gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c	ScriptElement	246 kB	2023-09-17	2023-09-17
Pretty URL www.googletagmanager.com/gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-17 14:48 Last Seen2023-09-17 14:48 Times Seen1 Hash 8b016179bab28c03e0dc5a5e64cc6623 a97e27fe92ae28ac1e6e2c4fa2199a279059f0b8 ace974f9528818690bed82894e728a409f20bdb2d174351c70edc7eabd4075aa Loading...

	arglingpistole.com/1clkn/55455	ScriptElement	6 B	2023-03-07	2025-05-27
Pretty URL arglingpistole.com/1clkn/55455 IP 23.109.82.181 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-27 18:22 Times Seen12972 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	we20.mycima.cc/templates/3arbserv/js/jquery.plugins.a.js	ScriptElement	9.8 kB	2023-03-07	2025-04-25
Pretty URL we20.mycima.cc/templates/3arbserv/js/jquery.plugins.a.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-04-25 00:46 Times Seen55 Hash d30d39ea7362e56afcdb14c1919e36b6 3d8ad768ea89003210bea45e8aacd038bae1ecf1 a01674489d3ae093a5909246b27d46e09a6f49bc6834094f5febfa056910e0e5 Loading...

	we20.mycima.cc/templates/3arbserv/js/melody.dev.js	ScriptElement	8.0 kB	2023-03-07	2025-04-25
Pretty URL we20.mycima.cc/templates/3arbserv/js/melody.dev.js IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-04-25 00:46 Times Seen55 Hash c3bde81760af5b3df4d0c56ba06a0fca ecf2f46def386ad8f62fad28edc36c8440f339cc c6f149f7dcbe38ff7b1391b1fab3462f06309f79df7bf9135ba1e75b13189af8 Loading...

	we20.mycima.cc/watch.php?vid=ac5bcf622	ScriptElement	291 B	2023-03-07	2025-05-27
Pretty URL we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:59 Last Seen2025-05-27 09:08 Times Seen158 Hash 0b5c6ecfd31b214438c017f7840cab7d 5b0d464bbab33735e654f6d0b47dd2bcd47f8e5c e0d679f66eea8fae589016f89ff238618cabb4b802add68fcbf4d70498356ea1 Loading...

	we20.mycima.cc/watch.php?vid=ac5bcf622	ScriptElement	216 B	2023-03-07	2025-05-27
Pretty URL we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:59 Last Seen2025-05-27 09:08 Times Seen177 Hash 901d05a394689754b24c53a14ff0bb94 16e6750d0db26beda439d20147af2cdf6ee85f6c c8d34bfa528cee7507080fac65baab9a6eacb046b4c097cc3201ff3bba0d09c1 Loading...

	we20.mycima.cc/watch.php?vid=ac5bcf622	ScriptElement	439 B	2023-03-07	2025-05-27
Pretty URL we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:59 Last Seen2025-05-27 09:08 Times Seen176 Hash 86a6965e541a781a37d669b260561c55 d507b1712d0947c35ca109d78453ad0706543594 d08064727885699b455486366ac7a1b6e9e298d7cb1d94d4e491088d0bb8ab94 Loading...

	we20.mycima.cc/watch.php?vid=ac5bcf622	ScriptElement	5.3 kB	2023-03-07	2025-05-22
Pretty URL we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:01 Last Seen2025-05-22 03:32 Times Seen159 Hash 5d0f0b5b79e9f10c796e8a416e57dd2d acca3a159098bbc8a6313d6f496cfeef362c3171 452c276bbd878d6970a8f3a2b5ebea89fcc866c5aa58e5e56afcdc9c53c2b78f Loading...

	we20.mycima.cc/watch.php?vid=ac5bcf622	ScriptElement	850 B	2023-03-13	2025-05-22
Pretty URL we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 17:01 Last Seen2025-05-22 03:32 Times Seen47 Hash c070828794e3692be0a52440af066ad7 a22ab13f7ad1693710e700a1e4af7b0b9a5d13c0 ef97c53f57f9b726c0bdc02f4fb9bb0e6e8d0e9f37f3c24d3f913abcc06ae14b Loading...

	we20.mycima.cc/watch.php?vid=ac5bcf622	ScriptElement	160 B	2023-03-07	2025-03-22
Pretty URL we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15 ASN #201814 Meverywhere sp. z o.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:12 Last Seen2025-03-22 06:46 Times Seen57 Hash a33472397f886fcb3563c05e3d3b2a3e 69a1391e6eb1b5a70ebf9cd6cb75140f7d52b31f 2e05173f926dcf805c7ad1a037cd22d1c0151fe1b06d766dced7c7b0466148f8 Loading...

HTTP Transactions (85)

URL IP Response Size

we20.mycima.cc/templates/3arbserv/css/bootstrap.min.css

146.19.24.15

200 OK

18 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/css/bootstrap.min.css
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
ASCII text, with very long lines (65360), with CRLF line terminators
Size
18 kB (18184 bytes)
Hash
057c5534becfdb2d50350cbacfb8fa8c
aee8eea23cc9ade1f7e3de672f57a9f79e9e1516
00cce1553100d450fad1142957e5a2c793a1c5ba7877f5a119c704eb6acc1313

HTTP Headers

GET /templates/3arbserv/css/bootstrap.min.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:02 GMT
content-type: text/css
last-modified: Tue, 16 Apr 2019 09:05:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18184
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/templates/3arbserv/css/jasny-bootstrap.min.css

146.19.24.15

200 OK

2.2 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/css/jasny-bootstrap.min.css
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
ASCII text, with very long lines (13803), with CRLF line terminators
Size
2.2 kB (2228 bytes)
Hash
56a224ccaaf1ad3df6ee7dbbc019aeac
2ce1ef76b342a8fafda1e03a62b99be5340812bf
777a9e5bb5d35fd671e5b252c67a0cf462baa8258db145ef6ea7dadf4de4b481

HTTP Headers

GET /templates/3arbserv/css/jasny-bootstrap.min.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:02 GMT
content-type: text/css
last-modified: Wed, 20 Apr 2016 09:46:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2228
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/templates/3arbserv/css/echo.css

146.19.24.15

200 OK

47 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/css/echo.css
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
ASCII text, with CRLF line terminators
Size
47 kB (46677 bytes)
Hash
ddf860f5b206570261ecc17836030729
ade9251cb8b817c9686a075a15d59f4051e02ddd
992ceb90f0e31207c443dfd7dedcbcb1a0b612d0c9fe851bc838534d035181f7

HTTP Headers

GET /templates/3arbserv/css/echo.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:02 GMT
content-type: text/css
last-modified: Fri, 25 Mar 2022 14:00:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 46677
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/templates/3arbserv/css/animate.min.css

146.19.24.15

200 OK

3.8 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/css/animate.min.css
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
ASCII text, with very long lines (319)
Size
3.8 kB (3849 bytes)
Hash
3d0a26b7c254da8c0d297e753ff23f65
877d0bcad6716a05066d9b6dab07e264f631a5f0
f1f0041c0c62f37ee475d174370f574a62afd842055e79a86dc4c722532de6bb

HTTP Headers

GET /templates/3arbserv/css/animate.min.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:02 GMT
content-type: text/css
last-modified: Tue, 16 Apr 2019 08:00:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3849
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/templates/3arbserv/css/bootstrap.min.rtl.css

146.19.24.15

200 OK

4.2 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/css/bootstrap.min.rtl.css
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
ASCII text, with very long lines (540), with CRLF line terminators
Size
4.2 kB (4160 bytes)
Hash
50650996f24f8595aca871946cf4bfc7
7fa88ac85d0f97dcd3c80c62a62dca78aedf73f2
16725d7575da85e45223fc328ae010003775db250fda7bfdec9dc1e1676437a4

HTTP Headers

GET /templates/3arbserv/css/bootstrap.min.rtl.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:02 GMT
content-type: text/css
last-modified: Thu, 14 Apr 2016 08:16:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4160
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2

code.jquery.com/jquery-migrate-1.2.1.min.js

151.101.194.137

200 OK

3.1 kB

URL GET HTTP/2
code.jquery.com/jquery-migrate-1.2.1.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7085)
Size
3.1 kB (3063 bytes)
Hash
eb05d8d73b5b13d8d84308a4751ece96
743052320809514fb788fe1d3df37fc87ce90452
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

HTTP Headers

GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1c1f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 17 Sep 2023 12:48:02 GMT
age: 51086
x-served-by: cache-lga21931-LGA, cache-bma1664-BMA
x-cache: HIT, HIT
x-cache-hits: 26, 4874
x-timer: S1694954882.461337,VS0,VE0
vary: Accept-Encoding
content-length: 3063
X-Firefox-Spdy: h2

we20.mycima.cc/social-thumb.php?vid=ac5bcf622

146.19.24.15

200 OK

46 kB

URL GET HTTP/2
we20.mycima.cc/social-thumb.php?vid=ac5bcf622
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x404, components 3\012- data
Size
46 kB (45790 bytes)
Hash
244d88ff5c401dd494c613d1107ac144
bc58fdd1c408b14e3f588cb46358cc229d8c6e99
3d109519d67f6cabc9b53fd259446310c7bb18cead0a5c62b89708ca5ab9168f

HTTP Headers

GET /social-thumb.php?vid=ac5bcf622 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:02 GMT
content-length: 45790
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3f690653f247c02a01c2528105aefa1c
49b43e6ae93d42552873e76d5f7fd04d09ef5303
e65860a990d88abab1a953c18a8498894fa306c9b8f5218f72379ff51281ba70

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 12:48:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

we20.mycima.cc/include/securimage_show.php?sid=4b0156ab894f8bcd18109ad6820296be

146.19.24.15

200 OK

3.3 kB

URL GET HTTP/2
we20.mycima.cc/include/securimage_show.php?sid=4b0156ab894f8bcd18109ad6820296be
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
PNG image data, 158 x 35, 8-bit/color RGB, non-interlaced\012- data
Size
3.3 kB (3330 bytes)
Hash
5f1f76e508e118e2b6923da08a0beb31
fa990fad9b7c500a656059710bf79124d774af60
73f296936db77c63fe1c96e9d08fb2c78dc729a82256b7662c534c7306d37d6c

HTTP Headers

GET /include/securimage_show.php?sid=4b0156ab894f8bcd18109ad6820296be HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 Sep 2023 12:48:02GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: image/png
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/include/securimage_show.php?sid=d4a724075c9c7eecdc9a1d412585f2d4

146.19.24.15

200 OK

3.5 kB

URL GET HTTP/2
we20.mycima.cc/include/securimage_show.php?sid=d4a724075c9c7eecdc9a1d412585f2d4
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
PNG image data, 158 x 35, 8-bit/color RGB, non-interlaced\012- data
Size
3.5 kB (3522 bytes)
Hash
16d1b862dc43cc247d0e87a9e8c40470
2833c002032a8675a043a2439c25ca246799bd03
9eb3182ebb40a81419b8014c1a17bbeb8a9703b610cbb119957a444c1c8e5435

HTTP Headers

GET /include/securimage_show.php?sid=d4a724075c9c7eecdc9a1d412585f2d4 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 Sep 2023 12:48:02GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: image/png
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/include/securimage_show.php?sid=5a89543f32e0f7a11ad79bc9a185cdcb

146.19.24.15

200 OK

3.5 kB

URL GET HTTP/2
we20.mycima.cc/include/securimage_show.php?sid=5a89543f32e0f7a11ad79bc9a185cdcb
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
PNG image data, 158 x 35, 8-bit/color RGB, non-interlaced\012- data
Size
3.5 kB (3516 bytes)
Hash
b6cca136f4b8235804b1c450bc610ef4
5ffd92054f0e3d9c81d937a10ec9ae00fdbc3cfb
775c08028bf0eaa54434f3ef3d577bee6ea893e24c4c0e9329f055d75915877a

HTTP Headers

GET /include/securimage_show.php?sid=5a89543f32e0f7a11ad79bc9a185cdcb HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 Sep 2023 12:48:02GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: image/png
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

142.250.74.106

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT

File type
ASCII text, with very long lines (32038)
Size
34 kB (33507 bytes)
Hash
f03e5a3bf534f4a738bc350631fd05bd
37b1db88b57438f1072a8ebc7559c909c9d3a682
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

HTTP Headers

GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 12 Sep 2023 23:43:34 GMT
expires: Wed, 11 Sep 2024 23:43:34 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 392668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID

142.250.74.168

200 OK

44 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT

File type
ASCII text, with very long lines (2271)
Size
44 kB (44203 bytes)
Hash
b813346a31fd23c1648e96f1dad17421
14ded76482c44f7b7dd69d88bde9663abf500fa9
277a12880459e6c496c7d9ce700e8eafc1a6b04727329d19084a4527a54ad91a

HTTP Headers

GET /gtag/js?id=GA_MEASUREMENT_ID HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 17 Sep 2023 12:48:02 GMT
expires: Sun, 17 Sep 2023 12:48:02 GMT
cache-control: private, max-age=900
last-modified: Sun, 17 Sep 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

arglingpistole.com/1clkn/55455

23.109.82.181

200 OK

26 B

URL GET HTTP/1.1
arglingpistole.com/1clkn/55455
IP
23.109.82.181:443
ASN
#7979 SERVERS-COM

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectarglingpistole.com
Fingerprint35:EF:B1:4B:FD:22:83:BF:DB:F9:AD:73:52:80:02:1A:30:08:CC:32
ValidityWed, 16 Aug 2023 12:04:29 GMT - Tue, 14 Nov 2023 12:04:28 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

HTTP Headers

GET /1clkn/55455 HTTP/1.1
Host: arglingpistole.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 17 Sep 2023 12:48:02 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Mon, 18-Sep-2023 12:48:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjCC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7B3R; expires=Mon, 18-Sep-2023 12:48:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3f690653f247c02a01c2528105aefa1c
49b43e6ae93d42552873e76d5f7fd04d09ef5303
e65860a990d88abab1a953c18a8498894fa306c9b8f5218f72379ff51281ba70

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 12:48:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3f690653f247c02a01c2528105aefa1c
49b43e6ae93d42552873e76d5f7fd04d09ef5303
e65860a990d88abab1a953c18a8498894fa306c9b8f5218f72379ff51281ba70

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 12:48:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

augailou.com/5/6205538

139.45.197.243

200 OK

25 kB

URL GET HTTP/2
augailou.com/5/6205538
IP
139.45.197.243:443
ASN
#9002 RETN Limited

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectaugailou.com
FingerprintB9:7E:0E:C7:F9:64:DD:50:AA:09:D2:00:44:48:A2:F6:11:81:7B:11
ValidityWed, 09 Aug 2023 05:27:59 GMT - Tue, 07 Nov 2023 05:27:58 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
25 kB (25259 bytes)
Hash
fd39566ae03966b65943c7ac89b18e73
acf7bb80f1ec19ed104027ba51a9fa23aa7d20e2
1fc6aa6a644252e32cb1ca7acf64ac9245820642a748361f4a0c93032dd76a7f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/6205538 HTTP/1.1
Host: augailou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:02 GMT
content-type: application/javascript
x-trace-id: bd6861640da9544c4c9e959d894ca8f2
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=b1fc44b672ce4b62a72686d5608a2b19; expires=Mon, 16 Sep 2024 12:48:02 GMT; path=/; secure; SameSite=None
oaidts=1694954882; expires=Mon, 16 Sep 2024 12:48:02 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

we20.mycima.cc/templates/3arbserv/css/echo.rtl.css

146.19.24.15

200 OK

3.6 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/css/echo.rtl.css
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
ASCII text, with CRLF, LF line terminators
Size
3.6 kB (3601 bytes)
Hash
133de044f542e50c4a5eae2799e148ac
c028504cf9a957ca86d7f1a06371fdc085deaace
e64aa5acc7482eb1a727ee2962407ce824e6f3cb5e22ceda2f27a0dd72072743

HTTP Headers

GET /templates/3arbserv/css/echo.rtl.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:03 GMT
content-type: text/css
last-modified: Mon, 06 May 2019 06:49:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3601
date: Sun, 17 Sep 2023 12:48:03 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/templates/3arbserv/css/custom2.css?v=2

146.19.24.15

200 OK

9.0 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/css/custom2.css?v=2
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
ASCII text, with very long lines (6169), with CRLF line terminators
Size
9.0 kB (9028 bytes)
Hash
182b715de3f603e8ba4afcbb23998151
195778efe8fbb7292c2bb88fdcf1e74eef6f3653
7b7bf629e95f70350aef2045f55c58e43871de5a1c66f01022e61ee47cefa497

HTTP Headers

GET /templates/3arbserv/css/custom2.css?v=2 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:03 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 08:12:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9028
date: Sun, 17 Sep 2023 12:48:03 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/custom-logo.png

146.19.24.15

200 OK

1.7 kB

URL GET HTTP/2
we20.mycima.cc/uploads/custom-logo.png
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
PNG image data, 261 x 80, 8-bit/color RGB, non-interlaced\012- data
Size
1.7 kB (1695 bytes)
Hash
3e53d26a827b96ee64d9acd4e9f6ca8c
dce6ba3cd6bb744cbf18af7845d6b2b6656d93d2
7528a0ef939cd8a7234300f5f244b8603a65f252beaa4fb4d69c564ba70c01e0

HTTP Headers

GET /uploads/custom-logo.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:03 GMT
content-type: image/png
last-modified: Sun, 17 Sep 2023 03:39:49 GMT
accept-ranges: bytes
content-length: 1695
date: Sun, 17 Sep 2023 12:48:03 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/images.png

146.19.24.15

200 OK

5.2 kB

URL GET HTTP/2
we20.mycima.cc/images.png
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
PNG image data, 348 x 145, 8-bit colormap, non-interlaced\012- data
Size
5.2 kB (5175 bytes)
Hash
a766d8c1a622eaf6f8c61923eb7b2ffa
0451f3b28a9d3ba5e86db5bf84647b2695d281df
c4708018079d00eb69f9401ede6757ad56d2debe193c0e2e5490229d5c4db8ea

HTTP Headers

GET /images.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:03 GMT
content-type: image/png
last-modified: Sat, 29 Apr 2023 00:41:07 GMT
accept-ranges: bytes
content-length: 5175
date: Sun, 17 Sep 2023 12:48:03 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/avatars/avatar795-1.jpg

146.19.24.15

200 OK

4.8 kB

URL GET HTTP/2
we20.mycima.cc/uploads/avatars/avatar795-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 120x120, components 3\012- data
Size
4.8 kB (4805 bytes)
Hash
8d40b6ddc977a84433c3df9117e5e5ed
b6502d175ff51f1fa47545cbb7dda578e0197349
34d406af254166de7eaf86cd6754a1a74ea12070ed90d1b9390ed0fce2f10f0f

HTTP Headers

GET /uploads/avatars/avatar795-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:03 GMT
content-type: image/jpeg
last-modified: Sun, 13 Nov 2022 20:45:32 GMT
accept-ranges: bytes
content-length: 4805
date: Sun, 17 Sep 2023 12:48:03 GMT
X-Firefox-Spdy: h2

netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

104.18.11.207

200 OK

64 kB

URL GET HTTP/3
netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Size
64 kB (64464 bytes)
Hash
4b5a84aaf1c9485e060c503a0ff8cadb
574ea2698c03ae9477db2ea3baf460ee32f1a7ea
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

HTTP Headers

GET /font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://netdna.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 17 Sep 2023 12:48:03 GMT
content-type: font/woff2
content-length: 64464
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 06/09/2022 10:24:04
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 15435a3ac7101f4ad685087d333d146a
cdn-cache: HIT
cf-cache-status: HIT
age: 52142
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 808176185de856a4-OSL
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
204dc4508682430cea131c8edf8cc1ac
77d2dc085cc97e91bfc621387d0b4ca92fc02851
5ab39ba246261d0207aeab582b9782c48a915b3272c3b1daafb171de9b987478

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 12:48:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js

104.18.11.207

200 OK

40 kB

URL GET HTTP/2
netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (31650)
Size
40 kB (40096 bytes)
Hash
abda843684d022f3bc22bc83927fe05f
26908395e7a9a4eab607d80aa50a81d65f3017cb
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

HTTP Headers

GET /bootstrap/3.2.0/js/bootstrap.min.js HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 17 Sep 2023 12:48:02 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 11/03/2021 03:23:08
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 0b7e42ce5c8ad95295886cdcce8be1f4
cdn-cache: HIT
cf-cache-status: HIT
age: 20851278
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8081760f3fbb569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
204dc4508682430cea131c8edf8cc1ac
77d2dc085cc97e91bfc621387d0b4ca92fc02851
5ab39ba246261d0207aeab582b9782c48a915b3272c3b1daafb171de9b987478

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 12:48:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintB4:02:64:AF:5C:AB:27:5B:1B:80:CF:C8:FF:EB:BF:43:29:C3:C5:C1
ValidityTue, 25 Jul 2023 06:29:27 GMT - Mon, 23 Oct 2023 06:29:26 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
f1b36cd2b2a6d1b7e24754680d5b0357
323a3f24170b89781803c778798dfc37abacb475
1b6c4571eaf69c30920fce67fdbdcf8a9e64a5eb3323dc9846f1ceb27fc4d690

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://we20.mycima.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=e5b077e21ac240c684b93eaba21d6b62; expires=Mon, 16 Sep 2024 12:48:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.14.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
7df90fcc6b36f4b949ff35e370871c35
1de826eaa2fb8d1f77c3c2d82ab4faaca0a639f9
961082493f092bcc1175d812f6ee5da8d27d935339f27413235e3ca4d498dc94

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 17 Sep 2023 12:48:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 17 Sep 2023 03:49:37 GMT
Expires: Sun, 24 Sep 2023 03:49:36 GMT
Etag: "1de826eaa2fb8d1f77c3c2d82ab4faaca0a639f9"
Cache-Control: max-age=573232,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8081761d3a4756c3-OSL

tzegilo.com/stattag.js

104.21.6.68

200 OK

7.4 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
104.21.6.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint42:15:A6:1F:C2:2C:D5:FF:32:2C:B9:6C:84:A6:86:63:B0:45:C5:20
ValidityMon, 07 Aug 2023 17:09:01 GMT - Sun, 05 Nov 2023 17:09:00 GMT

File type
ASCII text, with very long lines (18369)
Size
7.4 kB (7359 bytes)
Hash
89e89aea544ea2785d49cc4cd9cf26f6
7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
etag: W/"64f987a8-4a4b"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQ82o%2FyjVr6YOoKdJBIbazE2wQYXGbruPigYsplMH2UjfPlArnfsZ8cs1oYrFZj3oYFF0TVKaOU6MsOtdUqVtFV8X61fhXNNT8GyHEKFjXIrm7xtYZlNp92oJNXMcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8081761b2c3156cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

we20.mycima.cc/templates/3arbserv/img/pm-avatar.png

146.19.24.15

200 OK

2.1 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/img/pm-avatar.png
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
PNG image data, 140 x 140, 8-bit colormap, non-interlaced\012- data
Size
2.1 kB (2135 bytes)
Hash
be7a1517b84d3548fdb863e78c72a3fe
91a88cc99f02e7ed22274fc3a6f42c6a3148ef0d
bd2021d52dbb110212c08885e0dab9580282334d6f1d1e50b8da0270ce8c475e

HTTP Headers

GET /templates/3arbserv/img/pm-avatar.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:04 GMT
content-type: image/png
last-modified: Tue, 19 Apr 2016 15:56:34 GMT
accept-ranges: bytes
content-length: 2135
date: Sun, 17 Sep 2023 12:48:04 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/85620f8be-1.jpg

146.19.24.15

200 OK

28 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/85620f8be-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
28 kB (28116 bytes)
Hash
d0f1b6f789de005946a66ba7aa8b0b17
c39bcacf07b45bca75480337780554c2fd5acbff
bbdafadd5fa2fdaf167a3b38c6704c33b0b93b45e83e1e24c5d2ef0cb08385a3

HTTP Headers

GET /uploads/thumbs/85620f8be-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:04 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 11:50:29 GMT
accept-ranges: bytes
content-length: 28116
date: Sun, 17 Sep 2023 12:48:04 GMT
X-Firefox-Spdy: h2

goomaphy.com/401/6219621

139.45.197.239

200 OK

36 kB

URL GET HTTP/2
goomaphy.com/401/6219621
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectgoomaphy.com
FingerprintC3:74:51:BB:A3:86:76:B1:BF:E9:5F:7B:8B:6D:B9:FA:A5:A9:BF:88
ValidityFri, 25 Aug 2023 05:21:05 GMT - Thu, 23 Nov 2023 05:21:04 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
36 kB (36411 bytes)
Hash
c3d6b77e21c46eb78aac9f64a856d8c7
2ad0c1cbb28cce358414dad0472d30b662bd1669
73354a7d392422fe63ab5a324e136ca997de02aaa44654ca4b6c0145aad3b5ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/6219621 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/javascript
x-trace-id: cab337d3dbabdb0c8fead7f2e1e1dd5b
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=48a4ac2ee8be4a2eb91081f69aa972b2; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/articles/b545ee1d.jpg

146.19.24.15

200 OK

42 kB

URL GET HTTP/2
we20.mycima.cc/uploads/articles/b545ee1d.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 315x420, components 3\012- data
Size
42 kB (42125 bytes)
Hash
0de527b05f11acb3db3ddc7f372e611b
b4d78ff7fb1474a85ee5836946bb65cf53a72739
e97d826c0676876d0793dda72d1642013cacf817cd9bdc1dd68db5769a5125ad

HTTP Headers

GET /uploads/articles/b545ee1d.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:04 GMT
content-type: image/jpeg
last-modified: Sun, 28 May 2023 09:00:29 GMT
accept-ranges: bytes
content-length: 42125
date: Sun, 17 Sep 2023 12:48:04 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/1118b8d36-1.jpg

146.19.24.15

200 OK

46 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/1118b8d36-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
46 kB (45895 bytes)
Hash
c884f6ed155c56eb95238ea0ee044d0f
c674b9ebe7a701c1d032272cc8b2169b28c09d12
40ca90c3f195b7bd6b067d1bbe46e3e28114f512d009470ccc868cd8d3fea828

HTTP Headers

GET /uploads/thumbs/1118b8d36-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:04 GMT
content-type: image/jpeg
last-modified: Sun, 30 Apr 2023 15:36:38 GMT
accept-ranges: bytes
content-length: 45895
date: Sun, 17 Sep 2023 12:48:04 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/f9e238ab0-1.jpg

146.19.24.15

200 OK

86 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/f9e238ab0-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
86 kB (86039 bytes)
Hash
0faef4b2d0a328bd093c3d2f200627d0
4c1c5e2e0b38129229c0d430ffd80d8b5a358946
2e39d3cab8e4a4404bbdcd4a9d256203b4a2133c7996dfbaf98e8ad3973504f5

HTTP Headers

GET /uploads/thumbs/f9e238ab0-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:04 GMT
content-type: image/jpeg
last-modified: Mon, 08 May 2023 17:20:39 GMT
accept-ranges: bytes
content-length: 86039
date: Sun, 17 Sep 2023 12:48:04 GMT
X-Firefox-Spdy: h2

offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg

104.22.33.172

200 OK

13 kB

URL GET HTTP/2
offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg
IP
104.22.33.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
13 kB (13093 bytes)
Hash
1355aa125a385056845e0ee1d5384e9a
cfa5fd1b2dd6b299c0aecdf19fec3532ce4392ea
248797fff982ee400ab78ff6831182372f9ef8a6916364192ca0f30556577733

HTTP Headers

GET /www/images/1355aa125a385056845e0ee1d5384e9a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: image/jpeg
content-length: 13093
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849b-3325"
expires: Mon, 18 Sep 2023 11:34:12 GMT
last-modified: Thu, 01 Dec 2022 10:40:27 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4432
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8081761e9c8509ac-ARN
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/e2e6838e9-1.jpg

146.19.24.15

200 OK

32 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/e2e6838e9-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x384, components 3\012- data
Size
32 kB (31691 bytes)
Hash
91ec128a0073110233da7b6e11742d90
f80ee7e7b8f85b8fc1a0b48fae82364b705b7fc5
8ca4d6632c22376f1faa3cf91481f4c12bcb023cf6d5e2419c656b767fbcc205

HTTP Headers

GET /uploads/thumbs/e2e6838e9-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:05 GMT
content-type: image/jpeg
last-modified: Sat, 29 Apr 2023 18:38:54 GMT
accept-ranges: bytes
content-length: 31691
date: Sun, 17 Sep 2023 12:48:05 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/658dd66ef-1.jpg

146.19.24.15

200 OK

58 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/658dd66ef-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
58 kB (58003 bytes)
Hash
4b31ace36746b98bf6f7eace5e801f48
edb2cffedffdc1d10c582ad10b81c614ac6d58e2
33c51680f3edd13ca38af9a8bb33bc2eebdd60c2d86e9fb23b3e8fb244af4aea

HTTP Headers

GET /uploads/thumbs/658dd66ef-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:05 GMT
content-type: image/jpeg
last-modified: Sun, 27 Aug 2023 19:23:13 GMT
accept-ranges: bytes
content-length: 58003
date: Sun, 17 Sep 2023 12:48:05 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/d38e1743c-1.jpg

146.19.24.15

200 OK

50 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/d38e1743c-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x480, components 3\012- data
Size
50 kB (49925 bytes)
Hash
f4a50033895407e2d7eb26f696b61f54
0634c594d612af5beb935cd4077e9d45d1cccaa7
6317cdd06942692f544a0f793f3c39bdcd1b8cb4dd6f3f182ebc403e1659e73f

HTTP Headers

GET /uploads/thumbs/d38e1743c-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:05 GMT
content-type: image/jpeg
last-modified: Sat, 06 May 2023 17:03:35 GMT
accept-ranges: bytes
content-length: 49925
date: Sun, 17 Sep 2023 12:48:05 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/07fc7a97b-1.jpg

146.19.24.15

200 OK

51 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/07fc7a97b-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
51 kB (50780 bytes)
Hash
b2b0638af77164cf482c3f7325efd3cf
a4feda8561d3c105549d329bd31a29aab780bdbc
e380b73387528ee303eadd1e2933fb201dede118fd442957d18a4a183da285bb

HTTP Headers

GET /uploads/thumbs/07fc7a97b-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:05 GMT
content-type: image/jpeg
last-modified: Sat, 29 Apr 2023 18:25:50 GMT
accept-ranges: bytes
content-length: 50780
date: Sun, 17 Sep 2023 12:48:05 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/c751cdafa-1.jpg

146.19.24.15

200 OK

44 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/c751cdafa-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x378, components 3\012- data
Size
44 kB (44247 bytes)
Hash
3fd7631c0ffaf56adeea417ae3eae3f3
b923a0fb0f5f05939e966e7bdb6968462798a90f
d4c02ae1a7300d043bbefc1f7de483cda38bf7c2daf971d40257fb36d9489f15

HTTP Headers

GET /uploads/thumbs/c751cdafa-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:05 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 11:55:04 GMT
accept-ranges: bytes
content-length: 44247
date: Sun, 17 Sep 2023 12:48:05 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/0202e0ce0-1.jpg

146.19.24.15

200 OK

37 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/0202e0ce0-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x420, components 3\012- data
Size
37 kB (37070 bytes)
Hash
fb5e36c77e6170aefd193a916a40f7bc
0c3d58f9c554cfba405405d31d2d16d10762a6d3
79c11967190356a4083a56163aee20300964a2473dd49a071a7e33b415b9d7bd

HTTP Headers

GET /uploads/thumbs/0202e0ce0-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:06 GMT
content-type: image/jpeg
last-modified: Sat, 06 May 2023 16:50:08 GMT
accept-ranges: bytes
content-length: 37070
date: Sun, 17 Sep 2023 12:48:06 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/efd491773-1.jpg

146.19.24.15

200 OK

35 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/efd491773-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x496, components 3\012- data
Size
35 kB (34637 bytes)
Hash
c9f6c6f02798ed6572232b01b329d45b
5968ba3c98647af3b25389f8901de28fd9eb6f9f
fe1057a78381504d25cd5aa26a9d895e6abc3e701523788162ac1a4ab81244f7

HTTP Headers

GET /uploads/thumbs/efd491773-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:06 GMT
content-type: image/jpeg
last-modified: Sat, 29 Apr 2023 18:19:41 GMT
accept-ranges: bytes
content-length: 34637
date: Sun, 17 Sep 2023 12:48:06 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/d5a475040-1.jpg

146.19.24.15

200 OK

54 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/d5a475040-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x412, components 3\012- data
Size
54 kB (53560 bytes)
Hash
44299c9684969fa32d8b9ebb557d82b9
59135b015e29999083b97ccba3e5d0ed5cd294b9
b9130eb3f68cf2db43718a60a8dd2239aa2b17b6296d5a8a4404961be1469c2f

HTTP Headers

GET /uploads/thumbs/d5a475040-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:06 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 18:27:15 GMT
accept-ranges: bytes
content-length: 53560
date: Sun, 17 Sep 2023 12:48:06 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/3218e9be0-1.jpg

146.19.24.15

200 OK

65 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/3218e9be0-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 853x480, components 3\012- data
Size
65 kB (64945 bytes)
Hash
5e987a4e2ad2966bc9721e54f0905470
5c4f7ac27fec56e19401e495ab7806ef6afaa66b
3b09a306d174d37c0fd8b127dbcf861ecf1ed6736a6cbf4e89022cbd8a590a13

HTTP Headers

GET /uploads/thumbs/3218e9be0-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:06 GMT
content-type: image/jpeg
last-modified: Sat, 06 May 2023 17:08:35 GMT
accept-ranges: bytes
content-length: 64945
date: Sun, 17 Sep 2023 12:48:06 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/b4cdd28ff-1.jpg

146.19.24.15

200 OK

34 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/b4cdd28ff-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
34 kB (34445 bytes)
Hash
1f7fcb4d8ff6752bed06f169b7a8ca31
feb7c063d91a05b5b1b29f8c2f8fd67a900f3f49
07a2a854c08f28cf3332f2971a2138a62ba0ed9812b4c5a1114cc9ce590f0eb1

HTTP Headers

GET /uploads/thumbs/b4cdd28ff-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:06 GMT
content-type: image/jpeg
last-modified: Sun, 30 Apr 2023 15:42:51 GMT
accept-ranges: bytes
content-length: 34445
date: Sun, 17 Sep 2023 12:48:06 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/2bd07ab06-1.jpg

146.19.24.15

200 OK

56 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/2bd07ab06-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
56 kB (56072 bytes)
Hash
571da45b4991ceaa9511e94ecaa51c10
1479a7e641948d7eb8cf26c9fee1213dd81e5d28
797871cecff105afb5fe1bfd9d7f6cadae6e2b5fab4dc832f039be6d3a51f196

HTTP Headers

GET /uploads/thumbs/2bd07ab06-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:07 GMT
content-type: image/jpeg
last-modified: Tue, 16 May 2023 17:35:46 GMT
accept-ranges: bytes
content-length: 56072
date: Sun, 17 Sep 2023 12:48:07 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/bbd21def8-1.jpg

146.19.24.15

200 OK

69 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/bbd21def8-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
69 kB (68686 bytes)
Hash
f1416f40fe61a3b0e6ff4af380cead96
148495233ea5921775332fbe584674c935e33b8d
f1805401c37b916bd327d8ffbb8111a44a660828f4a3e5a1d6443d6a8a391ec0

HTTP Headers

GET /uploads/thumbs/bbd21def8-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:07 GMT
content-type: image/jpeg
last-modified: Sat, 29 Apr 2023 18:52:40 GMT
accept-ranges: bytes
content-length: 68686
date: Sun, 17 Sep 2023 12:48:07 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/bedba2d4b-1.jpg

146.19.24.15

200 OK

29 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/bedba2d4b-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 719x479, components 3\012- data
Size
29 kB (29175 bytes)
Hash
f5c1ca65e6bc49a5e7911e3e1f3a2256
4a7e3155adfca4f467d4f7c959b6663a85f7da1a
311914a8ad4cde15e7473c06f6b4fb4c390da8afbed043f823037493022c7334

HTTP Headers

GET /uploads/thumbs/bedba2d4b-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:07 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 12:01:30 GMT
accept-ranges: bytes
content-length: 29175
date: Sun, 17 Sep 2023 12:48:07 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/73d8f565b-1.jpg

146.19.24.15

200 OK

18 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/73d8f565b-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
18 kB (18037 bytes)
Hash
3f3e443dc1e1ddf213b482c03c7fa51e
60f0d515aadd86fea185df5a49257a4ffa7d5331
a692f073e1ec3cc26f2608acf71e92cabed3e39733c38b0c6e3a042cd4c0f4ae

HTTP Headers

GET /uploads/thumbs/73d8f565b-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:07 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 10:53:04 GMT
accept-ranges: bytes
content-length: 18037
date: Sun, 17 Sep 2023 12:48:07 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/0c0cd386c-1.jpg

146.19.24.15

200 OK

35 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/0c0cd386c-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x432, components 3\012- data
Size
35 kB (35139 bytes)
Hash
e103e5d079e390c68b74c39e7ff0ab24
8a52b5e6c7c89ad29b1c1e915267c2466a21e351
f590e67e360049325f6734a261dbe881cb9c5ecece6df0ef1580beb5cd3ece4a

HTTP Headers

GET /uploads/thumbs/0c0cd386c-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:07 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 12:14:58 GMT
accept-ranges: bytes
content-length: 35139
date: Sun, 17 Sep 2023 12:48:07 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/templates/3arbserv/js/theme.js

146.19.24.15

200 OK

14 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/js/theme.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
Unicode text, UTF-8 text, with very long lines (5357), with CRLF line terminators
Size
14 kB (13546 bytes)
Hash
d8176b4cb2798d51558fe707c55d7fbb
2d49a0b8afb91121d20469c210566fb8d21e82d6
497a2c9b733f23e5ec7ba08698be68a7cc7c121213e78be6a9db5ceb3943b8c9

HTTP Headers

GET /templates/3arbserv/js/theme.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:08 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2019 08:11:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13546
date: Sun, 17 Sep 2023 12:48:08 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/templates/3arbserv/js/jquery.plugins.a.js

146.19.24.15

200 OK

3.3 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/js/jquery.plugins.a.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
ASCII text, with very long lines (5325), with CRLF line terminators
Size
3.3 kB (3303 bytes)
Hash
d30d39ea7362e56afcdb14c1919e36b6
3d8ad768ea89003210bea45e8aacd038bae1ecf1
a01674489d3ae093a5909246b27d46e09a6f49bc6834094f5febfa056910e0e5

HTTP Headers

GET /templates/3arbserv/js/jquery.plugins.a.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:08 GMT
content-type: application/javascript
last-modified: Tue, 05 Mar 2019 09:42:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3303
date: Sun, 17 Sep 2023 12:48:08 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/js/jquery.typewatch.js

146.19.24.15

200 OK

767 B

URL GET HTTP/2
we20.mycima.cc/js/jquery.typewatch.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
ASCII text, with very long lines (1440)
Size
767 B (767 bytes)
Hash
6915a93382a7b35f40987fd648b43f9d
b78c77cc774594df414a7b1fb99c28083d85bb80
1836dba8922ca00f9ac170122f314b2cd7bbb2eba09c73d8bce215597bd9cd2b

HTTP Headers

GET /js/jquery.typewatch.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:08 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2019 13:34:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 767
date: Sun, 17 Sep 2023 12:48:08 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/b064231a2-1.jpg

146.19.24.15

200 OK

20 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/b064231a2-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Size
20 kB (20353 bytes)
Hash
7fced2a729d516e6e941bfe9b23e9736
5d6406f06b71d4bab2c5d2b3c6c77ab7ac6d6459
2754130bcd959eb1c6f659d69eb65e3f341aa7deab0aad8071732f9e4fd79198

HTTP Headers

GET /uploads/thumbs/b064231a2-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:08 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 11:23:04 GMT
accept-ranges: bytes
content-length: 20353
date: Sun, 17 Sep 2023 12:48:08 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/666fcd1a3-1.jpg

146.19.24.15

200 OK

20 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/666fcd1a3-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 719x359, components 3\012- data
Size
20 kB (19712 bytes)
Hash
921d5bb0e2584d35d2626ec1c5799e1c
04fb3e1f8213cb7bcb08e69d9a0bbd2fdac5bb69
e1eaf14eba43053543c2e08655d0002fb3a5750771931a269bb771292b7910bc

HTTP Headers

GET /uploads/thumbs/666fcd1a3-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:08 GMT
content-type: image/jpeg
last-modified: Sat, 06 May 2023 16:59:22 GMT
accept-ranges: bytes
content-length: 19712
date: Sun, 17 Sep 2023 12:48:08 GMT
X-Firefox-Spdy: h2

goomaphy.com/impression/nIvrcIG5viI9d4ppA3bNxE00fysMNA2CZa_fOlU3p784AVI4T8srP4KXiiVSPhjpaFVXftyeUOOBGIBmFKp1hoQzcPT8Af8Udjb7KRBwL3jN1jQxySeSlz9Z0RlG-ithoo2cFBx8MQH2-vd2s0nzWOGocPY86yO-0e47kFVKv-A2J1-VG2WbAPllq6BQ1Wv0Xa07LHHpa68Iq4e9QqfAB4oObViRWUHCALF5hiteyrDqtXfv3vFSsEWfaK_vKc4dBus2s-ZkYbfH45rlr9YleWNc9easGZglZ38MVyzY8qspV-SYiug-dPPAW1XhZRcT1QWKNbBFeOsfqKR_ewQ4VkaWTNUZ-1mLtJDZienLIsA8OSBBSuDoXoKXuQG1SIuSrBPOOhveErqNp4i5Edb7bBk5DLhH4N2tpLfz_GpaMCfWTccO9dKF5MJkrS9dxID-gK6ooe_ZlcpGmTyPElu-sNIR4WW3DmtcG3IoK8IDm-pk-sIUvsFZJROmNPwheDpHMFzXjBIEMBKR_ynJrcsD_6TSQqbHYPlhS7OGpNrypwo3771pE3yMg_s7aVSIGheBHEx9fPFc98YhyfKMg2QYPQ==?_z=6219621&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0

139.45.197.239

200 OK

43 B

URL GET HTTP/2
goomaphy.com/impression/nIvrcIG5viI9d4ppA3bNxE00fysMNA2CZa_fOlU3p784AVI4T8srP4KXiiVSPhjpaFVXftyeUOOBGIBmFKp1hoQzcPT8Af8Udjb7KRBwL3jN1jQxySeSlz9Z0RlG-ithoo2cFBx8MQH2-vd2s0nzWOGocPY86yO-0e47kFVKv-A2J1-VG2WbAPllq6BQ1Wv0Xa07LHHpa68Iq4e9QqfAB4oObViRWUHCALF5hiteyrDqtXfv3vFSsEWfaK_vKc4dBus2s-ZkYbfH45rlr9YleWNc9easGZglZ38MVyzY8qspV-SYiug-dPPAW1XhZRcT1QWKNbBFeOsfqKR_ewQ4VkaWTNUZ-1mLtJDZienLIsA8OSBBSuDoXoKXuQG1SIuSrBPOOhveErqNp4i5Edb7bBk5DLhH4N2tpLfz_GpaMCfWTccO9dKF5MJkrS9dxID-gK6ooe_ZlcpGmTyPElu-sNIR4WW3DmtcG3IoK8IDm-pk-sIUvsFZJROmNPwheDpHMFzXjBIEMBKR_ynJrcsD_6TSQqbHYPlhS7OGpNrypwo3771pE3yMg_s7aVSIGheBHEx9fPFc98YhyfKMg2QYPQ==?_z=6219621&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectgoomaphy.com
FingerprintC3:74:51:BB:A3:86:76:B1:BF:E9:5F:7B:8B:6D:B9:FA:A5:A9:BF:88
ValidityFri, 25 Aug 2023 05:21:05 GMT - Thu, 23 Nov 2023 05:21:04 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/nIvrcIG5viI9d4ppA3bNxE00fysMNA2CZa_fOlU3p784AVI4T8srP4KXiiVSPhjpaFVXftyeUOOBGIBmFKp1hoQzcPT8Af8Udjb7KRBwL3jN1jQxySeSlz9Z0RlG-ithoo2cFBx8MQH2-vd2s0nzWOGocPY86yO-0e47kFVKv-A2J1-VG2WbAPllq6BQ1Wv0Xa07LHHpa68Iq4e9QqfAB4oObViRWUHCALF5hiteyrDqtXfv3vFSsEWfaK_vKc4dBus2s-ZkYbfH45rlr9YleWNc9easGZglZ38MVyzY8qspV-SYiug-dPPAW1XhZRcT1QWKNbBFeOsfqKR_ewQ4VkaWTNUZ-1mLtJDZienLIsA8OSBBSuDoXoKXuQG1SIuSrBPOOhveErqNp4i5Edb7bBk5DLhH4N2tpLfz_GpaMCfWTccO9dKF5MJkrS9dxID-gK6ooe_ZlcpGmTyPElu-sNIR4WW3DmtcG3IoK8IDm-pk-sIUvsFZJROmNPwheDpHMFzXjBIEMBKR_ynJrcsD_6TSQqbHYPlhS7OGpNrypwo3771pE3yMg_s7aVSIGheBHEx9fPFc98YhyfKMg2QYPQ==?_z=6219621&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Cookie: OAID=e5b077e21ac240c684b93eaba21d6b62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:09 GMT
content-type: image/gif
content-length: 43
x-trace-id: b175ca3f4380d916914771ed98908f5a
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg

104.22.33.172

200 OK

13 kB

URL GET HTTP/2
offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg
IP
104.22.33.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
13 kB (13093 bytes)
Hash
1355aa125a385056845e0ee1d5384e9a
cfa5fd1b2dd6b299c0aecdf19fec3532ce4392ea
248797fff982ee400ab78ff6831182372f9ef8a6916364192ca0f30556577733

HTTP Headers

GET /www/images/1355aa125a385056845e0ee1d5384e9a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 17 Sep 2023 12:48:09 GMT
content-type: image/jpeg
content-length: 13093
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849b-3325"
expires: Mon, 18 Sep 2023 11:34:12 GMT
last-modified: Thu, 01 Dec 2022 10:40:27 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4437
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8081763ab97209ac-ARN
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

142.250.74.106

200 OK

17 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT

File type
gzip compressed data, max compression\012- data
Size
17 kB (16655 bytes)
Hash
fcc7ee5678541adea03770b8cfafd146
e5d4c9d76cabeef9e8faa14ff0ed07bd097396fc
1474e26a5116379d3fa3f65cec9f195f0d826c24891a55a15f39c92dae12405d

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 17 Sep 2023 12:48:09 GMT
date: Sun, 17 Sep 2023 12:48:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 14 Sep 2023 04:50:55 GMT
expires: Fri, 13 Sep 2024 04:50:55 GMT
cache-control: public, max-age=31536000
age: 287834
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

we20.mycima.cc/js/bootstrap-notify.min.js

146.19.24.15

200 OK

2.5 kB

URL GET HTTP/2
we20.mycima.cc/js/bootstrap-notify.min.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
HTML document, ASCII text, with very long lines (595)
Size
2.5 kB (2489 bytes)
Hash
5ba070af9d1b1a2782851940de30879f
d33390fc88bf68bd23eb182d7dbc77f5227081b2
a13a07b242c80b57e0cbbacc6cfedb538d4d331ff1f9dff370519ec57407e450

HTTP Headers

GET /js/bootstrap-notify.min.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:09 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2019 13:34:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2489
date: Sun, 17 Sep 2023 12:48:09 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/js/melody.dev.js

146.19.24.15

200 OK

4.0 kB

URL GET HTTP/2
we20.mycima.cc/js/melody.dev.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
ASCII text
Size
4.0 kB (4004 bytes)
Hash
e238acf58475d3cdb95d614582134b24
b13c1da1f5254cb14f4f187bd5174ed0feb08a23
f3a4cbf3a8090b121a0d6d6dd8feda9f92831cdb5a070a7eb9ef58234c1f4eab

HTTP Headers

GET /js/melody.dev.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:09 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2019 13:34:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4004
date: Sun, 17 Sep 2023 12:48:09 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/templates/3arbserv/js/melody.dev.js

146.19.24.15

200 OK

2.1 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/js/melody.dev.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
ASCII text, with CRLF line terminators
Size
2.1 kB (2135 bytes)
Hash
c3bde81760af5b3df4d0c56ba06a0fca
ecf2f46def386ad8f62fad28edc36c8440f339cc
c6f149f7dcbe38ff7b1391b1fab3462f06309f79df7bf9135ba1e75b13189af8

HTTP Headers

GET /templates/3arbserv/js/melody.dev.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:09 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2019 08:11:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2135
date: Sun, 17 Sep 2023 12:48:09 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/templates/3arbserv/js/jasny-bootstrap.min.js

146.19.24.15

200 OK

5.0 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/js/jasny-bootstrap.min.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
ASCII text, with very long lines (343)
Size
5.0 kB (4986 bytes)
Hash
f6b6e524d29d54ada53e4172b9d91cf7
427153c7a2d83d2ca800e397779f29b857801ad2
e7ad856551c720cb7c6a24a8bf4a9d6b6b24c24f07109cde96366338e53a4ff8

HTTP Headers

GET /templates/3arbserv/js/jasny-bootstrap.min.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:09 GMT
content-type: application/javascript
last-modified: Wed, 20 Apr 2016 07:26:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4986
date: Sun, 17 Sep 2023 12:48:09 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/templates/3arbserv/js/jquery.plugins.b.js

146.19.24.15

200 OK

3.6 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/js/jquery.plugins.b.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
Unicode text, UTF-8 text, with very long lines (5838), with CRLF line terminators
Size
3.6 kB (3596 bytes)
Hash
443045e7fcb603ba92e473b0ec11d2b2
8d9dd41c01b0f2738d6bd1a3984095570bbeb0df
8084ff37c531acc28e0fa45ecb19d9a3c846a91f1b2e101801a9dada0cd31702

HTTP Headers

GET /templates/3arbserv/js/jquery.plugins.b.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:09 GMT
content-type: application/javascript
last-modified: Tue, 05 Mar 2019 09:45:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3596
date: Sun, 17 Sep 2023 12:48:09 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/templates/3arbserv/js/jquery.readmore.js

146.19.24.15

200 OK

1.1 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/js/jquery.readmore.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
HTML document, ASCII text, with very long lines (531), with CRLF line terminators
Size
1.1 kB (1147 bytes)
Hash
081fe3d90aad9b9f11e4b1c0569530df
ff566498ce6f25f4a3b28c0e2bb92b6b86fea6ed
98e825583e6fb4f7e8a65f9063fb7ea2d34aee8f9aa480dfee285ea27f4fca02

HTTP Headers

GET /templates/3arbserv/js/jquery.readmore.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:10 GMT
content-type: application/javascript
last-modified: Thu, 29 Oct 2015 08:29:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1147
date: Sun, 17 Sep 2023 12:48:10 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/templates/3arbserv/js/jquery.cropit.js

146.19.24.15

200 OK

6.6 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/js/jquery.cropit.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
ASCII text, with very long lines (27266)
Size
6.6 kB (6593 bytes)
Hash
cd82e0edbcecf087be901e8e7ed0d035
2cedce9f87501152efa36eb1949d95c0ca4ff200
b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840

HTTP Headers

GET /templates/3arbserv/js/jquery.cropit.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:10 GMT
content-type: application/javascript
last-modified: Tue, 07 Mar 2017 13:47:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6593
date: Sun, 17 Sep 2023 12:48:10 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/uploads/thumbs/ac5bcf622-1.jpg

146.19.24.15

200 OK

46 kB

URL GET HTTP/2
we20.mycima.cc/uploads/thumbs/ac5bcf622-1.jpg
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x404, components 3\012- data
Size
46 kB (45612 bytes)
Hash
d9f516fc9b214e9076e653d4b5398a2f
680740e3d25f40663dc1c9bae4d7ad3f1820bc45
44cc7c473b7d494743760d38adc53d3e697aa76e9af2ffb18da45e4d84c6547c

HTTP Headers

GET /uploads/thumbs/ac5bcf622-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:10 GMT
content-type: image/jpeg
last-modified: Sun, 28 May 2023 09:00:26 GMT
accept-ranges: bytes
content-length: 45612
date: Sun, 17 Sep 2023 12:48:10 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/templates/3arbserv/img/icon-play-32.png

146.19.24.15

200 OK

2.4 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/img/icon-play-32.png
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 kB (2413 bytes)
Hash
35bd95e97ff446debcc363482550378d
91c8d90e0524e5346aa4f3ae0806893db5d95959
eee224146191f9cc5fabac0a105fe5b9b34750f8afe16823dbb593259d8a1d75

HTTP Headers

GET /templates/3arbserv/img/icon-play-32.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/templates/3arbserv/css/echo.css
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:10 GMT
content-type: image/png
last-modified: Sat, 05 Mar 2022 10:18:44 GMT
accept-ranges: bytes
content-length: 2413
date: Sun, 17 Sep 2023 12:48:10 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/templates/3arbserv/js/jquery.readmore.js

146.19.24.15

200 OK

1.1 kB

URL GET HTTP/2
we20.mycima.cc/templates/3arbserv/js/jquery.readmore.js
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
HTML document, ASCII text, with very long lines (531), with CRLF line terminators
Size
1.1 kB (1147 bytes)
Hash
081fe3d90aad9b9f11e4b1c0569530df
ff566498ce6f25f4a3b28c0e2bb92b6b86fea6ed
98e825583e6fb4f7e8a65f9063fb7ea2d34aee8f9aa480dfee285ea27f4fca02

HTTP Headers

GET /templates/3arbserv/js/jquery.readmore.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D; prefetchAd_6205538=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:10 GMT
content-type: application/javascript
last-modified: Thu, 29 Oct 2015 08:29:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1147
date: Sun, 17 Sep 2023 12:48:10 GMT
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c

142.250.74.168

200 OK

86 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT

File type
ASCII text, with very long lines (3034)
Size
86 kB (85517 bytes)
Hash
8b016179bab28c03e0dc5a5e64cc6623
a97e27fe92ae28ac1e6e2c4fa2199a279059f0b8
ace974f9528818690bed82894e728a409f20bdb2d174351c70edc7eabd4075aa

HTTP Headers

GET /gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 17 Sep 2023 12:48:11 GMT
expires: Sun, 17 Sep 2023 12:48:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85517
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

we20.mycima.cc/favicons/android-icon-192x192.png

146.19.24.15

200 OK

22 kB

URL GET HTTP/2
we20.mycima.cc/favicons/android-icon-192x192.png
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22310 bytes)
Hash
dcf7d645053c0bb7e0edd25960004324
5951f5ffde7d819e499f69540b0d95cc39d0a8bd
ce2f656adb31855d7886fbcf54add26d85fe22f49a1712cde1779bc905384700

HTTP Headers

GET /favicons/android-icon-192x192.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D; prefetchAd_6205538=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 13:43:53 GMT
accept-ranges: bytes
content-length: 22310
date: Sun, 17 Sep 2023 12:48:11 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/favicons/favicon-16x16.png

146.19.24.15

200 OK

1.0 kB

URL GET HTTP/2
we20.mycima.cc/favicons/favicon-16x16.png
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1017 bytes)
Hash
2f9e3795889ec567bbb1124b6b1f73c8
1587f8e10111dda099a9453850224807334ec44b
c994effa2226581104a4963c1c0ced8b6009e06a8ac49b4cdb09ce1c84443a65

HTTP Headers

GET /favicons/favicon-16x16.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D; prefetchAd_6205538=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 13:44:34 GMT
accept-ranges: bytes
content-length: 1017
date: Sun, 17 Sep 2023 12:48:11 GMT
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
6949f52318584a4b51c719a9b84a7287
9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905
72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1366
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 17 Sep 2023 12:49:28 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://we20.mycima.cc
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

goomaphy.com/500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0

139.45.197.239

200 OK

1.3 kB

URL GET HTTP/2
goomaphy.com/500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectgoomaphy.com
FingerprintC3:74:51:BB:A3:86:76:B1:BF:E9:5F:7B:8B:6D:B9:FA:A5:A9:BF:88
ValidityFri, 25 Aug 2023 05:21:05 GMT - Thu, 23 Nov 2023 05:21:04 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1274), with no line terminators
Size
1.3 kB (1260 bytes)
Hash
6e17b7d85332b8804d3538b9f1b3b185
9bcee71fa5c6b62949b503394a4b113f35e22dc3
5ac25691e6ceb9935cef5615af2be526de5e2dd50bcc04c98458c2a4e7aba3aa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Cookie: OAID=48a4ac2ee8be4a2eb91081f69aa972b2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/javascript
x-trace-id: a20e6bbabd7bb33dbdf8f51e67088a17
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://we20.mycima.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=e5b077e21ac240c684b93eaba21d6b62; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

139.45.197.239

200 OK

0 B

URL OPTIONS HTTP/2
goomaphy.com/500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectgoomaphy.com
FingerprintC3:74:51:BB:A3:86:76:B1:BF:E9:5F:7B:8B:6D:B9:FA:A5:A9:BF:88
ValidityFri, 25 Aug 2023 05:21:05 GMT - Thu, 23 Nov 2023 05:21:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://we20.mycima.cc/
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://we20.mycima.cc
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

augailou.com/5/6205538/?abt_opts=1&js_build=iclick-v1.599.0&userId=e5b077e21ac240c684b93eaba21d6b62

139.45.197.243

200 OK

2.8 kB

URL GET HTTP/2
augailou.com/5/6205538/?abt_opts=1&js_build=iclick-v1.599.0&userId=e5b077e21ac240c684b93eaba21d6b62
IP
139.45.197.243:443
ASN
#9002 RETN Limited

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectaugailou.com
FingerprintB9:7E:0E:C7:F9:64:DD:50:AA:09:D2:00:44:48:A2:F6:11:81:7B:11
ValidityWed, 09 Aug 2023 05:27:59 GMT - Tue, 07 Nov 2023 05:27:58 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3000), with no line terminators
Size
2.8 kB (2760 bytes)
Hash
15d4081207c396c35903d529abe67c37
84ec287352de80de8c7e8a2b494ddb0307635e70
466198692d32ba869cb23179b7f6cffdd67ac146be597ebe26a34705fb2d5ce9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/6205538/?abt_opts=1&js_build=iclick-v1.599.0&userId=e5b077e21ac240c684b93eaba21d6b62 HTTP/1.1
Host: augailou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Cookie: OAID=b1fc44b672ce4b62a72686d5608a2b19; oaidts=1694954882
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/json
x-trace-id: db4753aa8db0b5e1a7cc2931bd22ee70
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://we20.mycima.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=e5b077e21ac240c684b93eaba21d6b62; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
oaidts=1694954884; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 24 Sep 2023 12:48:04 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

augailou.com/?rb=rMlaKSI7YRG1vIMlShqwRCru5LCpCtq_kIB7ABew7EiXs4zRNaccEx9Wo1pH3utT_A-6fM0zVhTrEBFC4PKPshr5sAmfmNiWc6jeFfFwGaKg427RB4H-3axI3v3ieZNP0lZHz0uzY7-Ij1hcEP2_4oVb99PeNzZ6PRM6aPMdtj8DfcAJFrjC6792h0RbuTsVqylsWPc3-l-y0wGahTtFd8ruuhNtR0aK&request_ab2=150011&zoneid=6205538&js_build=iclick-v1.599.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.599.0&bs=44f6a01c-3672-43c4-b832-462845394783&userId=e5b077e21ac240c684b93eaba21d6b62&m=link

139.45.197.243

200 OK

2.1 kB

URL GET HTTP/2
augailou.com/?rb=rMlaKSI7YRG1vIMlShqwRCru5LCpCtq_kIB7ABew7EiXs4zRNaccEx9Wo1pH3utT_A-6fM0zVhTrEBFC4PKPshr5sAmfmNiWc6jeFfFwGaKg427RB4H-3axI3v3ieZNP0lZHz0uzY7-Ij1hcEP2_4oVb99PeNzZ6PRM6aPMdtj8DfcAJFrjC6792h0RbuTsVqylsWPc3-l-y0wGahTtFd8ruuhNtR0aK&request_ab2=150011&zoneid=6205538&js_build=iclick-v1.599.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.599.0&bs=44f6a01c-3672-43c4-b832-462845394783&userId=e5b077e21ac240c684b93eaba21d6b62&m=link
IP
139.45.197.243:443
ASN
#9002 RETN Limited

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectaugailou.com
FingerprintB9:7E:0E:C7:F9:64:DD:50:AA:09:D2:00:44:48:A2:F6:11:81:7B:11
ValidityWed, 09 Aug 2023 05:27:59 GMT - Tue, 07 Nov 2023 05:27:58 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2165), with no line terminators
Size
2.1 kB (2136 bytes)
Hash
8ef7de37d06c541f706c60d6a489a4c7
c427ed51f34b20d449a709d57743743e008ae75e
2c67f210a187fe0468f38e1aafa4d177edcd1cfbf9124d939c7c7aec0c954d15

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=rMlaKSI7YRG1vIMlShqwRCru5LCpCtq_kIB7ABew7EiXs4zRNaccEx9Wo1pH3utT_A-6fM0zVhTrEBFC4PKPshr5sAmfmNiWc6jeFfFwGaKg427RB4H-3axI3v3ieZNP0lZHz0uzY7-Ij1hcEP2_4oVb99PeNzZ6PRM6aPMdtj8DfcAJFrjC6792h0RbuTsVqylsWPc3-l-y0wGahTtFd8ruuhNtR0aK&request_ab2=150011&zoneid=6205538&js_build=iclick-v1.599.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.599.0&bs=44f6a01c-3672-43c4-b832-462845394783&userId=e5b077e21ac240c684b93eaba21d6b62&m=link HTTP/1.1
Host: augailou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://we20.mycima.cc/
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Cookie: OAID=e5b077e21ac240c684b93eaba21d6b62; oaidts=1694954884; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/json
x-trace-id: 41991764eb57cc4198175b70f8e546cc
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://we20.mycima.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=e5b077e21ac240c684b93eaba21d6b62; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
oaidts=1694954884; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 24 Sep 2023 12:48:04 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2

216.58.207.227

200 OK

31 kB

URL GET HTTP/2
fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 31248, version 1.0\012- data
Size
31 kB (31248 bytes)
Hash
436938da6ed799ca17110e719e4d2e51
b7ef31b6085a9f0963dffe7939abca527724d389
a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2

HTTP Headers

GET /ea/droidarabickufi/v6/DroidKufi-Regular.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 12 Sep 2023 01:50:03 GMT
expires: Wed, 11 Sep 2024 01:50:03 GMT
cache-control: public, max-age=31536000
age: 471480
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
content-type: font/woff2
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 15 Sep 2023 10:05:24 GMT
expires: Sat, 14 Sep 2024 10:05:24 GMT
cache-control: public, max-age=31536000
age: 182565
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

we20.mycima.cc/ajax.php?p=stats&do=show&aid=2&at=1

146.19.24.15

200 OK

42 B

URL GET HTTP/2
we20.mycima.cc/ajax.php?p=stats&do=show&aid=2&at=1
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
9b5e8704c89f018cff215cb5ed3e0128
2a9fa3661b326c503e492b89cdd9130d12ead03d
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

HTTP Headers

GET /ajax.php?p=stats&do=show&aid=2&at=1 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
pragma: no-cache
content-type: image/gif
expires: Wed, 5 Feb 1986 06:06:06 GMT
cache-control: must-revalidate
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2

we20.mycima.cc/ajax.php?p=stats&do=show&aid=3&at=1

146.19.24.15

200 OK

42 B

URL GET HTTP/2
we20.mycima.cc/ajax.php?p=stats&do=show&aid=3&at=1
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
9b5e8704c89f018cff215cb5ed3e0128
2a9fa3661b326c503e492b89cdd9130d12ead03d
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

HTTP Headers

GET /ajax.php?p=stats&do=show&aid=3&at=1 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
pragma: no-cache
content-type: image/gif
expires: Wed, 5 Feb 1986 06:06:06 GMT
cache-control: must-revalidate
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT

File type
ASCII text
Size
12 kB (11978 bytes)
Hash
06596cfa2dee431129c328e050b9fb2a
1a991c51ab2b2da5647e83f481e7d18d60a45b3b
bf6fe0ffee1d57731da4d1cf3cfe88e1effa9b36c51a85018a91ed43b91c3de6

HTTP Headers

GET /css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 17 Sep 2023 12:48:02 GMT
date: Sun, 17 Sep 2023 12:48:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

we20.mycima.cc/watch.php?vid=ac5bcf622

146.19.24.15

200 OK

121 kB

URL User Request GET HTTP/2
we20.mycima.cc/watch.php?vid=ac5bcf622
IP
146.19.24.15:443
ASN
#201814 Meverywhere sp. z o.o.

Certificate
IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT

File type

Size
121 kB (121008 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.php?vid=ac5bcf622 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
set-cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; path=/; secure
watched_video_list=Nzk2OA%3D%3D; expires=Mon, 18-Sep-2023 12:48:01 GMT; Max-Age=86400; path=/; secure
content-encoding: br
vary: Accept-Encoding
date: Sun, 17 Sep 2023 12:48:01 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

104.18.11.207

200 OK

27 kB

URL GET HTTP/2
netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (26548)
Size
27 kB (26711 bytes)
Hash
0831cba6a670e405168b84aa20798347
05ea25bc9b3ac48993e1fee322d3bc94b49a6e22
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

HTTP Headers

GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 17 Sep 2023 12:48:02 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 12/13/2021 21:25:06
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 632
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: ce46644f14621522f2593a9762829805
cdn-cache: HIT
cf-cache-status: HIT
age: 1470171
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8081760f2fb0569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (36)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by