GET we20.mycima.cc/templates/3arbserv/css/bootstrap.min.css
146.19.24.15200 OK 18 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/css/bootstrap.min.css
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type ASCII text, with very long lines (65360), with CRLF line terminators
Hash 057c5534becfdb2d50350cbacfb8fa8c
aee8eea23cc9ade1f7e3de672f57a9f79e9e1516
00cce1553100d450fad1142957e5a2c793a1c5ba7877f5a119c704eb6acc1313
GET /templates/3arbserv/css/bootstrap.min.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:02 GMT
content-type: text/css
last-modified: Tue, 16 Apr 2019 09:05:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18184
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/templates/3arbserv/css/jasny-bootstrap.min.css
146.19.24.15200 OK 2.2 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/css/jasny-bootstrap.min.css
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type ASCII text, with very long lines (13803), with CRLF line terminators
Hash 56a224ccaaf1ad3df6ee7dbbc019aeac
2ce1ef76b342a8fafda1e03a62b99be5340812bf
777a9e5bb5d35fd671e5b252c67a0cf462baa8258db145ef6ea7dadf4de4b481
GET /templates/3arbserv/css/jasny-bootstrap.min.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:02 GMT
content-type: text/css
last-modified: Wed, 20 Apr 2016 09:46:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2228
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/templates/3arbserv/css/echo.css
146.19.24.15200 OK 47 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/css/echo.css
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type ASCII text, with CRLF line terminators
Hash ddf860f5b206570261ecc17836030729
ade9251cb8b817c9686a075a15d59f4051e02ddd
992ceb90f0e31207c443dfd7dedcbcb1a0b612d0c9fe851bc838534d035181f7
GET /templates/3arbserv/css/echo.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:02 GMT
content-type: text/css
last-modified: Fri, 25 Mar 2022 14:00:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 46677
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/templates/3arbserv/css/animate.min.css
146.19.24.15200 OK 3.8 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/css/animate.min.css
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type ASCII text, with very long lines (319)
Hash 3d0a26b7c254da8c0d297e753ff23f65
877d0bcad6716a05066d9b6dab07e264f631a5f0
f1f0041c0c62f37ee475d174370f574a62afd842055e79a86dc4c722532de6bb
GET /templates/3arbserv/css/animate.min.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:02 GMT
content-type: text/css
last-modified: Tue, 16 Apr 2019 08:00:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3849
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/templates/3arbserv/css/bootstrap.min.rtl.css
146.19.24.15200 OK 4.2 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/css/bootstrap.min.rtl.css
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type ASCII text, with very long lines (540), with CRLF line terminators
Hash 50650996f24f8595aca871946cf4bfc7
7fa88ac85d0f97dcd3c80c62a62dca78aedf73f2
16725d7575da85e45223fc328ae010003775db250fda7bfdec9dc1e1676437a4
GET /templates/3arbserv/css/bootstrap.min.rtl.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:02 GMT
content-type: text/css
last-modified: Thu, 14 Apr 2016 08:16:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4160
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
GET code.jquery.com/jquery-migrate-1.2.1.min.js
151.101.194.137200 OK 3.1 kB URL GET HTTP/2 code.jquery.com/jquery-migrate-1.2.1.min.js
IP 151.101.194.137:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (7085)
Hash eb05d8d73b5b13d8d84308a4751ece96
743052320809514fb788fe1d3df37fc87ce90452
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1c1f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 17 Sep 2023 12:48:02 GMT
age: 51086
x-served-by: cache-lga21931-LGA, cache-bma1664-BMA
x-cache: HIT, HIT
x-cache-hits: 26, 4874
x-timer: S1694954882.461337,VS0,VE0
vary: Accept-Encoding
content-length: 3063
X-Firefox-Spdy: h2
GET we20.mycima.cc/social-thumb.php?vid=ac5bcf622
146.19.24.15200 OK 46 kB URL GET HTTP/2 we20.mycima.cc/social-thumb.php?vid=ac5bcf622
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x404, components 3\012- data
Hash 244d88ff5c401dd494c613d1107ac144
bc58fdd1c408b14e3f588cb46358cc229d8c6e99
3d109519d67f6cabc9b53fd259446310c7bb18cead0a5c62b89708ca5ab9168f
GET /social-thumb.php?vid=ac5bcf622 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:02 GMT
content-length: 45790
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 3f690653f247c02a01c2528105aefa1c
49b43e6ae93d42552873e76d5f7fd04d09ef5303
e65860a990d88abab1a953c18a8498894fa306c9b8f5218f72379ff51281ba70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 12:48:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET we20.mycima.cc/include/securimage_show.php?sid=4b0156ab894f8bcd18109ad6820296be
146.19.24.15200 OK 3.3 kB URL GET HTTP/2 we20.mycima.cc/include/securimage_show.php?sid=4b0156ab894f8bcd18109ad6820296be
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type PNG image data, 158 x 35, 8-bit/color RGB, non-interlaced\012- data
Hash 5f1f76e508e118e2b6923da08a0beb31
fa990fad9b7c500a656059710bf79124d774af60
73f296936db77c63fe1c96e9d08fb2c78dc729a82256b7662c534c7306d37d6c
GET /include/securimage_show.php?sid=4b0156ab894f8bcd18109ad6820296be HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 Sep 2023 12:48:02GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: image/png
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/include/securimage_show.php?sid=d4a724075c9c7eecdc9a1d412585f2d4
146.19.24.15200 OK 3.5 kB URL GET HTTP/2 we20.mycima.cc/include/securimage_show.php?sid=d4a724075c9c7eecdc9a1d412585f2d4
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type PNG image data, 158 x 35, 8-bit/color RGB, non-interlaced\012- data
Hash 16d1b862dc43cc247d0e87a9e8c40470
2833c002032a8675a043a2439c25ca246799bd03
9eb3182ebb40a81419b8014c1a17bbeb8a9703b610cbb119957a444c1c8e5435
GET /include/securimage_show.php?sid=d4a724075c9c7eecdc9a1d412585f2d4 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 Sep 2023 12:48:02GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: image/png
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/include/securimage_show.php?sid=5a89543f32e0f7a11ad79bc9a185cdcb
146.19.24.15200 OK 3.5 kB URL GET HTTP/2 we20.mycima.cc/include/securimage_show.php?sid=5a89543f32e0f7a11ad79bc9a185cdcb
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type PNG image data, 158 x 35, 8-bit/color RGB, non-interlaced\012- data
Hash b6cca136f4b8235804b1c450bc610ef4
5ffd92054f0e3d9c81d937a10ec9ae00fdbc3cfb
775c08028bf0eaa54434f3ef3d577bee6ea893e24c4c0e9329f055d75915877a
GET /include/securimage_show.php?sid=5a89543f32e0f7a11ad79bc9a185cdcb HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 Sep 2023 12:48:02GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: image/png
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
GET ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
142.250.74.106200 OK 34 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP 142.250.74.106:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT
File type ASCII text, with very long lines (32038)
Hash f03e5a3bf534f4a738bc350631fd05bd
37b1db88b57438f1072a8ebc7559c909c9d3a682
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 12 Sep 2023 23:43:34 GMT
expires: Wed, 11 Sep 2024 23:43:34 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 392668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID
142.250.74.168200 OK 44 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID
IP 142.250.74.168:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT
File type ASCII text, with very long lines (2271)
Hash b813346a31fd23c1648e96f1dad17421
14ded76482c44f7b7dd69d88bde9663abf500fa9
277a12880459e6c496c7d9ce700e8eafc1a6b04727329d19084a4527a54ad91a
GET /gtag/js?id=GA_MEASUREMENT_ID HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 17 Sep 2023 12:48:02 GMT
expires: Sun, 17 Sep 2023 12:48:02 GMT
cache-control: private, max-age=900
last-modified: Sun, 17 Sep 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET arglingpistole.com/1clkn/55455
23.109.82.181200 OK 26 B URL GET HTTP/1.1 arglingpistole.com/1clkn/55455
IP 23.109.82.181:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectarglingpistole.com
Fingerprint35:EF:B1:4B:FD:22:83:BF:DB:F9:AD:73:52:80:02:1A:30:08:CC:32
ValidityWed, 16 Aug 2023 12:04:29 GMT - Tue, 14 Nov 2023 12:04:28 GMT
File type ASCII text, with no line terminators
Hash 9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
GET /1clkn/55455 HTTP/1.1
Host: arglingpistole.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 17 Sep 2023 12:48:02 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Mon, 18-Sep-2023 12:48:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjCC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7B3R; expires=Mon, 18-Sep-2023 12:48:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 3f690653f247c02a01c2528105aefa1c
49b43e6ae93d42552873e76d5f7fd04d09ef5303
e65860a990d88abab1a953c18a8498894fa306c9b8f5218f72379ff51281ba70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 12:48:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 3f690653f247c02a01c2528105aefa1c
49b43e6ae93d42552873e76d5f7fd04d09ef5303
e65860a990d88abab1a953c18a8498894fa306c9b8f5218f72379ff51281ba70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 12:48:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET augailou.com/5/6205538
139.45.197.243200 OK 25 kB IP 139.45.197.243:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectaugailou.com
FingerprintB9:7E:0E:C7:F9:64:DD:50:AA:09:D2:00:44:48:A2:F6:11:81:7B:11
ValidityWed, 09 Aug 2023 05:27:59 GMT - Tue, 07 Nov 2023 05:27:58 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash fd39566ae03966b65943c7ac89b18e73
acf7bb80f1ec19ed104027ba51a9fa23aa7d20e2
1fc6aa6a644252e32cb1ca7acf64ac9245820642a748361f4a0c93032dd76a7f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /5/6205538 HTTP/1.1
Host: augailou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:02 GMT
content-type: application/javascript
x-trace-id: bd6861640da9544c4c9e959d894ca8f2
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=b1fc44b672ce4b62a72686d5608a2b19; expires=Mon, 16 Sep 2024 12:48:02 GMT; path=/; secure; SameSite=None
oaidts=1694954882; expires=Mon, 16 Sep 2024 12:48:02 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
GET we20.mycima.cc/templates/3arbserv/css/echo.rtl.css
146.19.24.15200 OK 3.6 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/css/echo.rtl.css
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type ASCII text, with CRLF, LF line terminators
Hash 133de044f542e50c4a5eae2799e148ac
c028504cf9a957ca86d7f1a06371fdc085deaace
e64aa5acc7482eb1a727ee2962407ce824e6f3cb5e22ceda2f27a0dd72072743
GET /templates/3arbserv/css/echo.rtl.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:03 GMT
content-type: text/css
last-modified: Mon, 06 May 2019 06:49:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3601
date: Sun, 17 Sep 2023 12:48:03 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/templates/3arbserv/css/custom2.css?v=2
146.19.24.15200 OK 9.0 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/css/custom2.css?v=2
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type ASCII text, with very long lines (6169), with CRLF line terminators
Hash 182b715de3f603e8ba4afcbb23998151
195778efe8fbb7292c2bb88fdcf1e74eef6f3653
7b7bf629e95f70350aef2045f55c58e43871de5a1c66f01022e61ee47cefa497
GET /templates/3arbserv/css/custom2.css?v=2 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:03 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 08:12:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9028
date: Sun, 17 Sep 2023 12:48:03 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/custom-logo.png
146.19.24.15200 OK 1.7 kB URL GET HTTP/2 we20.mycima.cc/uploads/custom-logo.png
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type PNG image data, 261 x 80, 8-bit/color RGB, non-interlaced\012- data
Hash 3e53d26a827b96ee64d9acd4e9f6ca8c
dce6ba3cd6bb744cbf18af7845d6b2b6656d93d2
7528a0ef939cd8a7234300f5f244b8603a65f252beaa4fb4d69c564ba70c01e0
GET /uploads/custom-logo.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:03 GMT
content-type: image/png
last-modified: Sun, 17 Sep 2023 03:39:49 GMT
accept-ranges: bytes
content-length: 1695
date: Sun, 17 Sep 2023 12:48:03 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/images.png
146.19.24.15200 OK 5.2 kB URL GET HTTP/2 we20.mycima.cc/images.png
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type PNG image data, 348 x 145, 8-bit colormap, non-interlaced\012- data
Hash a766d8c1a622eaf6f8c61923eb7b2ffa
0451f3b28a9d3ba5e86db5bf84647b2695d281df
c4708018079d00eb69f9401ede6757ad56d2debe193c0e2e5490229d5c4db8ea
GET /images.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:03 GMT
content-type: image/png
last-modified: Sat, 29 Apr 2023 00:41:07 GMT
accept-ranges: bytes
content-length: 5175
date: Sun, 17 Sep 2023 12:48:03 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/avatars/avatar795-1.jpg
146.19.24.15200 OK 4.8 kB URL GET HTTP/2 we20.mycima.cc/uploads/avatars/avatar795-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 120x120, components 3\012- data
Hash 8d40b6ddc977a84433c3df9117e5e5ed
b6502d175ff51f1fa47545cbb7dda578e0197349
34d406af254166de7eaf86cd6754a1a74ea12070ed90d1b9390ed0fce2f10f0f
GET /uploads/avatars/avatar795-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:03 GMT
content-type: image/jpeg
last-modified: Sun, 13 Nov 2022 20:45:32 GMT
accept-ranges: bytes
content-length: 4805
date: Sun, 17 Sep 2023 12:48:03 GMT
X-Firefox-Spdy: h2
GET netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
104.18.11.207200 OK 64 kB URL GET HTTP/3 netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
IP 104.18.11.207:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Hash 4b5a84aaf1c9485e060c503a0ff8cadb
574ea2698c03ae9477db2ea3baf460ee32f1a7ea
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
GET /font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://netdna.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 17 Sep 2023 12:48:03 GMT
content-type: font/woff2
content-length: 64464
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 06/09/2022 10:24:04
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 15435a3ac7101f4ad685087d333d146a
cdn-cache: HIT
cf-cache-status: HIT
age: 52142
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 808176185de856a4-OSL
alt-svc: h3=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 204dc4508682430cea131c8edf8cc1ac
77d2dc085cc97e91bfc621387d0b4ca92fc02851
5ab39ba246261d0207aeab582b9782c48a915b3272c3b1daafb171de9b987478
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 12:48:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js
104.18.11.207200 OK 40 kB URL GET HTTP/2 netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js
IP 104.18.11.207:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (31650)
Hash abda843684d022f3bc22bc83927fe05f
26908395e7a9a4eab607d80aa50a81d65f3017cb
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
GET /bootstrap/3.2.0/js/bootstrap.min.js HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 17 Sep 2023 12:48:02 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 11/03/2021 03:23:08
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 0b7e42ce5c8ad95295886cdcce8be1f4
cdn-cache: HIT
cf-cache-status: HIT
age: 20851278
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8081760f3fbb569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 204dc4508682430cea131c8edf8cc1ac
77d2dc085cc97e91bfc621387d0b4ca92fc02851
5ab39ba246261d0207aeab582b9782c48a915b3272c3b1daafb171de9b987478
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 12:48:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintB4:02:64:AF:5C:AB:27:5B:1B:80:CF:C8:FF:EB:BF:43:29:C3:C5:C1
ValidityTue, 25 Jul 2023 06:29:27 GMT - Mon, 23 Oct 2023 06:29:26 GMT
File type JSON data\012- , ASCII text
Hash f1b36cd2b2a6d1b7e24754680d5b0357
323a3f24170b89781803c778798dfc37abacb475
1b6c4571eaf69c30920fce67fdbdcf8a9e64a5eb3323dc9846f1ceb27fc4d690
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://we20.mycima.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=e5b077e21ac240c684b93eaba21d6b62; expires=Mon, 16 Sep 2024 12:48:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash 7df90fcc6b36f4b949ff35e370871c35
1de826eaa2fb8d1f77c3c2d82ab4faaca0a639f9
961082493f092bcc1175d812f6ee5da8d27d935339f27413235e3ca4d498dc94
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 17 Sep 2023 12:48:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 17 Sep 2023 03:49:37 GMT
Expires: Sun, 24 Sep 2023 03:49:36 GMT
Etag: "1de826eaa2fb8d1f77c3c2d82ab4faaca0a639f9"
Cache-Control: max-age=573232,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8081761d3a4756c3-OSL
GET tzegilo.com/stattag.js
104.21.6.68200 OK 7.4 kB IP 104.21.6.68:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint42:15:A6:1F:C2:2C:D5:FF:32:2C:B9:6C:84:A6:86:63:B0:45:C5:20
ValidityMon, 07 Aug 2023 17:09:01 GMT - Sun, 05 Nov 2023 17:09:00 GMT
File type ASCII text, with very long lines (18369)
Hash 89e89aea544ea2785d49cc4cd9cf26f6
7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
etag: W/"64f987a8-4a4b"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQ82o%2FyjVr6YOoKdJBIbazE2wQYXGbruPigYsplMH2UjfPlArnfsZ8cs1oYrFZj3oYFF0TVKaOU6MsOtdUqVtFV8X61fhXNNT8GyHEKFjXIrm7xtYZlNp92oJNXMcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8081761b2c3156cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET we20.mycima.cc/templates/3arbserv/img/pm-avatar.png
146.19.24.15200 OK 2.1 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/img/pm-avatar.png
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type PNG image data, 140 x 140, 8-bit colormap, non-interlaced\012- data
Hash be7a1517b84d3548fdb863e78c72a3fe
91a88cc99f02e7ed22274fc3a6f42c6a3148ef0d
bd2021d52dbb110212c08885e0dab9580282334d6f1d1e50b8da0270ce8c475e
GET /templates/3arbserv/img/pm-avatar.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:04 GMT
content-type: image/png
last-modified: Tue, 19 Apr 2016 15:56:34 GMT
accept-ranges: bytes
content-length: 2135
date: Sun, 17 Sep 2023 12:48:04 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/85620f8be-1.jpg
146.19.24.15200 OK 28 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/85620f8be-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Hash d0f1b6f789de005946a66ba7aa8b0b17
c39bcacf07b45bca75480337780554c2fd5acbff
bbdafadd5fa2fdaf167a3b38c6704c33b0b93b45e83e1e24c5d2ef0cb08385a3
GET /uploads/thumbs/85620f8be-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:04 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 11:50:29 GMT
accept-ranges: bytes
content-length: 28116
date: Sun, 17 Sep 2023 12:48:04 GMT
X-Firefox-Spdy: h2
GET goomaphy.com/401/6219621
139.45.197.239200 OK 36 kB IP 139.45.197.239:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectgoomaphy.com
FingerprintC3:74:51:BB:A3:86:76:B1:BF:E9:5F:7B:8B:6D:B9:FA:A5:A9:BF:88
ValidityFri, 25 Aug 2023 05:21:05 GMT - Thu, 23 Nov 2023 05:21:04 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash c3d6b77e21c46eb78aac9f64a856d8c7
2ad0c1cbb28cce358414dad0472d30b662bd1669
73354a7d392422fe63ab5a324e136ca997de02aaa44654ca4b6c0145aad3b5ab
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /401/6219621 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/javascript
x-trace-id: cab337d3dbabdb0c8fead7f2e1e1dd5b
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=48a4ac2ee8be4a2eb91081f69aa972b2; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/articles/b545ee1d.jpg
146.19.24.15200 OK 42 kB URL GET HTTP/2 we20.mycima.cc/uploads/articles/b545ee1d.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 315x420, components 3\012- data
Hash 0de527b05f11acb3db3ddc7f372e611b
b4d78ff7fb1474a85ee5836946bb65cf53a72739
e97d826c0676876d0793dda72d1642013cacf817cd9bdc1dd68db5769a5125ad
GET /uploads/articles/b545ee1d.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:04 GMT
content-type: image/jpeg
last-modified: Sun, 28 May 2023 09:00:29 GMT
accept-ranges: bytes
content-length: 42125
date: Sun, 17 Sep 2023 12:48:04 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/1118b8d36-1.jpg
146.19.24.15200 OK 46 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/1118b8d36-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Hash c884f6ed155c56eb95238ea0ee044d0f
c674b9ebe7a701c1d032272cc8b2169b28c09d12
40ca90c3f195b7bd6b067d1bbe46e3e28114f512d009470ccc868cd8d3fea828
GET /uploads/thumbs/1118b8d36-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:04 GMT
content-type: image/jpeg
last-modified: Sun, 30 Apr 2023 15:36:38 GMT
accept-ranges: bytes
content-length: 45895
date: Sun, 17 Sep 2023 12:48:04 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/f9e238ab0-1.jpg
146.19.24.15200 OK 86 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/f9e238ab0-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Hash 0faef4b2d0a328bd093c3d2f200627d0
4c1c5e2e0b38129229c0d430ffd80d8b5a358946
2e39d3cab8e4a4404bbdcd4a9d256203b4a2133c7996dfbaf98e8ad3973504f5
GET /uploads/thumbs/f9e238ab0-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:04 GMT
content-type: image/jpeg
last-modified: Mon, 08 May 2023 17:20:39 GMT
accept-ranges: bytes
content-length: 86039
date: Sun, 17 Sep 2023 12:48:04 GMT
X-Firefox-Spdy: h2
GET offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg
104.22.33.172200 OK 13 kB URL GET HTTP/2 offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg
IP 104.22.33.172:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 1355aa125a385056845e0ee1d5384e9a
cfa5fd1b2dd6b299c0aecdf19fec3532ce4392ea
248797fff982ee400ab78ff6831182372f9ef8a6916364192ca0f30556577733
GET /www/images/1355aa125a385056845e0ee1d5384e9a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: image/jpeg
content-length: 13093
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849b-3325"
expires: Mon, 18 Sep 2023 11:34:12 GMT
last-modified: Thu, 01 Dec 2022 10:40:27 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4432
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8081761e9c8509ac-ARN
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/e2e6838e9-1.jpg
146.19.24.15200 OK 32 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/e2e6838e9-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x384, components 3\012- data
Hash 91ec128a0073110233da7b6e11742d90
f80ee7e7b8f85b8fc1a0b48fae82364b705b7fc5
8ca4d6632c22376f1faa3cf91481f4c12bcb023cf6d5e2419c656b767fbcc205
GET /uploads/thumbs/e2e6838e9-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:05 GMT
content-type: image/jpeg
last-modified: Sat, 29 Apr 2023 18:38:54 GMT
accept-ranges: bytes
content-length: 31691
date: Sun, 17 Sep 2023 12:48:05 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/658dd66ef-1.jpg
146.19.24.15200 OK 58 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/658dd66ef-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Hash 4b31ace36746b98bf6f7eace5e801f48
edb2cffedffdc1d10c582ad10b81c614ac6d58e2
33c51680f3edd13ca38af9a8bb33bc2eebdd60c2d86e9fb23b3e8fb244af4aea
GET /uploads/thumbs/658dd66ef-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:05 GMT
content-type: image/jpeg
last-modified: Sun, 27 Aug 2023 19:23:13 GMT
accept-ranges: bytes
content-length: 58003
date: Sun, 17 Sep 2023 12:48:05 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/d38e1743c-1.jpg
146.19.24.15200 OK 50 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/d38e1743c-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x480, components 3\012- data
Hash f4a50033895407e2d7eb26f696b61f54
0634c594d612af5beb935cd4077e9d45d1cccaa7
6317cdd06942692f544a0f793f3c39bdcd1b8cb4dd6f3f182ebc403e1659e73f
GET /uploads/thumbs/d38e1743c-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:05 GMT
content-type: image/jpeg
last-modified: Sat, 06 May 2023 17:03:35 GMT
accept-ranges: bytes
content-length: 49925
date: Sun, 17 Sep 2023 12:48:05 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/07fc7a97b-1.jpg
146.19.24.15200 OK 51 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/07fc7a97b-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Hash b2b0638af77164cf482c3f7325efd3cf
a4feda8561d3c105549d329bd31a29aab780bdbc
e380b73387528ee303eadd1e2933fb201dede118fd442957d18a4a183da285bb
GET /uploads/thumbs/07fc7a97b-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:05 GMT
content-type: image/jpeg
last-modified: Sat, 29 Apr 2023 18:25:50 GMT
accept-ranges: bytes
content-length: 50780
date: Sun, 17 Sep 2023 12:48:05 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/c751cdafa-1.jpg
146.19.24.15200 OK 44 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/c751cdafa-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x378, components 3\012- data
Hash 3fd7631c0ffaf56adeea417ae3eae3f3
b923a0fb0f5f05939e966e7bdb6968462798a90f
d4c02ae1a7300d043bbefc1f7de483cda38bf7c2daf971d40257fb36d9489f15
GET /uploads/thumbs/c751cdafa-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:05 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 11:55:04 GMT
accept-ranges: bytes
content-length: 44247
date: Sun, 17 Sep 2023 12:48:05 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/0202e0ce0-1.jpg
146.19.24.15200 OK 37 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/0202e0ce0-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x420, components 3\012- data
Hash fb5e36c77e6170aefd193a916a40f7bc
0c3d58f9c554cfba405405d31d2d16d10762a6d3
79c11967190356a4083a56163aee20300964a2473dd49a071a7e33b415b9d7bd
GET /uploads/thumbs/0202e0ce0-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:06 GMT
content-type: image/jpeg
last-modified: Sat, 06 May 2023 16:50:08 GMT
accept-ranges: bytes
content-length: 37070
date: Sun, 17 Sep 2023 12:48:06 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/efd491773-1.jpg
146.19.24.15200 OK 35 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/efd491773-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x496, components 3\012- data
Hash c9f6c6f02798ed6572232b01b329d45b
5968ba3c98647af3b25389f8901de28fd9eb6f9f
fe1057a78381504d25cd5aa26a9d895e6abc3e701523788162ac1a4ab81244f7
GET /uploads/thumbs/efd491773-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:06 GMT
content-type: image/jpeg
last-modified: Sat, 29 Apr 2023 18:19:41 GMT
accept-ranges: bytes
content-length: 34637
date: Sun, 17 Sep 2023 12:48:06 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/d5a475040-1.jpg
146.19.24.15200 OK 54 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/d5a475040-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x412, components 3\012- data
Hash 44299c9684969fa32d8b9ebb557d82b9
59135b015e29999083b97ccba3e5d0ed5cd294b9
b9130eb3f68cf2db43718a60a8dd2239aa2b17b6296d5a8a4404961be1469c2f
GET /uploads/thumbs/d5a475040-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:06 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 18:27:15 GMT
accept-ranges: bytes
content-length: 53560
date: Sun, 17 Sep 2023 12:48:06 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/3218e9be0-1.jpg
146.19.24.15200 OK 65 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/3218e9be0-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 853x480, components 3\012- data
Hash 5e987a4e2ad2966bc9721e54f0905470
5c4f7ac27fec56e19401e495ab7806ef6afaa66b
3b09a306d174d37c0fd8b127dbcf861ecf1ed6736a6cbf4e89022cbd8a590a13
GET /uploads/thumbs/3218e9be0-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:06 GMT
content-type: image/jpeg
last-modified: Sat, 06 May 2023 17:08:35 GMT
accept-ranges: bytes
content-length: 64945
date: Sun, 17 Sep 2023 12:48:06 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/b4cdd28ff-1.jpg
146.19.24.15200 OK 34 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/b4cdd28ff-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Hash 1f7fcb4d8ff6752bed06f169b7a8ca31
feb7c063d91a05b5b1b29f8c2f8fd67a900f3f49
07a2a854c08f28cf3332f2971a2138a62ba0ed9812b4c5a1114cc9ce590f0eb1
GET /uploads/thumbs/b4cdd28ff-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:06 GMT
content-type: image/jpeg
last-modified: Sun, 30 Apr 2023 15:42:51 GMT
accept-ranges: bytes
content-length: 34445
date: Sun, 17 Sep 2023 12:48:06 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/2bd07ab06-1.jpg
146.19.24.15200 OK 56 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/2bd07ab06-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Hash 571da45b4991ceaa9511e94ecaa51c10
1479a7e641948d7eb8cf26c9fee1213dd81e5d28
797871cecff105afb5fe1bfd9d7f6cadae6e2b5fab4dc832f039be6d3a51f196
GET /uploads/thumbs/2bd07ab06-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:07 GMT
content-type: image/jpeg
last-modified: Tue, 16 May 2023 17:35:46 GMT
accept-ranges: bytes
content-length: 56072
date: Sun, 17 Sep 2023 12:48:07 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/bbd21def8-1.jpg
146.19.24.15200 OK 69 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/bbd21def8-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Hash f1416f40fe61a3b0e6ff4af380cead96
148495233ea5921775332fbe584674c935e33b8d
f1805401c37b916bd327d8ffbb8111a44a660828f4a3e5a1d6443d6a8a391ec0
GET /uploads/thumbs/bbd21def8-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:07 GMT
content-type: image/jpeg
last-modified: Sat, 29 Apr 2023 18:52:40 GMT
accept-ranges: bytes
content-length: 68686
date: Sun, 17 Sep 2023 12:48:07 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/bedba2d4b-1.jpg
146.19.24.15200 OK 29 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/bedba2d4b-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 719x479, components 3\012- data
Hash f5c1ca65e6bc49a5e7911e3e1f3a2256
4a7e3155adfca4f467d4f7c959b6663a85f7da1a
311914a8ad4cde15e7473c06f6b4fb4c390da8afbed043f823037493022c7334
GET /uploads/thumbs/bedba2d4b-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:07 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 12:01:30 GMT
accept-ranges: bytes
content-length: 29175
date: Sun, 17 Sep 2023 12:48:07 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/73d8f565b-1.jpg
146.19.24.15200 OK 18 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/73d8f565b-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Hash 3f3e443dc1e1ddf213b482c03c7fa51e
60f0d515aadd86fea185df5a49257a4ffa7d5331
a692f073e1ec3cc26f2608acf71e92cabed3e39733c38b0c6e3a042cd4c0f4ae
GET /uploads/thumbs/73d8f565b-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:07 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 10:53:04 GMT
accept-ranges: bytes
content-length: 18037
date: Sun, 17 Sep 2023 12:48:07 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/0c0cd386c-1.jpg
146.19.24.15200 OK 35 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/0c0cd386c-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x432, components 3\012- data
Hash e103e5d079e390c68b74c39e7ff0ab24
8a52b5e6c7c89ad29b1c1e915267c2466a21e351
f590e67e360049325f6734a261dbe881cb9c5ecece6df0ef1580beb5cd3ece4a
GET /uploads/thumbs/0c0cd386c-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:07 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 12:14:58 GMT
accept-ranges: bytes
content-length: 35139
date: Sun, 17 Sep 2023 12:48:07 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/templates/3arbserv/js/theme.js
146.19.24.15200 OK 14 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/js/theme.js
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type Unicode text, UTF-8 text, with very long lines (5357), with CRLF line terminators
Hash d8176b4cb2798d51558fe707c55d7fbb
2d49a0b8afb91121d20469c210566fb8d21e82d6
497a2c9b733f23e5ec7ba08698be68a7cc7c121213e78be6a9db5ceb3943b8c9
GET /templates/3arbserv/js/theme.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:08 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2019 08:11:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13546
date: Sun, 17 Sep 2023 12:48:08 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/templates/3arbserv/js/jquery.plugins.a.js
146.19.24.15200 OK 3.3 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/js/jquery.plugins.a.js
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type ASCII text, with very long lines (5325), with CRLF line terminators
Hash d30d39ea7362e56afcdb14c1919e36b6
3d8ad768ea89003210bea45e8aacd038bae1ecf1
a01674489d3ae093a5909246b27d46e09a6f49bc6834094f5febfa056910e0e5
GET /templates/3arbserv/js/jquery.plugins.a.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:08 GMT
content-type: application/javascript
last-modified: Tue, 05 Mar 2019 09:42:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3303
date: Sun, 17 Sep 2023 12:48:08 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/js/jquery.typewatch.js
146.19.24.15200 OK 767 B URL GET HTTP/2 we20.mycima.cc/js/jquery.typewatch.js
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type ASCII text, with very long lines (1440)
Hash 6915a93382a7b35f40987fd648b43f9d
b78c77cc774594df414a7b1fb99c28083d85bb80
1836dba8922ca00f9ac170122f314b2cd7bbb2eba09c73d8bce215597bd9cd2b
GET /js/jquery.typewatch.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:08 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2019 13:34:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 767
date: Sun, 17 Sep 2023 12:48:08 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/b064231a2-1.jpg
146.19.24.15200 OK 20 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/b064231a2-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data
Hash 7fced2a729d516e6e941bfe9b23e9736
5d6406f06b71d4bab2c5d2b3c6c77ab7ac6d6459
2754130bcd959eb1c6f659d69eb65e3f341aa7deab0aad8071732f9e4fd79198
GET /uploads/thumbs/b064231a2-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:08 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 11:23:04 GMT
accept-ranges: bytes
content-length: 20353
date: Sun, 17 Sep 2023 12:48:08 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/666fcd1a3-1.jpg
146.19.24.15200 OK 20 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/666fcd1a3-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 719x359, components 3\012- data
Hash 921d5bb0e2584d35d2626ec1c5799e1c
04fb3e1f8213cb7bcb08e69d9a0bbd2fdac5bb69
e1eaf14eba43053543c2e08655d0002fb3a5750771931a269bb771292b7910bc
GET /uploads/thumbs/666fcd1a3-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:08 GMT
content-type: image/jpeg
last-modified: Sat, 06 May 2023 16:59:22 GMT
accept-ranges: bytes
content-length: 19712
date: Sun, 17 Sep 2023 12:48:08 GMT
X-Firefox-Spdy: h2
GET goomaphy.com/impression/nIvrcIG5viI9d4ppA3bNxE00fysMNA2CZa_fOlU3p784AVI4T8srP4KXiiVSPhjpaFVXftyeUOOBGIBmFKp1hoQzcPT8Af8Udjb7KRBwL3jN1jQxySeSlz9Z0RlG-ithoo2cFBx8MQH2-vd2s0nzWOGocPY86yO-0e47kFVKv-A2J1-VG2WbAPllq6BQ1Wv0Xa07LHHpa68Iq4e9QqfAB4oObViRWUHCALF5hiteyrDqtXfv3vFSsEWfaK_vKc4dBus2s-ZkYbfH45rlr9YleWNc9easGZglZ38MVyzY8qspV-SYiug-dPPAW1XhZRcT1QWKNbBFeOsfqKR_ewQ4VkaWTNUZ-1mLtJDZienLIsA8OSBBSuDoXoKXuQG1SIuSrBPOOhveErqNp4i5Edb7bBk5DLhH4N2tpLfz_GpaMCfWTccO9dKF5MJkrS9dxID-gK6ooe_ZlcpGmTyPElu-sNIR4WW3DmtcG3IoK8IDm-pk-sIUvsFZJROmNPwheDpHMFzXjBIEMBKR_ynJrcsD_6TSQqbHYPlhS7OGpNrypwo3771pE3yMg_s7aVSIGheBHEx9fPFc98YhyfKMg2QYPQ==?_z=6219621&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0
139.45.197.239200 OK 43 B URL GET HTTP/2 goomaphy.com/impression/nIvrcIG5viI9d4ppA3bNxE00fysMNA2CZa_fOlU3p784AVI4T8srP4KXiiVSPhjpaFVXftyeUOOBGIBmFKp1hoQzcPT8Af8Udjb7KRBwL3jN1jQxySeSlz9Z0RlG-ithoo2cFBx8MQH2-vd2s0nzWOGocPY86yO-0e47kFVKv-A2J1-VG2WbAPllq6BQ1Wv0Xa07LHHpa68Iq4e9QqfAB4oObViRWUHCALF5hiteyrDqtXfv3vFSsEWfaK_vKc4dBus2s-ZkYbfH45rlr9YleWNc9easGZglZ38MVyzY8qspV-SYiug-dPPAW1XhZRcT1QWKNbBFeOsfqKR_ewQ4VkaWTNUZ-1mLtJDZienLIsA8OSBBSuDoXoKXuQG1SIuSrBPOOhveErqNp4i5Edb7bBk5DLhH4N2tpLfz_GpaMCfWTccO9dKF5MJkrS9dxID-gK6ooe_ZlcpGmTyPElu-sNIR4WW3DmtcG3IoK8IDm-pk-sIUvsFZJROmNPwheDpHMFzXjBIEMBKR_ynJrcsD_6TSQqbHYPlhS7OGpNrypwo3771pE3yMg_s7aVSIGheBHEx9fPFc98YhyfKMg2QYPQ==?_z=6219621&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0
IP 139.45.197.239:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectgoomaphy.com
FingerprintC3:74:51:BB:A3:86:76:B1:BF:E9:5F:7B:8B:6D:B9:FA:A5:A9:BF:88
ValidityFri, 25 Aug 2023 05:21:05 GMT - Thu, 23 Nov 2023 05:21:04 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impression/nIvrcIG5viI9d4ppA3bNxE00fysMNA2CZa_fOlU3p784AVI4T8srP4KXiiVSPhjpaFVXftyeUOOBGIBmFKp1hoQzcPT8Af8Udjb7KRBwL3jN1jQxySeSlz9Z0RlG-ithoo2cFBx8MQH2-vd2s0nzWOGocPY86yO-0e47kFVKv-A2J1-VG2WbAPllq6BQ1Wv0Xa07LHHpa68Iq4e9QqfAB4oObViRWUHCALF5hiteyrDqtXfv3vFSsEWfaK_vKc4dBus2s-ZkYbfH45rlr9YleWNc9easGZglZ38MVyzY8qspV-SYiug-dPPAW1XhZRcT1QWKNbBFeOsfqKR_ewQ4VkaWTNUZ-1mLtJDZienLIsA8OSBBSuDoXoKXuQG1SIuSrBPOOhveErqNp4i5Edb7bBk5DLhH4N2tpLfz_GpaMCfWTccO9dKF5MJkrS9dxID-gK6ooe_ZlcpGmTyPElu-sNIR4WW3DmtcG3IoK8IDm-pk-sIUvsFZJROmNPwheDpHMFzXjBIEMBKR_ynJrcsD_6TSQqbHYPlhS7OGpNrypwo3771pE3yMg_s7aVSIGheBHEx9fPFc98YhyfKMg2QYPQ==?_z=6219621&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Cookie: OAID=e5b077e21ac240c684b93eaba21d6b62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:09 GMT
content-type: image/gif
content-length: 43
x-trace-id: b175ca3f4380d916914771ed98908f5a
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg
104.22.33.172200 OK 13 kB URL GET HTTP/2 offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg
IP 104.22.33.172:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 1355aa125a385056845e0ee1d5384e9a
cfa5fd1b2dd6b299c0aecdf19fec3532ce4392ea
248797fff982ee400ab78ff6831182372f9ef8a6916364192ca0f30556577733
GET /www/images/1355aa125a385056845e0ee1d5384e9a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 17 Sep 2023 12:48:09 GMT
content-type: image/jpeg
content-length: 13093
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849b-3325"
expires: Mon, 18 Sep 2023 11:34:12 GMT
last-modified: Thu, 01 Dec 2022 10:40:27 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4437
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8081763ab97209ac-ARN
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
142.250.74.106200 OK 17 kB URL GET HTTP/3 fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP 142.250.74.106:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT
File type gzip compressed data, max compression\012- data
Hash fcc7ee5678541adea03770b8cfafd146
e5d4c9d76cabeef9e8faa14ff0ed07bd097396fc
1474e26a5116379d3fa3f65cec9f195f0d826c24891a55a15f39c92dae12405d
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 17 Sep 2023 12:48:09 GMT
date: Sun, 17 Sep 2023 12:48:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 14 Sep 2023 04:50:55 GMT
expires: Fri, 13 Sep 2024 04:50:55 GMT
cache-control: public, max-age=31536000
age: 287834
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET we20.mycima.cc/js/bootstrap-notify.min.js
146.19.24.15200 OK 2.5 kB URL GET HTTP/2 we20.mycima.cc/js/bootstrap-notify.min.js
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type HTML document, ASCII text, with very long lines (595)
Hash 5ba070af9d1b1a2782851940de30879f
d33390fc88bf68bd23eb182d7dbc77f5227081b2
a13a07b242c80b57e0cbbacc6cfedb538d4d331ff1f9dff370519ec57407e450
GET /js/bootstrap-notify.min.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:09 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2019 13:34:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2489
date: Sun, 17 Sep 2023 12:48:09 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/js/melody.dev.js
146.19.24.15200 OK 4.0 kB URL GET HTTP/2 we20.mycima.cc/js/melody.dev.js
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
Hash e238acf58475d3cdb95d614582134b24
b13c1da1f5254cb14f4f187bd5174ed0feb08a23
f3a4cbf3a8090b121a0d6d6dd8feda9f92831cdb5a070a7eb9ef58234c1f4eab
GET /js/melody.dev.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:09 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2019 13:34:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4004
date: Sun, 17 Sep 2023 12:48:09 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/templates/3arbserv/js/melody.dev.js
146.19.24.15200 OK 2.1 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/js/melody.dev.js
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type ASCII text, with CRLF line terminators
Hash c3bde81760af5b3df4d0c56ba06a0fca
ecf2f46def386ad8f62fad28edc36c8440f339cc
c6f149f7dcbe38ff7b1391b1fab3462f06309f79df7bf9135ba1e75b13189af8
GET /templates/3arbserv/js/melody.dev.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:09 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2019 08:11:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2135
date: Sun, 17 Sep 2023 12:48:09 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/templates/3arbserv/js/jasny-bootstrap.min.js
146.19.24.15200 OK 5.0 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/js/jasny-bootstrap.min.js
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type ASCII text, with very long lines (343)
Hash f6b6e524d29d54ada53e4172b9d91cf7
427153c7a2d83d2ca800e397779f29b857801ad2
e7ad856551c720cb7c6a24a8bf4a9d6b6b24c24f07109cde96366338e53a4ff8
GET /templates/3arbserv/js/jasny-bootstrap.min.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:09 GMT
content-type: application/javascript
last-modified: Wed, 20 Apr 2016 07:26:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4986
date: Sun, 17 Sep 2023 12:48:09 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/templates/3arbserv/js/jquery.plugins.b.js
146.19.24.15200 OK 3.6 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/js/jquery.plugins.b.js
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type Unicode text, UTF-8 text, with very long lines (5838), with CRLF line terminators
Hash 443045e7fcb603ba92e473b0ec11d2b2
8d9dd41c01b0f2738d6bd1a3984095570bbeb0df
8084ff37c531acc28e0fa45ecb19d9a3c846a91f1b2e101801a9dada0cd31702
GET /templates/3arbserv/js/jquery.plugins.b.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:09 GMT
content-type: application/javascript
last-modified: Tue, 05 Mar 2019 09:45:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3596
date: Sun, 17 Sep 2023 12:48:09 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/templates/3arbserv/js/jquery.readmore.js
146.19.24.15200 OK 1.1 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/js/jquery.readmore.js
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type HTML document, ASCII text, with very long lines (531), with CRLF line terminators
Hash 081fe3d90aad9b9f11e4b1c0569530df
ff566498ce6f25f4a3b28c0e2bb92b6b86fea6ed
98e825583e6fb4f7e8a65f9063fb7ea2d34aee8f9aa480dfee285ea27f4fca02
GET /templates/3arbserv/js/jquery.readmore.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:10 GMT
content-type: application/javascript
last-modified: Thu, 29 Oct 2015 08:29:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1147
date: Sun, 17 Sep 2023 12:48:10 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/templates/3arbserv/js/jquery.cropit.js
146.19.24.15200 OK 6.6 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/js/jquery.cropit.js
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type ASCII text, with very long lines (27266)
Hash cd82e0edbcecf087be901e8e7ed0d035
2cedce9f87501152efa36eb1949d95c0ca4ff200
b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840
GET /templates/3arbserv/js/jquery.cropit.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:10 GMT
content-type: application/javascript
last-modified: Tue, 07 Mar 2017 13:47:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6593
date: Sun, 17 Sep 2023 12:48:10 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/uploads/thumbs/ac5bcf622-1.jpg
146.19.24.15200 OK 46 kB URL GET HTTP/2 we20.mycima.cc/uploads/thumbs/ac5bcf622-1.jpg
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x404, components 3\012- data
Hash d9f516fc9b214e9076e653d4b5398a2f
680740e3d25f40663dc1c9bae4d7ad3f1820bc45
44cc7c473b7d494743760d38adc53d3e697aa76e9af2ffb18da45e4d84c6547c
GET /uploads/thumbs/ac5bcf622-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:10 GMT
content-type: image/jpeg
last-modified: Sun, 28 May 2023 09:00:26 GMT
accept-ranges: bytes
content-length: 45612
date: Sun, 17 Sep 2023 12:48:10 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/templates/3arbserv/img/icon-play-32.png
146.19.24.15200 OK 2.4 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/img/icon-play-32.png
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 35bd95e97ff446debcc363482550378d
91c8d90e0524e5346aa4f3ae0806893db5d95959
eee224146191f9cc5fabac0a105fe5b9b34750f8afe16823dbb593259d8a1d75
GET /templates/3arbserv/img/icon-play-32.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/templates/3arbserv/css/echo.css
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:10 GMT
content-type: image/png
last-modified: Sat, 05 Mar 2022 10:18:44 GMT
accept-ranges: bytes
content-length: 2413
date: Sun, 17 Sep 2023 12:48:10 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/templates/3arbserv/js/jquery.readmore.js
146.19.24.15200 OK 1.1 kB URL GET HTTP/2 we20.mycima.cc/templates/3arbserv/js/jquery.readmore.js
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type HTML document, ASCII text, with very long lines (531), with CRLF line terminators
Hash 081fe3d90aad9b9f11e4b1c0569530df
ff566498ce6f25f4a3b28c0e2bb92b6b86fea6ed
98e825583e6fb4f7e8a65f9063fb7ea2d34aee8f9aa480dfee285ea27f4fca02
GET /templates/3arbserv/js/jquery.readmore.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D; prefetchAd_6205538=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:10 GMT
content-type: application/javascript
last-modified: Thu, 29 Oct 2015 08:29:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1147
date: Sun, 17 Sep 2023 12:48:10 GMT
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c
142.250.74.168200 OK 86 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT
File type ASCII text, with very long lines (3034)
Hash 8b016179bab28c03e0dc5a5e64cc6623
a97e27fe92ae28ac1e6e2c4fa2199a279059f0b8
ace974f9528818690bed82894e728a409f20bdb2d174351c70edc7eabd4075aa
GET /gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 17 Sep 2023 12:48:11 GMT
expires: Sun, 17 Sep 2023 12:48:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85517
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET we20.mycima.cc/favicons/android-icon-192x192.png
146.19.24.15200 OK 22 kB URL GET HTTP/2 we20.mycima.cc/favicons/android-icon-192x192.png
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash dcf7d645053c0bb7e0edd25960004324
5951f5ffde7d819e499f69540b0d95cc39d0a8bd
ce2f656adb31855d7886fbcf54add26d85fe22f49a1712cde1779bc905384700
GET /favicons/android-icon-192x192.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D; prefetchAd_6205538=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 13:43:53 GMT
accept-ranges: bytes
content-length: 22310
date: Sun, 17 Sep 2023 12:48:11 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/favicons/favicon-16x16.png
146.19.24.15200 OK 1.0 kB URL GET HTTP/2 we20.mycima.cc/favicons/favicon-16x16.png
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 2f9e3795889ec567bbb1124b6b1f73c8
1587f8e10111dda099a9453850224807334ec44b
c994effa2226581104a4963c1c0ced8b6009e06a8ac49b4cdb09ce1c84443a65
GET /favicons/favicon-16x16.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D; prefetchAd_6205538=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 13:44:34 GMT
accept-ranges: bytes
content-length: 1017
date: Sun, 17 Sep 2023 12:48:11 GMT
X-Firefox-Spdy: h2
POST fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL POST HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 6949f52318584a4b51c719a9b84a7287
9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905
72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1366
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 17 Sep 2023 12:49:28 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://we20.mycima.cc
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
GET goomaphy.com/500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0
139.45.197.239200 OK 1.3 kB URL GET HTTP/2 goomaphy.com/500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0
IP 139.45.197.239:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectgoomaphy.com
FingerprintC3:74:51:BB:A3:86:76:B1:BF:E9:5F:7B:8B:6D:B9:FA:A5:A9:BF:88
ValidityFri, 25 Aug 2023 05:21:05 GMT - Thu, 23 Nov 2023 05:21:04 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1274), with no line terminators
Hash 6e17b7d85332b8804d3538b9f1b3b185
9bcee71fa5c6b62949b503394a4b113f35e22dc3
5ac25691e6ceb9935cef5615af2be526de5e2dd50bcc04c98458c2a4e7aba3aa
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Cookie: OAID=48a4ac2ee8be4a2eb91081f69aa972b2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/javascript
x-trace-id: a20e6bbabd7bb33dbdf8f51e67088a17
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://we20.mycima.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=e5b077e21ac240c684b93eaba21d6b62; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
OPTIONS goomaphy.com/500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0
139.45.197.239200 OK 0 B URL OPTIONS HTTP/2 goomaphy.com/500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0
IP 139.45.197.239:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectgoomaphy.com
FingerprintC3:74:51:BB:A3:86:76:B1:BF:E9:5F:7B:8B:6D:B9:FA:A5:A9:BF:88
ValidityFri, 25 Aug 2023 05:21:05 GMT - Thu, 23 Nov 2023 05:21:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://we20.mycima.cc/
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://we20.mycima.cc
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
GET augailou.com/5/6205538/?abt_opts=1&js_build=iclick-v1.599.0&userId=e5b077e21ac240c684b93eaba21d6b62
139.45.197.243200 OK 2.8 kB URL GET HTTP/2 augailou.com/5/6205538/?abt_opts=1&js_build=iclick-v1.599.0&userId=e5b077e21ac240c684b93eaba21d6b62
IP 139.45.197.243:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectaugailou.com
FingerprintB9:7E:0E:C7:F9:64:DD:50:AA:09:D2:00:44:48:A2:F6:11:81:7B:11
ValidityWed, 09 Aug 2023 05:27:59 GMT - Tue, 07 Nov 2023 05:27:58 GMT
File type troff or preprocessor input, ASCII text, with very long lines (3000), with no line terminators
Hash 15d4081207c396c35903d529abe67c37
84ec287352de80de8c7e8a2b494ddb0307635e70
466198692d32ba869cb23179b7f6cffdd67ac146be597ebe26a34705fb2d5ce9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /5/6205538/?abt_opts=1&js_build=iclick-v1.599.0&userId=e5b077e21ac240c684b93eaba21d6b62 HTTP/1.1
Host: augailou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Cookie: OAID=b1fc44b672ce4b62a72686d5608a2b19; oaidts=1694954882
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/json
x-trace-id: db4753aa8db0b5e1a7cc2931bd22ee70
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://we20.mycima.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=e5b077e21ac240c684b93eaba21d6b62; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
oaidts=1694954884; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 24 Sep 2023 12:48:04 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
GET augailou.com/?rb=rMlaKSI7YRG1vIMlShqwRCru5LCpCtq_kIB7ABew7EiXs4zRNaccEx9Wo1pH3utT_A-6fM0zVhTrEBFC4PKPshr5sAmfmNiWc6jeFfFwGaKg427RB4H-3axI3v3ieZNP0lZHz0uzY7-Ij1hcEP2_4oVb99PeNzZ6PRM6aPMdtj8DfcAJFrjC6792h0RbuTsVqylsWPc3-l-y0wGahTtFd8ruuhNtR0aK&request_ab2=150011&zoneid=6205538&js_build=iclick-v1.599.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.599.0&bs=44f6a01c-3672-43c4-b832-462845394783&userId=e5b077e21ac240c684b93eaba21d6b62&m=link
139.45.197.243200 OK 2.1 kB URL GET HTTP/2 augailou.com/?rb=rMlaKSI7YRG1vIMlShqwRCru5LCpCtq_kIB7ABew7EiXs4zRNaccEx9Wo1pH3utT_A-6fM0zVhTrEBFC4PKPshr5sAmfmNiWc6jeFfFwGaKg427RB4H-3axI3v3ieZNP0lZHz0uzY7-Ij1hcEP2_4oVb99PeNzZ6PRM6aPMdtj8DfcAJFrjC6792h0RbuTsVqylsWPc3-l-y0wGahTtFd8ruuhNtR0aK&request_ab2=150011&zoneid=6205538&js_build=iclick-v1.599.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.599.0&bs=44f6a01c-3672-43c4-b832-462845394783&userId=e5b077e21ac240c684b93eaba21d6b62&m=link
IP 139.45.197.243:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectaugailou.com
FingerprintB9:7E:0E:C7:F9:64:DD:50:AA:09:D2:00:44:48:A2:F6:11:81:7B:11
ValidityWed, 09 Aug 2023 05:27:59 GMT - Tue, 07 Nov 2023 05:27:58 GMT
File type troff or preprocessor input, ASCII text, with very long lines (2165), with no line terminators
Hash 8ef7de37d06c541f706c60d6a489a4c7
c427ed51f34b20d449a709d57743743e008ae75e
2c67f210a187fe0468f38e1aafa4d177edcd1cfbf9124d939c7c7aec0c954d15
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /?rb=rMlaKSI7YRG1vIMlShqwRCru5LCpCtq_kIB7ABew7EiXs4zRNaccEx9Wo1pH3utT_A-6fM0zVhTrEBFC4PKPshr5sAmfmNiWc6jeFfFwGaKg427RB4H-3axI3v3ieZNP0lZHz0uzY7-Ij1hcEP2_4oVb99PeNzZ6PRM6aPMdtj8DfcAJFrjC6792h0RbuTsVqylsWPc3-l-y0wGahTtFd8ruuhNtR0aK&request_ab2=150011&zoneid=6205538&js_build=iclick-v1.599.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.599.0&bs=44f6a01c-3672-43c4-b832-462845394783&userId=e5b077e21ac240c684b93eaba21d6b62&m=link HTTP/1.1
Host: augailou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://we20.mycima.cc/
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Cookie: OAID=e5b077e21ac240c684b93eaba21d6b62; oaidts=1694954884; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/json
x-trace-id: 41991764eb57cc4198175b70f8e546cc
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://we20.mycima.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=e5b077e21ac240c684b93eaba21d6b62; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
oaidts=1694954884; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 24 Sep 2023 12:48:04 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
GET fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2
216.58.207.227200 OK 31 kB URL GET HTTP/2 fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2
IP 216.58.207.227:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT
File type Web Open Font Format (Version 2), TrueType, length 31248, version 1.0\012- data
Hash 436938da6ed799ca17110e719e4d2e51
b7ef31b6085a9f0963dffe7939abca527724d389
a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2
GET /ea/droidarabickufi/v6/DroidKufi-Regular.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 12 Sep 2023 01:50:03 GMT
expires: Wed, 11 Sep 2024 01:50:03 GMT
cache-control: public, max-age=31536000
age: 471480
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
content-type: font/woff2
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 15 Sep 2023 10:05:24 GMT
expires: Sat, 14 Sep 2024 10:05:24 GMT
cache-control: public, max-age=31536000
age: 182565
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET we20.mycima.cc/ajax.php?p=stats&do=show&aid=2&at=1
146.19.24.15200 OK 42 B URL GET HTTP/2 we20.mycima.cc/ajax.php?p=stats&do=show&aid=2&at=1
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b5e8704c89f018cff215cb5ed3e0128
2a9fa3661b326c503e492b89cdd9130d12ead03d
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
GET /ajax.php?p=stats&do=show&aid=2&at=1 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
pragma: no-cache
content-type: image/gif
expires: Wed, 5 Feb 1986 06:06:06 GMT
cache-control: must-revalidate
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
GET we20.mycima.cc/ajax.php?p=stats&do=show&aid=3&at=1
146.19.24.15200 OK 42 B URL GET HTTP/2 we20.mycima.cc/ajax.php?p=stats&do=show&aid=3&at=1
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b5e8704c89f018cff215cb5ed3e0128
2a9fa3661b326c503e492b89cdd9130d12ead03d
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
GET /ajax.php?p=stats&do=show&aid=3&at=1 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
pragma: no-cache
content-type: image/gif
expires: Wed, 5 Feb 1986 06:06:06 GMT
cache-control: must-revalidate
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700
142.250.74.106200 OK 12 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700
IP 142.250.74.106:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT
Hash 06596cfa2dee431129c328e050b9fb2a
1a991c51ab2b2da5647e83f481e7d18d60a45b3b
bf6fe0ffee1d57731da4d1cf3cfe88e1effa9b36c51a85018a91ed43b91c3de6
GET /css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 17 Sep 2023 12:48:02 GMT
date: Sun, 17 Sep 2023 12:48:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET we20.mycima.cc/watch.php?vid=ac5bcf622
146.19.24.15200 OK 121 kB URL User Request GET HTTP/2 we20.mycima.cc/watch.php?vid=ac5bcf622
IP 146.19.24.15:443
ASN #201814 Meverywhere sp. z o.o.
Certificate IssuerLet's Encrypt
Subjectb.mycima.cc
FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F
ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
Size 121 kB (121008 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.php?vid=ac5bcf622 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
set-cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; path=/; secure
watched_video_list=Nzk2OA%3D%3D; expires=Mon, 18-Sep-2023 12:48:01 GMT; Max-Age=86400; path=/; secure
content-encoding: br
vary: Accept-Encoding
date: Sun, 17 Sep 2023 12:48:01 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
GET netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
104.18.11.207200 OK 27 kB URL GET HTTP/2 netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
IP 104.18.11.207:443
Requested by https://we20.mycima.cc/watch.php?vid=ac5bcf622
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (26548)
Hash 0831cba6a670e405168b84aa20798347
05ea25bc9b3ac48993e1fee322d3bc94b49a6e22
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 17 Sep 2023 12:48:02 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 12/13/2021 21:25:06
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 632
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: ce46644f14621522f2593a9762829805
cdn-cache: HIT
cf-cache-status: HIT
age: 1470171
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8081760f2fb0569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2