| we20.mycima.cc/templates/3arbserv/css/bootstrap.min.css | 146.19.24.15 | 200 OK | 18 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/css/bootstrap.min.css IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeASCII text, with very long lines (65360), with CRLF line terminators Hash057c5534becfdb2d50350cbacfb8fa8c aee8eea23cc9ade1f7e3de672f57a9f79e9e1516 00cce1553100d450fad1142957e5a2c793a1c5ba7877f5a119c704eb6acc1313
GET /templates/3arbserv/css/bootstrap.min.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:02 GMT
content-type: text/css
last-modified: Tue, 16 Apr 2019 09:05:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18184
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/templates/3arbserv/css/jasny-bootstrap.min.css | 146.19.24.15 | 200 OK | 2.2 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/css/jasny-bootstrap.min.css IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeASCII text, with very long lines (13803), with CRLF line terminators Hash56a224ccaaf1ad3df6ee7dbbc019aeac 2ce1ef76b342a8fafda1e03a62b99be5340812bf 777a9e5bb5d35fd671e5b252c67a0cf462baa8258db145ef6ea7dadf4de4b481
GET /templates/3arbserv/css/jasny-bootstrap.min.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:02 GMT
content-type: text/css
last-modified: Wed, 20 Apr 2016 09:46:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2228
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/templates/3arbserv/css/echo.css | 146.19.24.15 | 200 OK | 47 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/css/echo.css IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeASCII text, with CRLF line terminators Hashddf860f5b206570261ecc17836030729 ade9251cb8b817c9686a075a15d59f4051e02ddd 992ceb90f0e31207c443dfd7dedcbcb1a0b612d0c9fe851bc838534d035181f7
GET /templates/3arbserv/css/echo.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:02 GMT
content-type: text/css
last-modified: Fri, 25 Mar 2022 14:00:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 46677
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/templates/3arbserv/css/animate.min.css | 146.19.24.15 | 200 OK | 3.8 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/css/animate.min.css IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeASCII text, with very long lines (319) Hash3d0a26b7c254da8c0d297e753ff23f65 877d0bcad6716a05066d9b6dab07e264f631a5f0 f1f0041c0c62f37ee475d174370f574a62afd842055e79a86dc4c722532de6bb
GET /templates/3arbserv/css/animate.min.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:02 GMT
content-type: text/css
last-modified: Tue, 16 Apr 2019 08:00:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3849
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/templates/3arbserv/css/bootstrap.min.rtl.css | 146.19.24.15 | 200 OK | 4.2 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/css/bootstrap.min.rtl.css IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeASCII text, with very long lines (540), with CRLF line terminators Hash50650996f24f8595aca871946cf4bfc7 7fa88ac85d0f97dcd3c80c62a62dca78aedf73f2 16725d7575da85e45223fc328ae010003775db250fda7bfdec9dc1e1676437a4
GET /templates/3arbserv/css/bootstrap.min.rtl.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:02 GMT
content-type: text/css
last-modified: Thu, 14 Apr 2016 08:16:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4160
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-migrate-1.2.1.min.js | 151.101.194.137 | 200 OK | 3.1 kB |
URL GET HTTP/2code.jquery.com/jquery-migrate-1.2.1.min.js IP 151.101.194.137:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (7085) Hasheb05d8d73b5b13d8d84308a4751ece96 743052320809514fb788fe1d3df37fc87ce90452 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1c1f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 17 Sep 2023 12:48:02 GMT
age: 51086
x-served-by: cache-lga21931-LGA, cache-bma1664-BMA
x-cache: HIT, HIT
x-cache-hits: 26, 4874
x-timer: S1694954882.461337,VS0,VE0
vary: Accept-Encoding
content-length: 3063
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/social-thumb.php?vid=ac5bcf622 | 146.19.24.15 | 200 OK | 46 kB |
URL GET HTTP/2we20.mycima.cc/social-thumb.php?vid=ac5bcf622 IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x404, components 3\012- data Hash244d88ff5c401dd494c613d1107ac144 bc58fdd1c408b14e3f588cb46358cc229d8c6e99 3d109519d67f6cabc9b53fd259446310c7bb18cead0a5c62b89708ca5ab9168f
GET /social-thumb.php?vid=ac5bcf622 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:02 GMT
content-length: 45790
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | | 471 B |
IP 142.250.74.131:0
Hash3f690653f247c02a01c2528105aefa1c 49b43e6ae93d42552873e76d5f7fd04d09ef5303 e65860a990d88abab1a953c18a8498894fa306c9b8f5218f72379ff51281ba70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 12:48:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| we20.mycima.cc/include/securimage_show.php?sid=4b0156ab894f8bcd18109ad6820296be | 146.19.24.15 | 200 OK | 3.3 kB |
URL GET HTTP/2we20.mycima.cc/include/securimage_show.php?sid=4b0156ab894f8bcd18109ad6820296be IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typePNG image data, 158 x 35, 8-bit/color RGB, non-interlaced\012- data Hash5f1f76e508e118e2b6923da08a0beb31 fa990fad9b7c500a656059710bf79124d774af60 73f296936db77c63fe1c96e9d08fb2c78dc729a82256b7662c534c7306d37d6c
GET /include/securimage_show.php?sid=4b0156ab894f8bcd18109ad6820296be HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 Sep 2023 12:48:02GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: image/png
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/include/securimage_show.php?sid=d4a724075c9c7eecdc9a1d412585f2d4 | 146.19.24.15 | 200 OK | 3.5 kB |
URL GET HTTP/2we20.mycima.cc/include/securimage_show.php?sid=d4a724075c9c7eecdc9a1d412585f2d4 IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typePNG image data, 158 x 35, 8-bit/color RGB, non-interlaced\012- data Hash16d1b862dc43cc247d0e87a9e8c40470 2833c002032a8675a043a2439c25ca246799bd03 9eb3182ebb40a81419b8014c1a17bbeb8a9703b610cbb119957a444c1c8e5435
GET /include/securimage_show.php?sid=d4a724075c9c7eecdc9a1d412585f2d4 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 Sep 2023 12:48:02GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: image/png
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/include/securimage_show.php?sid=5a89543f32e0f7a11ad79bc9a185cdcb | 146.19.24.15 | 200 OK | 3.5 kB |
URL GET HTTP/2we20.mycima.cc/include/securimage_show.php?sid=5a89543f32e0f7a11ad79bc9a185cdcb IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typePNG image data, 158 x 35, 8-bit/color RGB, non-interlaced\012- data Hashb6cca136f4b8235804b1c450bc610ef4 5ffd92054f0e3d9c81d937a10ec9ae00fdbc3cfb 775c08028bf0eaa54434f3ef3d577bee6ea893e24c4c0e9329f055d75915877a
GET /include/securimage_show.php?sid=5a89543f32e0f7a11ad79bc9a185cdcb HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 Sep 2023 12:48:02GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: image/png
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js | 142.250.74.106 | 200 OK | 34 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js IP 142.250.74.106:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38 ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT
File typeASCII text, with very long lines (32038) Hashf03e5a3bf534f4a738bc350631fd05bd 37b1db88b57438f1072a8ebc7559c909c9d3a682 aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 12 Sep 2023 23:43:34 GMT
expires: Wed, 11 Sep 2024 23:43:34 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 392668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID | 142.250.74.168 | 200 OK | 44 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=GA_MEASUREMENT_ID IP 142.250.74.168:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12 ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT
File typeASCII text, with very long lines (2271) Hashb813346a31fd23c1648e96f1dad17421 14ded76482c44f7b7dd69d88bde9663abf500fa9 277a12880459e6c496c7d9ce700e8eafc1a6b04727329d19084a4527a54ad91a
GET /gtag/js?id=GA_MEASUREMENT_ID HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 17 Sep 2023 12:48:02 GMT
expires: Sun, 17 Sep 2023 12:48:02 GMT
cache-control: private, max-age=900
last-modified: Sun, 17 Sep 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| arglingpistole.com/1clkn/55455 | 23.109.82.181 | 200 OK | 26 B |
URL GET HTTP/1.1arglingpistole.com/1clkn/55455 IP 23.109.82.181:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectarglingpistole.com Fingerprint35:EF:B1:4B:FD:22:83:BF:DB:F9:AD:73:52:80:02:1A:30:08:CC:32 ValidityWed, 16 Aug 2023 12:04:29 GMT - Tue, 14 Nov 2023 12:04:28 GMT
File typeASCII text, with no line terminators Hash9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
GET /1clkn/55455 HTTP/1.1
Host: arglingpistole.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 17 Sep 2023 12:48:02 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Mon, 18-Sep-2023 12:48:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjCC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7B3R; expires=Mon, 18-Sep-2023 12:48:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | | 471 B |
IP 142.250.74.131:0
Hash3f690653f247c02a01c2528105aefa1c 49b43e6ae93d42552873e76d5f7fd04d09ef5303 e65860a990d88abab1a953c18a8498894fa306c9b8f5218f72379ff51281ba70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 12:48:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | | 471 B |
IP 142.250.74.131:0
Hash3f690653f247c02a01c2528105aefa1c 49b43e6ae93d42552873e76d5f7fd04d09ef5303 e65860a990d88abab1a953c18a8498894fa306c9b8f5218f72379ff51281ba70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 12:48:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| augailou.com/5/6205538 | 139.45.197.243 | 200 OK | 25 kB |
IP 139.45.197.243:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectaugailou.com FingerprintB9:7E:0E:C7:F9:64:DD:50:AA:09:D2:00:44:48:A2:F6:11:81:7B:11 ValidityWed, 09 Aug 2023 05:27:59 GMT - Tue, 07 Nov 2023 05:27:58 GMT
File typegzip compressed data, max speed, from Unix\012- data Hashfd39566ae03966b65943c7ac89b18e73 acf7bb80f1ec19ed104027ba51a9fa23aa7d20e2 1fc6aa6a644252e32cb1ca7acf64ac9245820642a748361f4a0c93032dd76a7f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5/6205538 HTTP/1.1
Host: augailou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:02 GMT
content-type: application/javascript
x-trace-id: bd6861640da9544c4c9e959d894ca8f2
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=b1fc44b672ce4b62a72686d5608a2b19; expires=Mon, 16 Sep 2024 12:48:02 GMT; path=/; secure; SameSite=None
oaidts=1694954882; expires=Mon, 16 Sep 2024 12:48:02 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/templates/3arbserv/css/echo.rtl.css | 146.19.24.15 | 200 OK | 3.6 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/css/echo.rtl.css IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeASCII text, with CRLF, LF line terminators Hash133de044f542e50c4a5eae2799e148ac c028504cf9a957ca86d7f1a06371fdc085deaace e64aa5acc7482eb1a727ee2962407ce824e6f3cb5e22ceda2f27a0dd72072743
GET /templates/3arbserv/css/echo.rtl.css HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:03 GMT
content-type: text/css
last-modified: Mon, 06 May 2019 06:49:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3601
date: Sun, 17 Sep 2023 12:48:03 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/templates/3arbserv/css/custom2.css?v=2 | 146.19.24.15 | 200 OK | 9.0 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/css/custom2.css?v=2 IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeASCII text, with very long lines (6169), with CRLF line terminators Hash182b715de3f603e8ba4afcbb23998151 195778efe8fbb7292c2bb88fdcf1e74eef6f3653 7b7bf629e95f70350aef2045f55c58e43871de5a1c66f01022e61ee47cefa497
GET /templates/3arbserv/css/custom2.css?v=2 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:03 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 08:12:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9028
date: Sun, 17 Sep 2023 12:48:03 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/custom-logo.png | 146.19.24.15 | 200 OK | 1.7 kB |
URL GET HTTP/2we20.mycima.cc/uploads/custom-logo.png IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typePNG image data, 261 x 80, 8-bit/color RGB, non-interlaced\012- data Hash3e53d26a827b96ee64d9acd4e9f6ca8c dce6ba3cd6bb744cbf18af7845d6b2b6656d93d2 7528a0ef939cd8a7234300f5f244b8603a65f252beaa4fb4d69c564ba70c01e0
GET /uploads/custom-logo.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:03 GMT
content-type: image/png
last-modified: Sun, 17 Sep 2023 03:39:49 GMT
accept-ranges: bytes
content-length: 1695
date: Sun, 17 Sep 2023 12:48:03 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/images.png | 146.19.24.15 | 200 OK | 5.2 kB |
URL GET HTTP/2we20.mycima.cc/images.png IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typePNG image data, 348 x 145, 8-bit colormap, non-interlaced\012- data Hasha766d8c1a622eaf6f8c61923eb7b2ffa 0451f3b28a9d3ba5e86db5bf84647b2695d281df c4708018079d00eb69f9401ede6757ad56d2debe193c0e2e5490229d5c4db8ea
GET /images.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:03 GMT
content-type: image/png
last-modified: Sat, 29 Apr 2023 00:41:07 GMT
accept-ranges: bytes
content-length: 5175
date: Sun, 17 Sep 2023 12:48:03 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/avatars/avatar795-1.jpg | 146.19.24.15 | 200 OK | 4.8 kB |
URL GET HTTP/2we20.mycima.cc/uploads/avatars/avatar795-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 120x120, components 3\012- data Hash8d40b6ddc977a84433c3df9117e5e5ed b6502d175ff51f1fa47545cbb7dda578e0197349 34d406af254166de7eaf86cd6754a1a74ea12070ed90d1b9390ed0fce2f10f0f
GET /uploads/avatars/avatar795-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:03 GMT
content-type: image/jpeg
last-modified: Sun, 13 Nov 2022 20:45:32 GMT
accept-ranges: bytes
content-length: 4805
date: Sun, 17 Sep 2023 12:48:03 GMT
X-Firefox-Spdy: h2
|
|
| netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 | 104.18.11.207 | 200 OK | 64 kB |
URL GET HTTP/3netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 IP 104.18.11.207:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data Hash4b5a84aaf1c9485e060c503a0ff8cadb 574ea2698c03ae9477db2ea3baf460ee32f1a7ea 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
GET /font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://netdna.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 17 Sep 2023 12:48:03 GMT
content-type: font/woff2
content-length: 64464
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 06/09/2022 10:24:04
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 15435a3ac7101f4ad685087d333d146a
cdn-cache: HIT
cf-cache-status: HIT
age: 52142
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 808176185de856a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | | 472 B |
IP 142.250.74.131:0
Hash204dc4508682430cea131c8edf8cc1ac 77d2dc085cc97e91bfc621387d0b4ca92fc02851 5ab39ba246261d0207aeab582b9782c48a915b3272c3b1daafb171de9b987478
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 12:48:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js | 104.18.11.207 | 200 OK | 40 kB |
URL GET HTTP/2netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js IP 104.18.11.207:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File typeASCII text, with very long lines (31650) Hashabda843684d022f3bc22bc83927fe05f 26908395e7a9a4eab607d80aa50a81d65f3017cb 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
GET /bootstrap/3.2.0/js/bootstrap.min.js HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 17 Sep 2023 12:48:02 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 11/03/2021 03:23:08
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 0b7e42ce5c8ad95295886cdcce8be1f4
cdn-cache: HIT
cf-cache-status: HIT
age: 20851278
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8081760f3fbb569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | | 472 B |
IP 142.250.74.131:0
Hash204dc4508682430cea131c8edf8cc1ac 77d2dc085cc97e91bfc621387d0b4ca92fc02851 5ab39ba246261d0207aeab582b9782c48a915b3272c3b1daafb171de9b987478
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 12:48:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| my.rtmark.net/gid.js | 139.45.195.8 | 200 OK | 65 B |
IP 139.45.195.8:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintB4:02:64:AF:5C:AB:27:5B:1B:80:CF:C8:FF:EB:BF:43:29:C3:C5:C1 ValidityTue, 25 Jul 2023 06:29:27 GMT - Mon, 23 Oct 2023 06:29:26 GMT
File typeJSON data\012- , ASCII text Hashf1b36cd2b2a6d1b7e24754680d5b0357 323a3f24170b89781803c778798dfc37abacb475 1b6c4571eaf69c30920fce67fdbdcf8a9e64a5eb3323dc9846f1ceb27fc4d690
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://we20.mycima.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=e5b077e21ac240c684b93eaba21d6b62; expires=Mon, 16 Sep 2024 12:48:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 104.18.14.101 | | 471 B |
IP 104.18.14.101:0
Hash7df90fcc6b36f4b949ff35e370871c35 1de826eaa2fb8d1f77c3c2d82ab4faaca0a639f9 961082493f092bcc1175d812f6ee5da8d27d935339f27413235e3ca4d498dc94
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 17 Sep 2023 12:48:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 17 Sep 2023 03:49:37 GMT
Expires: Sun, 24 Sep 2023 03:49:36 GMT
Etag: "1de826eaa2fb8d1f77c3c2d82ab4faaca0a639f9"
Cache-Control: max-age=573232,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8081761d3a4756c3-OSL
|
|
| tzegilo.com/stattag.js | 104.21.6.68 | 200 OK | 7.4 kB |
IP 104.21.6.68:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerGoogle Trust Services LLC Subjecttzegilo.com Fingerprint42:15:A6:1F:C2:2C:D5:FF:32:2C:B9:6C:84:A6:86:63:B0:45:C5:20 ValidityMon, 07 Aug 2023 17:09:01 GMT - Sun, 05 Nov 2023 17:09:00 GMT
File typeASCII text, with very long lines (18369) Hash89e89aea544ea2785d49cc4cd9cf26f6 7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b 86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
etag: W/"64f987a8-4a4b"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQ82o%2FyjVr6YOoKdJBIbazE2wQYXGbruPigYsplMH2UjfPlArnfsZ8cs1oYrFZj3oYFF0TVKaOU6MsOtdUqVtFV8X61fhXNNT8GyHEKFjXIrm7xtYZlNp92oJNXMcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8081761b2c3156cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/templates/3arbserv/img/pm-avatar.png | 146.19.24.15 | 200 OK | 2.1 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/img/pm-avatar.png IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typePNG image data, 140 x 140, 8-bit colormap, non-interlaced\012- data Hashbe7a1517b84d3548fdb863e78c72a3fe 91a88cc99f02e7ed22274fc3a6f42c6a3148ef0d bd2021d52dbb110212c08885e0dab9580282334d6f1d1e50b8da0270ce8c475e
GET /templates/3arbserv/img/pm-avatar.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:04 GMT
content-type: image/png
last-modified: Tue, 19 Apr 2016 15:56:34 GMT
accept-ranges: bytes
content-length: 2135
date: Sun, 17 Sep 2023 12:48:04 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/85620f8be-1.jpg | 146.19.24.15 | 200 OK | 28 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/85620f8be-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data Hashd0f1b6f789de005946a66ba7aa8b0b17 c39bcacf07b45bca75480337780554c2fd5acbff bbdafadd5fa2fdaf167a3b38c6704c33b0b93b45e83e1e24c5d2ef0cb08385a3
GET /uploads/thumbs/85620f8be-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:04 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 11:50:29 GMT
accept-ranges: bytes
content-length: 28116
date: Sun, 17 Sep 2023 12:48:04 GMT
X-Firefox-Spdy: h2
|
|
| goomaphy.com/401/6219621 | 139.45.197.239 | 200 OK | 36 kB |
IP 139.45.197.239:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectgoomaphy.com FingerprintC3:74:51:BB:A3:86:76:B1:BF:E9:5F:7B:8B:6D:B9:FA:A5:A9:BF:88 ValidityFri, 25 Aug 2023 05:21:05 GMT - Thu, 23 Nov 2023 05:21:04 GMT
File typegzip compressed data, max speed, from Unix\012- data Hashc3d6b77e21c46eb78aac9f64a856d8c7 2ad0c1cbb28cce358414dad0472d30b662bd1669 73354a7d392422fe63ab5a324e136ca997de02aaa44654ca4b6c0145aad3b5ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /401/6219621 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/javascript
x-trace-id: cab337d3dbabdb0c8fead7f2e1e1dd5b
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=48a4ac2ee8be4a2eb91081f69aa972b2; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/articles/b545ee1d.jpg | 146.19.24.15 | 200 OK | 42 kB |
URL GET HTTP/2we20.mycima.cc/uploads/articles/b545ee1d.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 315x420, components 3\012- data Hash0de527b05f11acb3db3ddc7f372e611b b4d78ff7fb1474a85ee5836946bb65cf53a72739 e97d826c0676876d0793dda72d1642013cacf817cd9bdc1dd68db5769a5125ad
GET /uploads/articles/b545ee1d.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:04 GMT
content-type: image/jpeg
last-modified: Sun, 28 May 2023 09:00:29 GMT
accept-ranges: bytes
content-length: 42125
date: Sun, 17 Sep 2023 12:48:04 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/1118b8d36-1.jpg | 146.19.24.15 | 200 OK | 46 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/1118b8d36-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data Hashc884f6ed155c56eb95238ea0ee044d0f c674b9ebe7a701c1d032272cc8b2169b28c09d12 40ca90c3f195b7bd6b067d1bbe46e3e28114f512d009470ccc868cd8d3fea828
GET /uploads/thumbs/1118b8d36-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:04 GMT
content-type: image/jpeg
last-modified: Sun, 30 Apr 2023 15:36:38 GMT
accept-ranges: bytes
content-length: 45895
date: Sun, 17 Sep 2023 12:48:04 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/f9e238ab0-1.jpg | 146.19.24.15 | 200 OK | 86 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/f9e238ab0-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data Hash0faef4b2d0a328bd093c3d2f200627d0 4c1c5e2e0b38129229c0d430ffd80d8b5a358946 2e39d3cab8e4a4404bbdcd4a9d256203b4a2133c7996dfbaf98e8ad3973504f5
GET /uploads/thumbs/f9e238ab0-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:04 GMT
content-type: image/jpeg
last-modified: Mon, 08 May 2023 17:20:39 GMT
accept-ranges: bytes
content-length: 86039
date: Sun, 17 Sep 2023 12:48:04 GMT
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg | 104.22.33.172 | 200 OK | 13 kB |
URL GET HTTP/2offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg IP 104.22.33.172:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0 ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data Hash1355aa125a385056845e0ee1d5384e9a cfa5fd1b2dd6b299c0aecdf19fec3532ce4392ea 248797fff982ee400ab78ff6831182372f9ef8a6916364192ca0f30556577733
GET /www/images/1355aa125a385056845e0ee1d5384e9a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: image/jpeg
content-length: 13093
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849b-3325"
expires: Mon, 18 Sep 2023 11:34:12 GMT
last-modified: Thu, 01 Dec 2022 10:40:27 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4432
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8081761e9c8509ac-ARN
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/e2e6838e9-1.jpg | 146.19.24.15 | 200 OK | 32 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/e2e6838e9-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x384, components 3\012- data Hash91ec128a0073110233da7b6e11742d90 f80ee7e7b8f85b8fc1a0b48fae82364b705b7fc5 8ca4d6632c22376f1faa3cf91481f4c12bcb023cf6d5e2419c656b767fbcc205
GET /uploads/thumbs/e2e6838e9-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:05 GMT
content-type: image/jpeg
last-modified: Sat, 29 Apr 2023 18:38:54 GMT
accept-ranges: bytes
content-length: 31691
date: Sun, 17 Sep 2023 12:48:05 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/658dd66ef-1.jpg | 146.19.24.15 | 200 OK | 58 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/658dd66ef-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data Hash4b31ace36746b98bf6f7eace5e801f48 edb2cffedffdc1d10c582ad10b81c614ac6d58e2 33c51680f3edd13ca38af9a8bb33bc2eebdd60c2d86e9fb23b3e8fb244af4aea
GET /uploads/thumbs/658dd66ef-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:05 GMT
content-type: image/jpeg
last-modified: Sun, 27 Aug 2023 19:23:13 GMT
accept-ranges: bytes
content-length: 58003
date: Sun, 17 Sep 2023 12:48:05 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/d38e1743c-1.jpg | 146.19.24.15 | 200 OK | 50 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/d38e1743c-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x480, components 3\012- data Hashf4a50033895407e2d7eb26f696b61f54 0634c594d612af5beb935cd4077e9d45d1cccaa7 6317cdd06942692f544a0f793f3c39bdcd1b8cb4dd6f3f182ebc403e1659e73f
GET /uploads/thumbs/d38e1743c-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:05 GMT
content-type: image/jpeg
last-modified: Sat, 06 May 2023 17:03:35 GMT
accept-ranges: bytes
content-length: 49925
date: Sun, 17 Sep 2023 12:48:05 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/07fc7a97b-1.jpg | 146.19.24.15 | 200 OK | 51 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/07fc7a97b-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data Hashb2b0638af77164cf482c3f7325efd3cf a4feda8561d3c105549d329bd31a29aab780bdbc e380b73387528ee303eadd1e2933fb201dede118fd442957d18a4a183da285bb
GET /uploads/thumbs/07fc7a97b-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:05 GMT
content-type: image/jpeg
last-modified: Sat, 29 Apr 2023 18:25:50 GMT
accept-ranges: bytes
content-length: 50780
date: Sun, 17 Sep 2023 12:48:05 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/c751cdafa-1.jpg | 146.19.24.15 | 200 OK | 44 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/c751cdafa-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x378, components 3\012- data Hash3fd7631c0ffaf56adeea417ae3eae3f3 b923a0fb0f5f05939e966e7bdb6968462798a90f d4c02ae1a7300d043bbefc1f7de483cda38bf7c2daf971d40257fb36d9489f15
GET /uploads/thumbs/c751cdafa-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:05 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 11:55:04 GMT
accept-ranges: bytes
content-length: 44247
date: Sun, 17 Sep 2023 12:48:05 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/0202e0ce0-1.jpg | 146.19.24.15 | 200 OK | 37 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/0202e0ce0-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x420, components 3\012- data Hashfb5e36c77e6170aefd193a916a40f7bc 0c3d58f9c554cfba405405d31d2d16d10762a6d3 79c11967190356a4083a56163aee20300964a2473dd49a071a7e33b415b9d7bd
GET /uploads/thumbs/0202e0ce0-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:06 GMT
content-type: image/jpeg
last-modified: Sat, 06 May 2023 16:50:08 GMT
accept-ranges: bytes
content-length: 37070
date: Sun, 17 Sep 2023 12:48:06 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/efd491773-1.jpg | 146.19.24.15 | 200 OK | 35 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/efd491773-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x496, components 3\012- data Hashc9f6c6f02798ed6572232b01b329d45b 5968ba3c98647af3b25389f8901de28fd9eb6f9f fe1057a78381504d25cd5aa26a9d895e6abc3e701523788162ac1a4ab81244f7
GET /uploads/thumbs/efd491773-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:06 GMT
content-type: image/jpeg
last-modified: Sat, 29 Apr 2023 18:19:41 GMT
accept-ranges: bytes
content-length: 34637
date: Sun, 17 Sep 2023 12:48:06 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/d5a475040-1.jpg | 146.19.24.15 | 200 OK | 54 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/d5a475040-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x412, components 3\012- data Hash44299c9684969fa32d8b9ebb557d82b9 59135b015e29999083b97ccba3e5d0ed5cd294b9 b9130eb3f68cf2db43718a60a8dd2239aa2b17b6296d5a8a4404961be1469c2f
GET /uploads/thumbs/d5a475040-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:06 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 18:27:15 GMT
accept-ranges: bytes
content-length: 53560
date: Sun, 17 Sep 2023 12:48:06 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/3218e9be0-1.jpg | 146.19.24.15 | 200 OK | 65 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/3218e9be0-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 853x480, components 3\012- data Hash5e987a4e2ad2966bc9721e54f0905470 5c4f7ac27fec56e19401e495ab7806ef6afaa66b 3b09a306d174d37c0fd8b127dbcf861ecf1ed6736a6cbf4e89022cbd8a590a13
GET /uploads/thumbs/3218e9be0-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:06 GMT
content-type: image/jpeg
last-modified: Sat, 06 May 2023 17:08:35 GMT
accept-ranges: bytes
content-length: 64945
date: Sun, 17 Sep 2023 12:48:06 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/b4cdd28ff-1.jpg | 146.19.24.15 | 200 OK | 34 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/b4cdd28ff-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data Hash1f7fcb4d8ff6752bed06f169b7a8ca31 feb7c063d91a05b5b1b29f8c2f8fd67a900f3f49 07a2a854c08f28cf3332f2971a2138a62ba0ed9812b4c5a1114cc9ce590f0eb1
GET /uploads/thumbs/b4cdd28ff-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:06 GMT
content-type: image/jpeg
last-modified: Sun, 30 Apr 2023 15:42:51 GMT
accept-ranges: bytes
content-length: 34445
date: Sun, 17 Sep 2023 12:48:06 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/2bd07ab06-1.jpg | 146.19.24.15 | 200 OK | 56 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/2bd07ab06-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data Hash571da45b4991ceaa9511e94ecaa51c10 1479a7e641948d7eb8cf26c9fee1213dd81e5d28 797871cecff105afb5fe1bfd9d7f6cadae6e2b5fab4dc832f039be6d3a51f196
GET /uploads/thumbs/2bd07ab06-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:07 GMT
content-type: image/jpeg
last-modified: Tue, 16 May 2023 17:35:46 GMT
accept-ranges: bytes
content-length: 56072
date: Sun, 17 Sep 2023 12:48:07 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/bbd21def8-1.jpg | 146.19.24.15 | 200 OK | 69 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/bbd21def8-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data Hashf1416f40fe61a3b0e6ff4af380cead96 148495233ea5921775332fbe584674c935e33b8d f1805401c37b916bd327d8ffbb8111a44a660828f4a3e5a1d6443d6a8a391ec0
GET /uploads/thumbs/bbd21def8-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:07 GMT
content-type: image/jpeg
last-modified: Sat, 29 Apr 2023 18:52:40 GMT
accept-ranges: bytes
content-length: 68686
date: Sun, 17 Sep 2023 12:48:07 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/bedba2d4b-1.jpg | 146.19.24.15 | 200 OK | 29 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/bedba2d4b-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 719x479, components 3\012- data Hashf5c1ca65e6bc49a5e7911e3e1f3a2256 4a7e3155adfca4f467d4f7c959b6663a85f7da1a 311914a8ad4cde15e7473c06f6b4fb4c390da8afbed043f823037493022c7334
GET /uploads/thumbs/bedba2d4b-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:07 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 12:01:30 GMT
accept-ranges: bytes
content-length: 29175
date: Sun, 17 Sep 2023 12:48:07 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/73d8f565b-1.jpg | 146.19.24.15 | 200 OK | 18 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/73d8f565b-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data Hash3f3e443dc1e1ddf213b482c03c7fa51e 60f0d515aadd86fea185df5a49257a4ffa7d5331 a692f073e1ec3cc26f2608acf71e92cabed3e39733c38b0c6e3a042cd4c0f4ae
GET /uploads/thumbs/73d8f565b-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:07 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 10:53:04 GMT
accept-ranges: bytes
content-length: 18037
date: Sun, 17 Sep 2023 12:48:07 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/0c0cd386c-1.jpg | 146.19.24.15 | 200 OK | 35 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/0c0cd386c-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x432, components 3\012- data Hashe103e5d079e390c68b74c39e7ff0ab24 8a52b5e6c7c89ad29b1c1e915267c2466a21e351 f590e67e360049325f6734a261dbe881cb9c5ecece6df0ef1580beb5cd3ece4a
GET /uploads/thumbs/0c0cd386c-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:07 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 12:14:58 GMT
accept-ranges: bytes
content-length: 35139
date: Sun, 17 Sep 2023 12:48:07 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/templates/3arbserv/js/theme.js | 146.19.24.15 | 200 OK | 14 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/js/theme.js IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeUnicode text, UTF-8 text, with very long lines (5357), with CRLF line terminators Hashd8176b4cb2798d51558fe707c55d7fbb 2d49a0b8afb91121d20469c210566fb8d21e82d6 497a2c9b733f23e5ec7ba08698be68a7cc7c121213e78be6a9db5ceb3943b8c9
GET /templates/3arbserv/js/theme.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:08 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2019 08:11:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13546
date: Sun, 17 Sep 2023 12:48:08 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/templates/3arbserv/js/jquery.plugins.a.js | 146.19.24.15 | 200 OK | 3.3 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/js/jquery.plugins.a.js IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeASCII text, with very long lines (5325), with CRLF line terminators Hashd30d39ea7362e56afcdb14c1919e36b6 3d8ad768ea89003210bea45e8aacd038bae1ecf1 a01674489d3ae093a5909246b27d46e09a6f49bc6834094f5febfa056910e0e5
GET /templates/3arbserv/js/jquery.plugins.a.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:08 GMT
content-type: application/javascript
last-modified: Tue, 05 Mar 2019 09:42:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3303
date: Sun, 17 Sep 2023 12:48:08 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/js/jquery.typewatch.js | 146.19.24.15 | 200 OK | 767 B |
URL GET HTTP/2we20.mycima.cc/js/jquery.typewatch.js IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeASCII text, with very long lines (1440) Hash6915a93382a7b35f40987fd648b43f9d b78c77cc774594df414a7b1fb99c28083d85bb80 1836dba8922ca00f9ac170122f314b2cd7bbb2eba09c73d8bce215597bd9cd2b
GET /js/jquery.typewatch.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:08 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2019 13:34:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 767
date: Sun, 17 Sep 2023 12:48:08 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/b064231a2-1.jpg | 146.19.24.15 | 200 OK | 20 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/b064231a2-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x405, components 3\012- data Hash7fced2a729d516e6e941bfe9b23e9736 5d6406f06b71d4bab2c5d2b3c6c77ab7ac6d6459 2754130bcd959eb1c6f659d69eb65e3f341aa7deab0aad8071732f9e4fd79198
GET /uploads/thumbs/b064231a2-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:08 GMT
content-type: image/jpeg
last-modified: Thu, 04 May 2023 11:23:04 GMT
accept-ranges: bytes
content-length: 20353
date: Sun, 17 Sep 2023 12:48:08 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/666fcd1a3-1.jpg | 146.19.24.15 | 200 OK | 20 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/666fcd1a3-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 719x359, components 3\012- data Hash921d5bb0e2584d35d2626ec1c5799e1c 04fb3e1f8213cb7bcb08e69d9a0bbd2fdac5bb69 e1eaf14eba43053543c2e08655d0002fb3a5750771931a269bb771292b7910bc
GET /uploads/thumbs/666fcd1a3-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:08 GMT
content-type: image/jpeg
last-modified: Sat, 06 May 2023 16:59:22 GMT
accept-ranges: bytes
content-length: 19712
date: Sun, 17 Sep 2023 12:48:08 GMT
X-Firefox-Spdy: h2
|
|
| goomaphy.com/impression/nIvrcIG5viI9d4ppA3bNxE00fysMNA2CZa_fOlU3p784AVI4T8srP4KXiiVSPhjpaFVXftyeUOOBGIBmFKp1hoQzcPT8Af8Udjb7KRBwL3jN1jQxySeSlz9Z0RlG-ithoo2cFBx8MQH2-vd2s0nzWOGocPY86yO-0e47kFVKv-A2J1-VG2WbAPllq6BQ1Wv0Xa07LHHpa68Iq4e9QqfAB4oObViRWUHCALF5hiteyrDqtXfv3vFSsEWfaK_vKc4dBus2s-ZkYbfH45rlr9YleWNc9easGZglZ38MVyzY8qspV-SYiug-dPPAW1XhZRcT1QWKNbBFeOsfqKR_ewQ4VkaWTNUZ-1mLtJDZienLIsA8OSBBSuDoXoKXuQG1SIuSrBPOOhveErqNp4i5Edb7bBk5DLhH4N2tpLfz_GpaMCfWTccO9dKF5MJkrS9dxID-gK6ooe_ZlcpGmTyPElu-sNIR4WW3DmtcG3IoK8IDm-pk-sIUvsFZJROmNPwheDpHMFzXjBIEMBKR_ynJrcsD_6TSQqbHYPlhS7OGpNrypwo3771pE3yMg_s7aVSIGheBHEx9fPFc98YhyfKMg2QYPQ==?_z=6219621&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0 | 139.45.197.239 | 200 OK | 43 B |
URL GET HTTP/2goomaphy.com/impression/nIvrcIG5viI9d4ppA3bNxE00fysMNA2CZa_fOlU3p784AVI4T8srP4KXiiVSPhjpaFVXftyeUOOBGIBmFKp1hoQzcPT8Af8Udjb7KRBwL3jN1jQxySeSlz9Z0RlG-ithoo2cFBx8MQH2-vd2s0nzWOGocPY86yO-0e47kFVKv-A2J1-VG2WbAPllq6BQ1Wv0Xa07LHHpa68Iq4e9QqfAB4oObViRWUHCALF5hiteyrDqtXfv3vFSsEWfaK_vKc4dBus2s-ZkYbfH45rlr9YleWNc9easGZglZ38MVyzY8qspV-SYiug-dPPAW1XhZRcT1QWKNbBFeOsfqKR_ewQ4VkaWTNUZ-1mLtJDZienLIsA8OSBBSuDoXoKXuQG1SIuSrBPOOhveErqNp4i5Edb7bBk5DLhH4N2tpLfz_GpaMCfWTccO9dKF5MJkrS9dxID-gK6ooe_ZlcpGmTyPElu-sNIR4WW3DmtcG3IoK8IDm-pk-sIUvsFZJROmNPwheDpHMFzXjBIEMBKR_ynJrcsD_6TSQqbHYPlhS7OGpNrypwo3771pE3yMg_s7aVSIGheBHEx9fPFc98YhyfKMg2QYPQ==?_z=6219621&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0 IP 139.45.197.239:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectgoomaphy.com FingerprintC3:74:51:BB:A3:86:76:B1:BF:E9:5F:7B:8B:6D:B9:FA:A5:A9:BF:88 ValidityFri, 25 Aug 2023 05:21:05 GMT - Thu, 23 Nov 2023 05:21:04 GMT
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impression/nIvrcIG5viI9d4ppA3bNxE00fysMNA2CZa_fOlU3p784AVI4T8srP4KXiiVSPhjpaFVXftyeUOOBGIBmFKp1hoQzcPT8Af8Udjb7KRBwL3jN1jQxySeSlz9Z0RlG-ithoo2cFBx8MQH2-vd2s0nzWOGocPY86yO-0e47kFVKv-A2J1-VG2WbAPllq6BQ1Wv0Xa07LHHpa68Iq4e9QqfAB4oObViRWUHCALF5hiteyrDqtXfv3vFSsEWfaK_vKc4dBus2s-ZkYbfH45rlr9YleWNc9easGZglZ38MVyzY8qspV-SYiug-dPPAW1XhZRcT1QWKNbBFeOsfqKR_ewQ4VkaWTNUZ-1mLtJDZienLIsA8OSBBSuDoXoKXuQG1SIuSrBPOOhveErqNp4i5Edb7bBk5DLhH4N2tpLfz_GpaMCfWTccO9dKF5MJkrS9dxID-gK6ooe_ZlcpGmTyPElu-sNIR4WW3DmtcG3IoK8IDm-pk-sIUvsFZJROmNPwheDpHMFzXjBIEMBKR_ynJrcsD_6TSQqbHYPlhS7OGpNrypwo3771pE3yMg_s7aVSIGheBHEx9fPFc98YhyfKMg2QYPQ==?_z=6219621&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Cookie: OAID=e5b077e21ac240c684b93eaba21d6b62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:09 GMT
content-type: image/gif
content-length: 43
x-trace-id: b175ca3f4380d916914771ed98908f5a
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg | 104.22.33.172 | 200 OK | 13 kB |
URL GET HTTP/2offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg IP 104.22.33.172:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0 ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data Hash1355aa125a385056845e0ee1d5384e9a cfa5fd1b2dd6b299c0aecdf19fec3532ce4392ea 248797fff982ee400ab78ff6831182372f9ef8a6916364192ca0f30556577733
GET /www/images/1355aa125a385056845e0ee1d5384e9a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 17 Sep 2023 12:48:09 GMT
content-type: image/jpeg
content-length: 13093
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849b-3325"
expires: Mon, 18 Sep 2023 11:34:12 GMT
last-modified: Thu, 01 Dec 2022 10:40:27 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4437
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8081763ab97209ac-ARN
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700 | 142.250.74.106 | 200 OK | 17 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700 IP 142.250.74.106:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38 ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT
File typegzip compressed data, max compression\012- data Hashfcc7ee5678541adea03770b8cfafd146 e5d4c9d76cabeef9e8faa14ff0ed07bd097396fc 1474e26a5116379d3fa3f65cec9f195f0d826c24891a55a15f39c92dae12405d
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 17 Sep 2023 12:48:09 GMT
date: Sun, 17 Sep 2023 12:48:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 216.58.207.227:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 14 Sep 2023 04:50:55 GMT
expires: Fri, 13 Sep 2024 04:50:55 GMT
cache-control: public, max-age=31536000
age: 287834
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/js/bootstrap-notify.min.js | 146.19.24.15 | 200 OK | 2.5 kB |
URL GET HTTP/2we20.mycima.cc/js/bootstrap-notify.min.js IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeHTML document, ASCII text, with very long lines (595) Hash5ba070af9d1b1a2782851940de30879f d33390fc88bf68bd23eb182d7dbc77f5227081b2 a13a07b242c80b57e0cbbacc6cfedb538d4d331ff1f9dff370519ec57407e450
GET /js/bootstrap-notify.min.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:09 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2019 13:34:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2489
date: Sun, 17 Sep 2023 12:48:09 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/js/melody.dev.js | 146.19.24.15 | 200 OK | 4.0 kB |
URL GET HTTP/2we20.mycima.cc/js/melody.dev.js IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
Hashe238acf58475d3cdb95d614582134b24 b13c1da1f5254cb14f4f187bd5174ed0feb08a23 f3a4cbf3a8090b121a0d6d6dd8feda9f92831cdb5a070a7eb9ef58234c1f4eab
GET /js/melody.dev.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:09 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2019 13:34:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4004
date: Sun, 17 Sep 2023 12:48:09 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/templates/3arbserv/js/melody.dev.js | 146.19.24.15 | 200 OK | 2.1 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/js/melody.dev.js IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeASCII text, with CRLF line terminators Hashc3bde81760af5b3df4d0c56ba06a0fca ecf2f46def386ad8f62fad28edc36c8440f339cc c6f149f7dcbe38ff7b1391b1fab3462f06309f79df7bf9135ba1e75b13189af8
GET /templates/3arbserv/js/melody.dev.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:09 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2019 08:11:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2135
date: Sun, 17 Sep 2023 12:48:09 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/templates/3arbserv/js/jasny-bootstrap.min.js | 146.19.24.15 | 200 OK | 5.0 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/js/jasny-bootstrap.min.js IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeASCII text, with very long lines (343) Hashf6b6e524d29d54ada53e4172b9d91cf7 427153c7a2d83d2ca800e397779f29b857801ad2 e7ad856551c720cb7c6a24a8bf4a9d6b6b24c24f07109cde96366338e53a4ff8
GET /templates/3arbserv/js/jasny-bootstrap.min.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:09 GMT
content-type: application/javascript
last-modified: Wed, 20 Apr 2016 07:26:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4986
date: Sun, 17 Sep 2023 12:48:09 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/templates/3arbserv/js/jquery.plugins.b.js | 146.19.24.15 | 200 OK | 3.6 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/js/jquery.plugins.b.js IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeUnicode text, UTF-8 text, with very long lines (5838), with CRLF line terminators Hash443045e7fcb603ba92e473b0ec11d2b2 8d9dd41c01b0f2738d6bd1a3984095570bbeb0df 8084ff37c531acc28e0fa45ecb19d9a3c846a91f1b2e101801a9dada0cd31702
GET /templates/3arbserv/js/jquery.plugins.b.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:09 GMT
content-type: application/javascript
last-modified: Tue, 05 Mar 2019 09:45:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3596
date: Sun, 17 Sep 2023 12:48:09 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/templates/3arbserv/js/jquery.readmore.js | 146.19.24.15 | 200 OK | 1.1 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/js/jquery.readmore.js IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeHTML document, ASCII text, with very long lines (531), with CRLF line terminators Hash081fe3d90aad9b9f11e4b1c0569530df ff566498ce6f25f4a3b28c0e2bb92b6b86fea6ed 98e825583e6fb4f7e8a65f9063fb7ea2d34aee8f9aa480dfee285ea27f4fca02
GET /templates/3arbserv/js/jquery.readmore.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:10 GMT
content-type: application/javascript
last-modified: Thu, 29 Oct 2015 08:29:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1147
date: Sun, 17 Sep 2023 12:48:10 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/templates/3arbserv/js/jquery.cropit.js | 146.19.24.15 | 200 OK | 6.6 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/js/jquery.cropit.js IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeASCII text, with very long lines (27266) Hashcd82e0edbcecf087be901e8e7ed0d035 2cedce9f87501152efa36eb1949d95c0ca4ff200 b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840
GET /templates/3arbserv/js/jquery.cropit.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:10 GMT
content-type: application/javascript
last-modified: Tue, 07 Mar 2017 13:47:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6593
date: Sun, 17 Sep 2023 12:48:10 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/uploads/thumbs/ac5bcf622-1.jpg | 146.19.24.15 | 200 OK | 46 kB |
URL GET HTTP/2we20.mycima.cc/uploads/thumbs/ac5bcf622-1.jpg IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 720x404, components 3\012- data Hashd9f516fc9b214e9076e653d4b5398a2f 680740e3d25f40663dc1c9bae4d7ad3f1820bc45 44cc7c473b7d494743760d38adc53d3e697aa76e9af2ffb18da45e4d84c6547c
GET /uploads/thumbs/ac5bcf622-1.jpg HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:10 GMT
content-type: image/jpeg
last-modified: Sun, 28 May 2023 09:00:26 GMT
accept-ranges: bytes
content-length: 45612
date: Sun, 17 Sep 2023 12:48:10 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/templates/3arbserv/img/icon-play-32.png | 146.19.24.15 | 200 OK | 2.4 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/img/icon-play-32.png IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Hash35bd95e97ff446debcc363482550378d 91c8d90e0524e5346aa4f3ae0806893db5d95959 eee224146191f9cc5fabac0a105fe5b9b34750f8afe16823dbb593259d8a1d75
GET /templates/3arbserv/img/icon-play-32.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/templates/3arbserv/css/echo.css
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:10 GMT
content-type: image/png
last-modified: Sat, 05 Mar 2022 10:18:44 GMT
accept-ranges: bytes
content-length: 2413
date: Sun, 17 Sep 2023 12:48:10 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/templates/3arbserv/js/jquery.readmore.js | 146.19.24.15 | 200 OK | 1.1 kB |
URL GET HTTP/2we20.mycima.cc/templates/3arbserv/js/jquery.readmore.js IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeHTML document, ASCII text, with very long lines (531), with CRLF line terminators Hash081fe3d90aad9b9f11e4b1c0569530df ff566498ce6f25f4a3b28c0e2bb92b6b86fea6ed 98e825583e6fb4f7e8a65f9063fb7ea2d34aee8f9aa480dfee285ea27f4fca02
GET /templates/3arbserv/js/jquery.readmore.js HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D; prefetchAd_6205538=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 16 Sep 2024 12:48:10 GMT
content-type: application/javascript
last-modified: Thu, 29 Oct 2015 08:29:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1147
date: Sun, 17 Sep 2023 12:48:10 GMT
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 86 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c IP 142.250.74.168:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12 ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT
File typeASCII text, with very long lines (3034) Hash8b016179bab28c03e0dc5a5e64cc6623 a97e27fe92ae28ac1e6e2c4fa2199a279059f0b8 ace974f9528818690bed82894e728a409f20bdb2d174351c70edc7eabd4075aa
GET /gtag/js?id=G-VSQY3XNP44&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 17 Sep 2023 12:48:11 GMT
expires: Sun, 17 Sep 2023 12:48:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85517
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| we20.mycima.cc/favicons/android-icon-192x192.png | 146.19.24.15 | 200 OK | 22 kB |
URL GET HTTP/2we20.mycima.cc/favicons/android-icon-192x192.png IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Hashdcf7d645053c0bb7e0edd25960004324 5951f5ffde7d819e499f69540b0d95cc39d0a8bd ce2f656adb31855d7886fbcf54add26d85fe22f49a1712cde1779bc905384700
GET /favicons/android-icon-192x192.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D; prefetchAd_6205538=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 13:43:53 GMT
accept-ranges: bytes
content-length: 22310
date: Sun, 17 Sep 2023 12:48:11 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/favicons/favicon-16x16.png | 146.19.24.15 | 200 OK | 1.0 kB |
URL GET HTTP/2we20.mycima.cc/favicons/favicon-16x16.png IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Hash2f9e3795889ec567bbb1124b6b1f73c8 1587f8e10111dda099a9453850224807334ec44b c994effa2226581104a4963c1c0ced8b6009e06a8ac49b4cdb09ce1c84443a65
GET /favicons/favicon-16x16.png HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D; prefetchAd_6205538=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
expires: Tue, 17 Oct 2023 12:48:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 13:44:34 GMT
accept-ranges: bytes
content-length: 1017
date: Sun, 17 Sep 2023 12:48:11 GMT
X-Firefox-Spdy: h2
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f | 139.45.195.254 | 200 OK | 12 B |
URL POST HTTP/1.1fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f IP 139.45.195.254:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerSectigo Limited Subjectfleraprt.com FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9 ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash6949f52318584a4b51c719a9b84a7287 9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905 72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1366
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 17 Sep 2023 12:49:28 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://we20.mycima.cc
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| goomaphy.com/500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0 | 139.45.197.239 | 200 OK | 1.3 kB |
URL GET HTTP/2goomaphy.com/500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0 IP 139.45.197.239:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectgoomaphy.com FingerprintC3:74:51:BB:A3:86:76:B1:BF:E9:5F:7B:8B:6D:B9:FA:A5:A9:BF:88 ValidityFri, 25 Aug 2023 05:21:05 GMT - Thu, 23 Nov 2023 05:21:04 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1274), with no line terminators Hash6e17b7d85332b8804d3538b9f1b3b185 9bcee71fa5c6b62949b503394a4b113f35e22dc3 5ac25691e6ceb9935cef5615af2be526de5e2dd50bcc04c98458c2a4e7aba3aa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Cookie: OAID=48a4ac2ee8be4a2eb91081f69aa972b2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/javascript
x-trace-id: a20e6bbabd7bb33dbdf8f51e67088a17
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://we20.mycima.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=e5b077e21ac240c684b93eaba21d6b62; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| goomaphy.com/500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0 | 139.45.197.239 | 200 OK | 0 B |
URL OPTIONS HTTP/2goomaphy.com/500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0 IP 139.45.197.239:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectgoomaphy.com FingerprintC3:74:51:BB:A3:86:76:B1:BF:E9:5F:7B:8B:6D:B9:FA:A5:A9:BF:88 ValidityFri, 25 Aug 2023 05:21:05 GMT - Thu, 23 Nov 2023 05:21:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/6219621?excludes=&oaid=e5b077e21ac240c684b93eaba21d6b62&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=5&sw_version=v1.298.0 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://we20.mycima.cc/
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://we20.mycima.cc
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| augailou.com/5/6205538/?abt_opts=1&js_build=iclick-v1.599.0&userId=e5b077e21ac240c684b93eaba21d6b62 | 139.45.197.243 | 200 OK | 2.8 kB |
URL GET HTTP/2augailou.com/5/6205538/?abt_opts=1&js_build=iclick-v1.599.0&userId=e5b077e21ac240c684b93eaba21d6b62 IP 139.45.197.243:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectaugailou.com FingerprintB9:7E:0E:C7:F9:64:DD:50:AA:09:D2:00:44:48:A2:F6:11:81:7B:11 ValidityWed, 09 Aug 2023 05:27:59 GMT - Tue, 07 Nov 2023 05:27:58 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3000), with no line terminators Hash15d4081207c396c35903d529abe67c37 84ec287352de80de8c7e8a2b494ddb0307635e70 466198692d32ba869cb23179b7f6cffdd67ac146be597ebe26a34705fb2d5ce9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5/6205538/?abt_opts=1&js_build=iclick-v1.599.0&userId=e5b077e21ac240c684b93eaba21d6b62 HTTP/1.1
Host: augailou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Cookie: OAID=b1fc44b672ce4b62a72686d5608a2b19; oaidts=1694954882
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/json
x-trace-id: db4753aa8db0b5e1a7cc2931bd22ee70
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://we20.mycima.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=e5b077e21ac240c684b93eaba21d6b62; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
oaidts=1694954884; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 24 Sep 2023 12:48:04 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| augailou.com/?rb=rMlaKSI7YRG1vIMlShqwRCru5LCpCtq_kIB7ABew7EiXs4zRNaccEx9Wo1pH3utT_A-6fM0zVhTrEBFC4PKPshr5sAmfmNiWc6jeFfFwGaKg427RB4H-3axI3v3ieZNP0lZHz0uzY7-Ij1hcEP2_4oVb99PeNzZ6PRM6aPMdtj8DfcAJFrjC6792h0RbuTsVqylsWPc3-l-y0wGahTtFd8ruuhNtR0aK&request_ab2=150011&zoneid=6205538&js_build=iclick-v1.599.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.599.0&bs=44f6a01c-3672-43c4-b832-462845394783&userId=e5b077e21ac240c684b93eaba21d6b62&m=link | 139.45.197.243 | 200 OK | 2.1 kB |
URL GET HTTP/2augailou.com/?rb=rMlaKSI7YRG1vIMlShqwRCru5LCpCtq_kIB7ABew7EiXs4zRNaccEx9Wo1pH3utT_A-6fM0zVhTrEBFC4PKPshr5sAmfmNiWc6jeFfFwGaKg427RB4H-3axI3v3ieZNP0lZHz0uzY7-Ij1hcEP2_4oVb99PeNzZ6PRM6aPMdtj8DfcAJFrjC6792h0RbuTsVqylsWPc3-l-y0wGahTtFd8ruuhNtR0aK&request_ab2=150011&zoneid=6205538&js_build=iclick-v1.599.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.599.0&bs=44f6a01c-3672-43c4-b832-462845394783&userId=e5b077e21ac240c684b93eaba21d6b62&m=link IP 139.45.197.243:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectaugailou.com FingerprintB9:7E:0E:C7:F9:64:DD:50:AA:09:D2:00:44:48:A2:F6:11:81:7B:11 ValidityWed, 09 Aug 2023 05:27:59 GMT - Tue, 07 Nov 2023 05:27:58 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2165), with no line terminators Hash8ef7de37d06c541f706c60d6a489a4c7 c427ed51f34b20d449a709d57743743e008ae75e 2c67f210a187fe0468f38e1aafa4d177edcd1cfbf9124d939c7c7aec0c954d15
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?rb=rMlaKSI7YRG1vIMlShqwRCru5LCpCtq_kIB7ABew7EiXs4zRNaccEx9Wo1pH3utT_A-6fM0zVhTrEBFC4PKPshr5sAmfmNiWc6jeFfFwGaKg427RB4H-3axI3v3ieZNP0lZHz0uzY7-Ij1hcEP2_4oVb99PeNzZ6PRM6aPMdtj8DfcAJFrjC6792h0RbuTsVqylsWPc3-l-y0wGahTtFd8ruuhNtR0aK&request_ab2=150011&zoneid=6205538&js_build=iclick-v1.599.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fwe20.mycima.cc%2Fwatch.php%3Fvid%3Dac5bcf622&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.599.0&bs=44f6a01c-3672-43c4-b832-462845394783&userId=e5b077e21ac240c684b93eaba21d6b62&m=link HTTP/1.1
Host: augailou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://we20.mycima.cc/
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Cookie: OAID=e5b077e21ac240c684b93eaba21d6b62; oaidts=1694954884; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 12:48:04 GMT
content-type: application/json
x-trace-id: 41991764eb57cc4198175b70f8e546cc
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://we20.mycima.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=e5b077e21ac240c684b93eaba21d6b62; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
oaidts=1694954884; expires=Mon, 16 Sep 2024 12:48:04 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 24 Sep 2023 12:48:04 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2 | 216.58.207.227 | 200 OK | 31 kB |
URL GET HTTP/2fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2 IP 216.58.207.227:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 31248, version 1.0\012- data Hash436938da6ed799ca17110e719e4d2e51 b7ef31b6085a9f0963dffe7939abca527724d389 a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2
GET /ea/droidarabickufi/v6/DroidKufi-Regular.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 12 Sep 2023 01:50:03 GMT
expires: Wed, 11 Sep 2024 01:50:03 GMT
cache-control: public, max-age=31536000
age: 471480
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
content-type: font/woff2
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP 216.58.207.227:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we20.mycima.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 15 Sep 2023 10:05:24 GMT
expires: Sat, 14 Sep 2024 10:05:24 GMT
cache-control: public, max-age=31536000
age: 182565
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/ajax.php?p=stats&do=show&aid=2&at=1 | 146.19.24.15 | 200 OK | 42 B |
URL GET HTTP/2we20.mycima.cc/ajax.php?p=stats&do=show&aid=2&at=1 IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeGIF image data, version 89a, 1 x 1\012- data Hash9b5e8704c89f018cff215cb5ed3e0128 2a9fa3661b326c503e492b89cdd9130d12ead03d b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
GET /ajax.php?p=stats&do=show&aid=2&at=1 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
pragma: no-cache
content-type: image/gif
expires: Wed, 5 Feb 1986 06:06:06 GMT
cache-control: must-revalidate
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/ajax.php?p=stats&do=show&aid=3&at=1 | 146.19.24.15 | 200 OK | 42 B |
URL GET HTTP/2we20.mycima.cc/ajax.php?p=stats&do=show&aid=3&at=1 IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
File typeGIF image data, version 89a, 1 x 1\012- data Hash9b5e8704c89f018cff215cb5ed3e0128 2a9fa3661b326c503e492b89cdd9130d12ead03d b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
GET /ajax.php?p=stats&do=show&aid=3&at=1 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/watch.php?vid=ac5bcf622
Cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; watched_video_list=Nzk2OA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
pragma: no-cache
content-type: image/gif
expires: Wed, 5 Feb 1986 06:06:06 GMT
cache-control: must-revalidate
date: Sun, 17 Sep 2023 12:48:02 GMT
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700 | 142.250.74.106 | 200 OK | 12 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700 IP 142.250.74.106:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38 ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT
Hash06596cfa2dee431129c328e050b9fb2a 1a991c51ab2b2da5647e83f481e7d18d60a45b3b bf6fe0ffee1d57731da4d1cf3cfe88e1effa9b36c51a85018a91ed43b91c3de6
GET /css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 17 Sep 2023 12:48:02 GMT
date: Sun, 17 Sep 2023 12:48:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| we20.mycima.cc/watch.php?vid=ac5bcf622 | 146.19.24.15 | 200 OK | 121 kB |
URL User Request GET HTTP/2we20.mycima.cc/watch.php?vid=ac5bcf622 IP 146.19.24.15:443
ASN#201814 Meverywhere sp. z o.o.
CertificateIssuerLet's Encrypt Subjectb.mycima.cc FingerprintD5:83:33:24:9D:EB:ED:6B:75:2D:F0:FB:74:85:CC:38:46:41:49:4F ValiditySat, 16 Sep 2023 22:01:27 GMT - Fri, 15 Dec 2023 22:01:26 GMT
Size121 kB (121008 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.php?vid=ac5bcf622 HTTP/1.1
Host: we20.mycima.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
set-cookie: PHPSESSID=61bca3f27b6fcc2032f007e926a13564; path=/; secure
watched_video_list=Nzk2OA%3D%3D; expires=Mon, 18-Sep-2023 12:48:01 GMT; Max-Age=86400; path=/; secure
content-encoding: br
vary: Accept-Encoding
date: Sun, 17 Sep 2023 12:48:01 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css | 104.18.11.207 | 200 OK | 27 kB |
URL GET HTTP/2netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css IP 104.18.11.207:443
Requested byhttps://we20.mycima.cc/watch.php?vid=ac5bcf622 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File typeASCII text, with very long lines (26548) Hash0831cba6a670e405168b84aa20798347 05ea25bc9b3ac48993e1fee322d3bc94b49a6e22 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://we20.mycima.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 17 Sep 2023 12:48:02 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 12/13/2021 21:25:06
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 632
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: ce46644f14621522f2593a9762829805
cdn-cache: HIT
cf-cache-status: HIT
age: 1470171
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8081760f2fb0569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|