Report - mycima18.wecima.watch/profile/admin/

Report Overview

Visited public
2023-10-28 10:00:42
Tags
URL
mycima18.wecima.watch/profile/admin/
Finishing URL
mycima18.wecima.watch/
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
مشاهدة ماى سيما MYCIMA وى سيما WECIMA افلام و مسلسلات اون لاين - وى سيما wecima ماى سيما mycima

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
mycima18.wecima.watch	unknown	unknown	No data	No data	24 kB	2.5 MB	188.114.97.1
alteredyacht.com	unknown	2023-08-22	2023-08-22 03:51:26	2023-10-26 07:55:00	443 B	24 kB	173.233.139.164
fleraprt.com	unknown	2022-01-14	2022-01-14 23:55:14	2023-10-27 18:28:54	541 B	489 B	139.45.195.254
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2023-10-27 18:36:19	745 B	423 B	192.243.59.13
professionalswebcheck.com	unknown	2022-04-01	2022-04-02 00:47:29	2023-10-27 18:28:13	450 B	430 B	3.73.202.184
wecima.tube	unknown	2023-02-02	2023-02-02 03:54:18	2023-10-25 15:12:59	464 B	6.2 kB	188.114.96.1
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-10-27 19:07:13	893 B	155 kB	142.250.74.168
site-assets.fontawesome.com	299062	2012-10-18	2022-02-10 07:20:21	2023-10-27 19:16:06	2.7 kB	1.6 MB	172.64.147.188
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-10-27 18:28:13	477 B	750 B	139.45.195.8
inklinkor.com	unknown	2022-04-01	2022-04-01 13:44:00	2023-10-27 22:02:01	406 B	29 kB	104.21.91.63
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-10-27 18:55:07	2.7 kB	62 kB	216.58.207.227
banquetunarmedgrater.com	unknown	2022-08-04	2022-08-04 17:12:50	2023-10-27 18:36:17	421 B	839 B	172.67.219.12
cameesse.net	unknown	2023-10-18	2023-10-18 14:31:33	2023-10-27 20:21:56	2.2 kB	439 kB	139.45.197.242
lr.bezoarschrysid.com	unknown	2023-09-21	2023-09-21 14:20:55	2023-10-25 15:12:37	425 B	1.4 kB	23.109.82.220
gishejuy.com	unknown	2023-10-25	2023-10-25 15:14:32	2023-10-27 19:32:43	406 B	163 kB	139.45.197.242
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-10-27 18:36:17	409 B	86 kB	172.64.163.2
tzegilo.com	unknown	2022-01-14	2022-01-14 16:27:15	2023-10-27 18:28:51	406 B	20 kB	104.21.11.245
groorsoa.net	unknown	2023-10-23	2023-10-24 03:50:52	2023-10-27 22:03:13	472 B	4.2 kB	139.45.197.245
braceletdistraughtpoll.com	unknown	2023-10-10	2023-10-10 11:34:51	2023-10-27 11:06:50	501 B	467 B	173.233.137.44

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-10-28	medium	braceletdistraughtpoll.com	Sinkholed
2023-10-27	medium	cameesse.net	Sinkholed
2023-10-28	medium	fleraprt.com	Sinkholed
2023-10-27	medium	gishejuy.com	Sinkholed
2023-10-27	medium	cameesse.net	Sinkholed
2023-10-28	medium	unseenreport.com	Sinkholed
2023-10-27	medium	cameesse.net	Sinkholed
2023-10-27	medium	cameesse.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (20)

	URL	From	Size	First Seen	Last Seen
	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-08-25	2023-11-23
Pretty URL friendshipmale.com/sfp.js IP 172.64.163.2 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 12:30 Last Seen2023-11-23 01:47 Times Seen6642 Hash 2d0450888479d4ddda305bd96206b240 5b4595aab1cd3f854718e05db9be0c65a12ab2f6 44de073e74ff24c6b1c0fe1f3ac5b33d793560e85ef24fb6ce89e76c2cf90af6 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-10
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-10 03:50 Times Seen340773 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	cameesse.net/1?z=4807448	ScriptElement	43 kB	2024-08-20	2024-08-20
Pretty URL cameesse.net/1?z=4807448 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 22:04 Last Seen2024-08-20 22:04 Times Seen1 Hash a41fedcf3da95bc37dee80dfada39219 21cc20ce07ee65735bf73c31cdb9fdbff72c80d2 b49cd970cd2a1ed9598b48f54f669015beead8e0cd4c4d7d20fa690764c35c63 Loading...

	cameesse.net/27/1a35f96fe99c6fb6ce26f56167ed6e04	ScriptElement	412 kB	2023-10-19	2024-08-21
Pretty URL cameesse.net/27/1a35f96fe99c6fb6ce26f56167ed6e04 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-19 14:32 Last Seen2024-08-21 04:07 Times Seen290 Hash e3d10345a5e4f16d7842e70768393edd 96f2cc5910d6179f94a71eb9710d24504bb4b5c8 105cdd8ee1488423586ad4e289970eafc093376355ecc88bfc3eaed4ea3f2432 Loading...

	unknown	Function	79 B	2023-04-11	2025-05-10
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-10 03:48 Times Seen112390 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?1659366893&ver=6.2.2	ScriptElement	153 kB	2023-03-25	2024-08-21
Pretty URL mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?1659366893&ver=6.2.2 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 21:52 Last Seen2024-08-21 08:31 Times Seen84 Hash 01d86e0593e8805ec600bce502493839 7de61d6bc3f856ed4643c4d9ed9d843ac3277b4e 4f7d4554a7292450b3ff6ae2142e033a0daf173134a052a6681921f8270ca9be Loading...

	www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3	ScriptElement	266 kB	2023-10-28	2023-10-28
Pretty URL www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 12:00 Last Seen2023-10-28 12:00 Times Seen1 Hash 8ea9b77314d554a856bcbbb447769dab 1e800728be0747d4523b416b9583a7526642afa5 d465735832b15c6fd0246d1b565e59faa93c27b27a23c50a43ee174be6f53ad2 Loading...

	alteredyacht.com/5a/ab/22/5aab22948fc5f2edc2ca37dff2cd916f.js	ScriptElement	60 kB	2023-10-28	2023-10-28
Pretty URL alteredyacht.com/5a/ab/22/5aab22948fc5f2edc2ca37dff2cd916f.js IP 173.233.139.164 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 12:00 Last Seen2023-10-28 12:00 Times Seen1 Hash 2ebcb159b2e5babdecec8d8593d4abee 41bab7fd767822c9730d35d1c23a8b94069be288 d4863965ff53bc2d7faa48f5aa11df6a2ef513100bf2980a9fa8754721086efe Loading...

	www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c	ScriptElement	177 kB	2023-10-28	2023-10-28
Pretty URL www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 12:00 Last Seen2023-10-28 12:00 Times Seen2 Hash a9b5f98ce35acfc362618f449e774761 106f954ba8c14a89112301902d41a2fa732b3c75 bb798e09962c670d2597b700e9d39117d3e760c795c49b11617db9c448908d00 Loading...

	banquetunarmedgrater.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-05-10
Pretty URL banquetunarmedgrater.com/advertisers.js IP 172.67.219.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-10 03:57 Times Seen4640835 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	gishejuy.com/400/5097541	ScriptElement	82 kB	2024-08-20	2024-08-20
Pretty URL gishejuy.com/400/5097541 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 22:04 Last Seen2024-08-20 22:04 Times Seen1 Hash 3dfaffdf64ad6a929e3131d4418c8434 8ad32fbe92e2607183c0d5b18788c81d3583a4c1 3e40a6098a32c33c6a4bee3894f0dd4cee7bec0109ad4cb4b4cbee076d361396 Loading...

	mycima18.wecima.watch/	ScriptElement	158 B	2023-03-25	2025-04-09
Pretty URL mycima18.wecima.watch/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-25 21:52 Last Seen2025-04-09 05:14 Times Seen116 Hash d8df6d4045b4e1124661b5df5086c10e c17b97603a604f539a451c6d001308b0654b909c b9848daa1b8d843e20a1540f95910ea8e5190b6e22ba895ed2d1ab380f7c48d1 Loading...

	mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.2.2	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.2.2 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26 Last Seen2025-05-07 10:21 Times Seen271 Hash b4999cbb6a73a9b312f635cff75e5a53 c7b683fc72d06eac129185c3e60362f5c1adc2a8 736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302 Loading...

	mycima18.wecima.watch/	ScriptElement	815 B	2023-10-28	2024-08-20
Pretty URL mycima18.wecima.watch/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-28 12:00 Last Seen2024-08-20 22:04 Times Seen5 Hash c72a96cbf849c2c906117b2a0a5ff599 d769a0401c8f549410879242a2c996f9d2ac7cb0 cc7eba7acb2260a29c8c1a914e283a86cd6cb3058c1fd2e817982f9f7324f751 Loading...

	unknown	Function	37 B	2023-04-11	2025-05-10
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-05-10 03:48 Times Seen263451 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	inklinkor.com/tag.min.js	ScriptElement	81 kB	2023-10-27	2023-11-01
Pretty URL inklinkor.com/tag.min.js IP 104.21.91.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-27 12:46 Last Seen2023-11-01 02:14 Times Seen277 Hash dcdb74a84033cb062fac67d00d2131b9 de814a6a30d0a96261ace16dfe5c199140c575ca 0cc86e2557d9500456d230530757b5b333957497426d58f24f5af7d88d9ed066 Loading...

	mycima18.wecima.watch/sandbox%20eval%20code		147 B	2023-04-11	2025-05-10
Pretty URL mycima18.wecima.watch/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-10 03:50 Times Seen341573 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	tzegilo.com/stattag.js	ScriptElement	19 kB	2023-09-07	2024-08-21
Pretty URL tzegilo.com/stattag.js IP 104.21.11.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-07 20:07 Last Seen2024-08-21 07:20 Times Seen2395 Hash 89e89aea544ea2785d49cc4cd9cf26f6 7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b 86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9 Loading...

	mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.2.2	ScriptElement	95 kB	2023-03-07	2025-04-09
Pretty URL mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.2.2 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39 Last Seen2025-04-09 05:14 Times Seen125 Hash fcdee094e98d38fe380e1b5aad9bf444 d0ea8bb98673c7daa2da3af292eeea39a4f7479a ab97310577a6474ae4b0bd9bb8ef5267698bb9fa61127cb358d4512676d90488 Loading...

	mycima18.wecima.watch/	ScriptElement	193 B	2023-05-27	2025-04-01
Pretty URL mycima18.wecima.watch/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-27 13:08 Last Seen2025-04-01 06:42 Times Seen144 Hash 82455ac64431deea965cf4b1ffc05c92 9f35df08bd07430163df6795cb73e39c98848019 2b084b56d488c9519ac67d0da4aa9d1488d51fbb731ecf657cd231975213ed51 Loading...

HTTP Transactions (69)

URL IP Response Size

www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3

142.250.74.168

200 OK

89 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint97:15:34:CA:DF:1A:DF:2E:7B:EF:E9:6E:44:21:30:2B:ED:13:54:AE
ValidityMon, 09 Oct 2023 08:03:58 GMT - Mon, 01 Jan 2024 08:03:57 GMT

File type
ASCII text, with very long lines (3651)
Size
89 kB (89187 bytes)
Hash
8ea9b77314d554a856bcbbb447769dab
1e800728be0747d4523b416b9583a7526642afa5
d465735832b15c6fd0246d1b565e59faa93c27b27a23c50a43ee174be6f53ad2

HTTP Headers

GET /gtag/js?id=G-6JHTFKY3P3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Oct 2023 10:00:21 GMT
expires: Sat, 28 Oct 2023 10:00:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

lr.bezoarschrysid.com/rYwzTSZUOMXA4Xx/40334

23.109.82.220

200 OK

20 B

URL GET HTTP/1.1
lr.bezoarschrysid.com/rYwzTSZUOMXA4Xx/40334
IP
23.109.82.220:443
ASN
#7979 SERVERS-COM

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectlr.bezoarschrysid.com
FingerprintAA:74:92:8E:74:AC:52:42:E8:8F:17:9F:F3:75:7A:BE:68:26:94:FA
ValidityThu, 21 Sep 2023 11:19:49 GMT - Wed, 20 Dec 2023 11:19:48 GMT

File type
gzip compressed data, from Unix\012- data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /rYwzTSZUOMXA4Xx/40334 HTTP/1.1
Host: lr.bezoarschrysid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Oct 2023 10:00:21 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mycima18.wecima.watch
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Sun, 29-Oct-2023 10:00:21 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 29-Oct-2023 10:00:21 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2

216.58.207.227

200 OK

9.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9864, version 1.0\012- data
Size
9.9 kB (9864 bytes)
Hash
9751651b345afc0e49ca1a302c19a294
05393c6e747f5e8a3c7fbee5fe15cad4c80837e1
d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9864
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Oct 2023 10:31:10 GMT
expires: Sat, 26 Oct 2024 10:31:10 GMT
cache-control: public, max-age=31536000
age: 84551
last-modified: Tue, 16 Jul 2019 03:31:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19984, version 1.0\012- data
Size
20 kB (19984 bytes)
Hash
0db10b5d1f471ef6c3a30158ff403106
ea993e87704687d1399a3b1fd79aa84c47659c82
e0e544b2864b4c3d7425f4eff9f9365b629abcbaf37f03d0bf5ba381f227d48a

HTTP Headers

GET /s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19984
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Oct 2023 01:27:49 GMT
expires: Sun, 27 Oct 2024 01:27:49 GMT
cache-control: public, max-age=31536000
age: 30752
last-modified: Tue, 01 Sep 2020 03:51:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2

216.58.207.227

200 OK

11 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10580, version 1.0\012- data
Size
11 kB (10580 bytes)
Hash
245d8f75ea8c5799e5de85a8a7bd4172
7f546a6c551e87bb224124789c11fdb2f6429479
2f96f4fd6fe569f64e044e0409274b2f2d79976497a9b275deb497dbbfc542b0

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Oct 2023 11:06:38 GMT
expires: Sat, 26 Oct 2024 11:06:38 GMT
cache-control: public, max-age=31536000
age: 82423
last-modified: Tue, 16 Jul 2019 03:31:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2

216.58.207.227

200 OK

8.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8948, version 1.0\012- data
Size
8.9 kB (8948 bytes)
Hash
3ca4aaa12ffa2e1f165db59f857ee5b0
1a72fa6677fa1b70f43d4a0abf3c309c211ee9fa
d404f987f0d261c3eff16cd778fb138d5c604af7f361e609ef0b91bac16d7e67

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Oct 2023 15:28:53 GMT
expires: Sun, 20 Oct 2024 15:28:53 GMT
cache-control: public, max-age=31536000
age: 585088
last-modified: Tue, 16 Jul 2019 03:31:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2

216.58.207.227

200 OK

8.5 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8488, version 1.0\012- data
Size
8.5 kB (8488 bytes)
Hash
b405dddf4639fdf946fed00d4b91139c
5df4eb97753c51715b996fcec1dec7e55877404b
b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8488
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Oct 2023 22:21:21 GMT
expires: Sat, 26 Oct 2024 22:21:21 GMT
cache-control: public, max-age=31536000
age: 41940
last-modified: Tue, 16 Jul 2019 03:31:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mycima18.wecima.watch/wp-content/uploads/2020/04/MV5BMDlmMjBjZTgtYzdmNS00OTFmLWI0YjktMTM0ZWJlOWFmN2UwXkEyXkFqcGdeQXVyNjM0MTMyNjc@._V1_UY1200842382472-175x230.jpg

188.114.97.1

200 OK

13 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2020/04/MV5BMDlmMjBjZTgtYzdmNS00OTFmLWI0YjktMTM0ZWJlOWFmN2UwXkEyXkFqcGdeQXVyNjM0MTMyNjc@._V1_UY1200842382472-175x230.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 175x230, components 3\012- data
Size
13 kB (13014 bytes)
Hash
a11439d7cb4dfa46224057206285d00a
f0d3e2571be0c78fdadfffeb56017a89706ddc98
b5e16494e8906f1685aa6d60c3fcd64a66bc8cb5ad5d43a2b6409b013ca999fa

HTTP Headers

GET /wp-content/uploads/2020/04/MV5BMDlmMjBjZTgtYzdmNS00OTFmLWI0YjktMTM0ZWJlOWFmN2UwXkEyXkFqcGdeQXVyNjM0MTMyNjc@._V1_UY1200842382472-175x230.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:21 GMT
content-type: image/jpeg
content-length: 13014
last-modified: Wed, 12 May 2021 23:03:10 GMT
etag: "609c5eae-32d6"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2057
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCa13recSYiN5QA048M8VE7Wzg%2BKWC57epHO06e6vhikJzyf%2BEdzkaQaRkPqx3pDofbThLtXhGW7aj%2BpIN%2FYo0J6RFPLkzYCbHgBUmm7yLlkhsynrrAsXpFZDXEfAw1%2BC0%2BH3qyWXOw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d0ce2e569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2022/01/%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D9%85%D9%86-%D8%A3%D9%86%D8%AA-%D8%A3%D9%8A%D9%87%D8%A7-%D8%A7%D9%84%D9%85%D9%82%D9%86%D8%B9-190x213.jpg

188.114.97.1

200 OK

13 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2022/01/%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D9%85%D9%86-%D8%A3%D9%86%D8%AA-%D8%A3%D9%8A%D9%87%D8%A7-%D8%A7%D9%84%D9%85%D9%82%D9%86%D8%B9-190x213.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 190x213, components 3\012- data
Size
13 kB (12711 bytes)
Hash
e7bf63a945e02ec5104652b19e5e9591
3a0d04bceee54e6a86345a800cdfb0dbbf81b8b0
e94795c7c33a70a41a75edc3c2c0ff9fa544cbc5fc60f3f43cc90b6a69e5dd16

HTTP Headers

GET /wp-content/uploads/2022/01/%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D9%85%D9%86-%D8%A3%D9%86%D8%AA-%D8%A3%D9%8A%D9%87%D8%A7-%D8%A7%D9%84%D9%85%D9%82%D9%86%D8%B9-190x213.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:21 GMT
content-type: image/jpeg
content-length: 12711
last-modified: Sun, 02 Jan 2022 21:31:46 GMT
etag: "61d219c2-31a7"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2057
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukmwoUpJzYH7btWBoD9yl8VXUwVOed4cT9Nh6EoYZHQD0ImotKmCIjlNhTEU8pb9vRXigTXIFA%2BViuFnJOqxPux7V%2Feuz%2BJ6BnlVEMn7B5Vb1XdikHMlfJlTPniUM5TNkwIji0l1LUQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d0de30569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/02/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A8%D8%A7%D9%84%D8%B7%D9%88-2023-161x230.jpg

188.114.97.1

200 OK

10 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/02/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A8%D8%A7%D9%84%D8%B7%D9%88-2023-161x230.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 161x230, components 3\012- data
Size
10 kB (10126 bytes)
Hash
6040acacdb10e7e62d804fdd354adec4
78236fdc48577de04e806b3274a1e4e59ddb475d
a4c3b0133433ef1d7ecf6dcffb53cc3aced0ebcfe3d5ed09dfea06e6516e5679

HTTP Headers

GET /wp-content/uploads/2023/02/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%A8%D8%A7%D9%84%D8%B7%D9%88-2023-161x230.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:21 GMT
content-type: image/jpeg
content-length: 10126
last-modified: Wed, 22 Feb 2023 09:41:35 GMT
etag: "63f5e34f-278e"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2057
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDNiU1c2jy00MYQWwH51d3PkE1qZeUuvz%2Bk9krCIV9DQGNQky7z6OT2EgUgoAS2qvLzGVsTXgte61qgld5WP%2BecZAyZ5CQLPuMu%2B%2F5%2Fr%2BGTTPOjSfkmZM4qg3SeVaeGqQgJ%2B4EEP3bk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d0de36569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2020/04/MV5BMjAzYzUwYmQtNDg5ZC00ZDk5LTgwNmUtOGQwYzMzZmVmYzBkXkEyXkFqcGdeQXVyMzkwMTMxNDQ@._V1_UY12001829870114-160x230.jpg

188.114.97.1

200 OK

11 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2020/04/MV5BMjAzYzUwYmQtNDg5ZC00ZDk5LTgwNmUtOGQwYzMzZmVmYzBkXkEyXkFqcGdeQXVyMzkwMTMxNDQ@._V1_UY12001829870114-160x230.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 160x230, components 3\012- data
Size
11 kB (10751 bytes)
Hash
5c10b9f12a3fece56f5d97af5bf98286
da7c67fa9b2d6d0bcbb97c0d292720cdd69a763e
cca27b22b031817832cffcf77e5fec71ed9994646bd66292c20bb40db0351953

HTTP Headers

GET /wp-content/uploads/2020/04/MV5BMjAzYzUwYmQtNDg5ZC00ZDk5LTgwNmUtOGQwYzMzZmVmYzBkXkEyXkFqcGdeQXVyMzkwMTMxNDQ@._V1_UY12001829870114-160x230.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:21 GMT
content-type: image/jpeg
content-length: 10751
last-modified: Wed, 12 May 2021 23:03:26 GMT
etag: "609c5ebe-29ff"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2057
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bHmj2fkL0mdZArll954tstRZvdkEo49kL1i2i0KFakl56MGgBv5n%2BKCAFQe44upg%2BxP4mAck%2FBvwFubH%2FYgZlUG9RZlaATDB5VlmSiE9zxVZAnsIcbnwCnnZHFd3ExDy1hfahZW%2FMc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d0de32569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2019/07/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-Easy-Virtue-2008-%D9%85%D8%AA%D8%B1%D8%AC%D9%85-206x300.jpg

188.114.97.1

200 OK

11 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2019/07/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-Easy-Virtue-2008-%D9%85%D8%AA%D8%B1%D8%AC%D9%85-206x300.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 206x300, components 3\012- data
Size
11 kB (11025 bytes)
Hash
8d86325b59adebbd2d6ea02ea1c228e4
8c8dacdce14e73bbe790611e7c98a1d60557a1ff
d7e40a619c424f15076931e268394119f2dfc60d3235209b3204e46e62c542ec

HTTP Headers

GET /wp-content/uploads/2019/07/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-Easy-Virtue-2008-%D9%85%D8%AA%D8%B1%D8%AC%D9%85-206x300.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:21 GMT
content-type: image/jpeg
content-length: 11025
last-modified: Sat, 08 Feb 2020 22:49:23 GMT
etag: "5e3f3af3-2b11"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2057
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cAUN9CJ2UtwE3SZgQqBpxesXHHPyV9K0OxgGwMMr%2F0HPdPrssV9dZ30g7DNCiCFcazurR20sqRi5tjVbT5eFTEflxTZN43CUNBAvPOITiCnrm3UIjPH%2F%2B4NRwRwDQTE3hzc8uzkdQ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d0de34569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/01/%D9%85%D8%B3%D9%84%D8%B3%D9%84-The-Last-of-Us-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%A7%D9%88%D9%84-156x230.jpg

188.114.97.1

200 OK

7.8 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/01/%D9%85%D8%B3%D9%84%D8%B3%D9%84-The-Last-of-Us-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%A7%D9%88%D9%84-156x230.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 156x230, components 3\012- data
Size
7.8 kB (7787 bytes)
Hash
99ab040939bffa5901fd39d871b18ff2
8a7cba6308bc1e5a44fc6531b72d0d47bcad1e7f
773e18cfee121c4a67741af4c977f3d594b316fe6b34866cd549efa565db1191

HTTP Headers

GET /wp-content/uploads/2023/01/%D9%85%D8%B3%D9%84%D8%B3%D9%84-The-Last-of-Us-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%A7%D9%88%D9%84-156x230.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:21 GMT
content-type: image/jpeg
content-length: 7787
last-modified: Sun, 15 Jan 2023 08:30:49 GMT
etag: "63c3b9b9-1e6b"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2057
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wII5rv2SPX1QxoZ2hps9ckUvC1swzro0TfhFaFt9MJFWFUdTgdhqT3tqjEaGn5qw%2FOkZLNHhVnAFCMifAnq%2BUSqddU8IOVri38YLmG%2FY7lYMErjcSUcHjPP7rLqePnutEe%2B1ixfaKVs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d0de39569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2019/04/tt8578458--219x300.jpg

188.114.97.1

200 OK

9.2 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2019/04/tt8578458--219x300.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 219x300, components 3\012- data
Size
9.2 kB (9220 bytes)
Hash
d69100191535c930a3a5b1a54e8360f8
8819b5ee51635e7aa5d6e4c25edc041ea62b8fa4
924eb4af2c37369d59e228926a2d5e845aabe7790b01ee32e6055dd4a51bf46c

HTTP Headers

GET /wp-content/uploads/2019/04/tt8578458--219x300.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:21 GMT
content-type: image/jpeg
content-length: 9220
last-modified: Sat, 08 Feb 2020 23:05:21 GMT
etag: "5e3f3eb1-2404"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2057
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3poM8C7VCVLzK%2Bnq1JpIIZDWuRo1k9h1o64ERhtS54Sbf8qpF4idFSTLmI8TUrdp0NMM6jmVTFVsu5XXhqxqCgxb3iA6QFOv279doEC9CNWqNShqfUA2P%2BFKuj97fWHCpo4h%2F7KPrgA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d0de3b569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2020/04/Rising-High-2020-190x120.jpg

188.114.97.1

200 OK

5.4 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2020/04/Rising-High-2020-190x120.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 190x120, components 3\012- data
Size
5.4 kB (5412 bytes)
Hash
20191a9c7596328ba7f743ca2f45c001
8563c49905de8c23eaf4814ded30d06fe34d3d2c
13fcba22591fb76da91f0cec2fafcf20c50c469c0b502534eff9b0ab091a9bfd

HTTP Headers

GET /wp-content/uploads/2020/04/Rising-High-2020-190x120.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:21 GMT
content-type: image/jpeg
content-length: 5412
last-modified: Wed, 12 May 2021 23:03:15 GMT
etag: "609c5eb3-1524"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2057
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcIyGceSWoqXaW%2FccGcGCx64bOu51Q5yYt6YN5cfUKzB5zTrPUZesKNS09iQJRT1VQdf2Uzkvcgb3pJQoKXF1P4vaPHYWP4f3LKWUbi9p6dpFKYMUVRKV6Ij1bGftERK9lXeMHnErC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d0de3c569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2019/04/5c4c495ed0ea4--236x300.jpg

188.114.97.1

200 OK

8.4 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2019/04/5c4c495ed0ea4--236x300.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 236x300, components 3\012- data
Size
8.4 kB (8371 bytes)
Hash
40e5620f1188ae4fe9f509719575f439
bc4a85a0477f5e4f90a40b9a8ffe551ca9fce1fe
45255efd526ecb5e7191005223e56c9eb36b7f3fc71b4af652a8cb049d1698d5

HTTP Headers

GET /wp-content/uploads/2019/04/5c4c495ed0ea4--236x300.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:21 GMT
content-type: image/jpeg
content-length: 8371
last-modified: Sat, 08 Feb 2020 23:26:45 GMT
etag: "5e3f43b5-20b3"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2057
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDqtsqdmutuJEMgScCYPSRouIelegbRY4BcuMl4HMdq1Yq9Kc08fXczCLLH9znkLWhFhEjXva0p0z1TWLfwtGE78dFfOouPBF2Y1bf41RKcwdxCdqae5MalYUziz5VpQQy5NNFUH6T8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d0de3e569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2021/03/My-Roommate-Is-a-Detective-s01-153x230.jpg

188.114.97.1

200 OK

12 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2021/03/My-Roommate-Is-a-Detective-s01-153x230.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 153x230, components 3\012- data
Size
12 kB (11466 bytes)
Hash
261c5288bf3f726b36594a19b1f76b37
897cec4a7f65e9bbe7ddd3a10bb9d93d0787435e
687d6a2ede1621351e02ce50d2842a94dca4b69d2b176e3f886677c11ade434a

HTTP Headers

GET /wp-content/uploads/2021/03/My-Roommate-Is-a-Detective-s01-153x230.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:21 GMT
content-type: image/jpeg
content-length: 11466
last-modified: Wed, 12 May 2021 23:00:48 GMT
etag: "609c5e20-2cca"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2057
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eF%2BlvdhrIpnvboiY6nlFIE3EvrfQBmMGf735AUXK7ZS4iG6G2wQZklXRasOwKk7T8oC%2FpqYWcak2wJL4JkO6IBcosBS7XbKRe1LvLPOXBneRQEXYPXyozYs8bu%2BPGG94JlTeAE5A6rw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d0de3f569a-OSL
alt-svc: h3=":443"; ma=86400

alteredyacht.com/5a/ab/22/5aab22948fc5f2edc2ca37dff2cd916f.js

173.233.139.164

200 OK

24 kB

URL GET HTTP/1.1
alteredyacht.com/5a/ab/22/5aab22948fc5f2edc2ca37dff2cd916f.js
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectalteredyacht.com
Fingerprint19:5F:34:04:D0:B1:63:4D:D0:A6:04:B1:17:7A:5D:BC:5A:49:1F:12
ValiditySat, 21 Oct 2023 06:12:09 GMT - Fri, 19 Jan 2024 06:12:08 GMT

File type
ASCII text, with very long lines (60311), with no line terminators
Size
24 kB (23528 bytes)
Hash
2ebcb159b2e5babdecec8d8593d4abee
41bab7fd767822c9730d35d1c23a8b94069be288
d4863965ff53bc2d7faa48f5aa11df6a2ef513100bf2980a9fa8754721086efe

HTTP Headers

GET /5a/ab/22/5aab22948fc5f2edc2ca37dff2cd916f.js HTTP/1.1
Host: alteredyacht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 28 Oct 2023 10:00:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5d9ed79a4505861b7be438fd25e3d97a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

inklinkor.com/tag.min.js

104.21.91.63

200 OK

27 kB

URL GET HTTP/2
inklinkor.com/tag.min.js
IP
104.21.91.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectinklinkor.com
Fingerprint5D:E8:2B:4E:1D:87:E7:D0:24:0C:11:4B:6D:AF:1B:8A:38:CB:A3:6E
ValidityMon, 23 Oct 2023 14:48:09 GMT - Sun, 21 Jan 2024 14:48:08 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
27 kB (27331 bytes)
Hash
dcdb74a84033cb062fac67d00d2131b9
de814a6a30d0a96261ace16dfe5c199140c575ca
0cc86e2557d9500456d230530757b5b333957497426d58f24f5af7d88d9ed066

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 4f07813acc0aec6f3199a33d05f77ce9
cache-control: max-age=86400
last-modified: Fri, 27 Oct 2023 10:30:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Sun, 29 Oct 2023 08:57:56 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 3746
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfS6PHtSyTvKPXoA%2B9bAOLPCLcL9CRxwsLhMl2znJ%2BDCqYaMlMn7ipJuoTotfrPriSEDAqJ%2BbycrVmuvpS915xm07bbZcTrqoxVBnP34h7mOe5t54RA2OPeps3vLYR83"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d254d17a291c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mycima18.wecima.watch/wp-content/uploads/2023/10/Jemputan-Ke-Neraka-2023-347x520.jpg

188.114.97.1

200 OK

43 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/Jemputan-Ke-Neraka-2023-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
43 kB (42630 bytes)
Hash
08481de7b5b10a028edcb2fdc077a028
b21201931ca085490d6361f35ae699770151f244
d36eef0da2168beb3bebefb2df8bea48e07767ffa28f809b6348d9e59b550b68

HTTP Headers

GET /wp-content/uploads/2023/10/Jemputan-Ke-Neraka-2023-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 42630
last-modified: Fri, 27 Oct 2023 02:15:55 GMT
etag: "653b1d5b-a686"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 15
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OG1o4sSPFDS%2B37v2R0Hy%2FTvgXZJ9ytBSih4gEErB03cIEWQvQoDULJGoQNXEY5m35%2FrQguXtS0F2PFiVmE0FZYLRBxwOepru2WpmiuJ8SWp13LhBLAIWwEUI9B34%2BBnxwge84ttTH28%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d348d0569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/Alena-Anak-Ratu-Iblis-2023-347x520.jpg

188.114.97.1

200 OK

28 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/Alena-Anak-Ratu-Iblis-2023-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
28 kB (28156 bytes)
Hash
5e2f5cd626011da2f28d02d5db5065c5
af6f788ef249e692109e9f89f2da31d570d56993
65eb4906e85c60d40dafa7707db0efa4bc1befcf79ed14b2a01fcc567f9a61fe

HTTP Headers

GET /wp-content/uploads/2023/10/Alena-Anak-Ratu-Iblis-2023-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 28156
last-modified: Fri, 27 Oct 2023 02:10:22 GMT
etag: "653b1c0e-6dfc"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 15
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMR3zTUr4AizF8DYs%2FedeWOQM2CtI8hoUKmHbbBLQtxCTKLL1dtivh8eck2A2Mvs%2FecayT5gX5ITHlIChR4GRzp7IS83VujerUmWnLMZlzB1iovVLfomygMlwvraRrAbUX37cx5eqLA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d348d3569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/09/Ben-Bu-Cihana-Sigmazam-%D9%85%D9%88%D8%B3%D9%85-2-1-356x520.jpg

188.114.97.1

200 OK

28 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/09/Ben-Bu-Cihana-Sigmazam-%D9%85%D9%88%D8%B3%D9%85-2-1-356x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 356x520, components 3\012- data
Size
28 kB (28520 bytes)
Hash
8c783664506e085889015726884ce439
ee30db4ac496da8c42b097e779267299b98fa4f1
9bbf700cb2c48071b1483f061ee84d44b8468d5f5ac80565aae8b3e9fbef87dc

HTTP Headers

GET /wp-content/uploads/2023/09/Ben-Bu-Cihana-Sigmazam-%D9%85%D9%88%D8%B3%D9%85-2-1-356x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 28520
last-modified: Wed, 13 Sep 2023 19:02:51 GMT
etag: "6502075b-6f68"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 15
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gy9wVesmg%2F7BrlozsH7Aa0t4p%2F%2FF%2BJ5Sv6ixJ2GmZPbrH047uzDH5IxwR5uPto7EywvnDMMARc2K6YcYGk%2BFFssXpmj7GDc%2FlLvJKM4aXPWsFFGm9p3RYR5K%2Fr%2BFCyRqRzcQarlUwmU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d358d8569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/09/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%B9%D9%85%D8%B1-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-347x520.jpg

188.114.97.1

200 OK

39 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/09/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%B9%D9%85%D8%B1-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
39 kB (38697 bytes)
Hash
8982a81a6837550365dd7fcce562f470
e9e23e622e517a66dd1f8ac898f3893812263cdf
3bed454d902070596c062829364dc7e4bcc3347d62322777049c0ed0f73a7fa8

HTTP Headers

GET /wp-content/uploads/2023/09/%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%B9%D9%85%D8%B1-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 38697
last-modified: Tue, 12 Sep 2023 15:32:21 GMT
etag: "65008485-9729"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 15
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Oh4VQ%2FQEeHzOnwW5Qtn5D%2F6LSOwSTfPWgPqRYX72Qkh7oT2g0HJ%2F4mAdme2PFPCvx2gBWapH8Bw%2F1RDa5D1uMrZZtCX%2F28IP9pwsXibFMFpzy75T0sjDczjeLTP2iMQM3TOFyM2WBg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d39914569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/Killers-of-the-Flower-Moon-2023-347x520.jpg

188.114.97.1

200 OK

31 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/Killers-of-the-Flower-Moon-2023-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
31 kB (30589 bytes)
Hash
c26c99918b2afb5ebb8d898bbe9a312c
2393c1f97bd04829a530e6830fce69dc297916a5
d59bce8d39d9c8214228442afe82d25d711d7e031d2ae7b4834c49e15d32dcd0

HTTP Headers

GET /wp-content/uploads/2023/10/Killers-of-the-Flower-Moon-2023-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 30589
last-modified: Mon, 23 Oct 2023 13:20:45 GMT
etag: "6536732d-777d"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3912
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtjEcblm23A9ipD1ROtphWcL%2BUfsugaW%2BCpPKgurDW%2BrI0cB7VWly9aIZYTdI6gepy1tPdCFHg1mkurqnvbq1ekNHULb6qmZg0vD877hQxWY68Y8vTKrOE0eJKOhqtaP5hdfCrxPhs8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d3b944569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/Mercy-Road-2023-347x520.jpg

188.114.97.1

200 OK

44 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/Mercy-Road-2023-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
44 kB (43906 bytes)
Hash
064c1262c6e9704832a4896aad3c590e
892ad6d078a455f68db9fa11ec847114e93a507a
669eb9b9abfeab970fb09b79b11aecefed4efbeed8499887b8d9150ed46c5276

HTTP Headers

GET /wp-content/uploads/2023/10/Mercy-Road-2023-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 43906
last-modified: Sat, 21 Oct 2023 12:33:11 GMT
etag: "6533c507-ab82"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 15
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUsheYbykNt6NykA71vYCrK6VTWmWIOt%2BlbphXHa1JFvxqjpKP69IdqvLRI5eXkZemREnZiXX1a%2BJ8goJbPptqGQy5DG1ZKIlevNysrgjBH%2F861J6IJDmmsVjcnU8XFoz8EEzOMjZXg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d3d957569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/%D8%A7%D8%A8%D9%86-%D8%A7%D9%84%D8%AD%D8%A7%D8%AC-%D8%A7%D8%AD%D9%85%D8%AF-351x520.jpg

188.114.97.1

200 OK

41 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/%D8%A7%D8%A8%D9%86-%D8%A7%D9%84%D8%AD%D8%A7%D8%AC-%D8%A7%D8%AD%D9%85%D8%AF-351x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 351x520, components 3\012- data
Size
41 kB (41444 bytes)
Hash
8e1a7ba40ebccf98607a52ed01099d59
11fa68dd7d574c0d4978a9edb04c9969280b3978
8c62e05eebc31d967e89266ef7cbc4c5a3df25ecb9c566dbc4b785e399ebf83f

HTTP Headers

GET /wp-content/uploads/2023/10/%D8%A7%D8%A8%D9%86-%D8%A7%D9%84%D8%AD%D8%A7%D8%AC-%D8%A7%D8%AD%D9%85%D8%AF-351x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 41444
last-modified: Thu, 19 Oct 2023 00:11:57 GMT
etag: "6530744d-a1e4"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3912
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2DKevWZFfbdjFlJ4aqcLcpyWEsqQnF29KQ7%2FENTuB%2Bj%2B1j%2FuX5MCNNiZhiY6Ld3szMO0CJCEmbcfRPs60z8oxp1CSxYxWQ8Du0VQFQeCkstIs5KqSzOlkvcXSYUeAY44JxHdOvXVLQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d3d959569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/Rahsia-2023-347x520.jpg

188.114.97.1

200 OK

34 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/Rahsia-2023-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
34 kB (33742 bytes)
Hash
d6df7d569120750f17be453c4be250aa
2cd2920da01e700e6e14652cc83b2de136eb1f21
04d33e4506d764d9ccf19226b4155c1685cfd355af0457fb9060f6540291c545

HTTP Headers

GET /wp-content/uploads/2023/10/Rahsia-2023-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 33742
last-modified: Wed, 18 Oct 2023 18:06:46 GMT
etag: "65301eb6-83ce"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 15
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsBxlBR7hVCXsePlHm%2Bs39YeMxnSTfgb2cGqH%2Fx%2FuHbyOpu%2FYPSTP7LxogjrqbbBBd2ZOd7SmQA6iDiAqMMUoXRC14tjJl%2FTpL%2FYxP31V2s3%2FmxuHsjQ5e6uCWoAaMLeKg6GSGY%2BAOo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d3d95d569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/Spirit-Doll-2023-347x520.jpg

188.114.97.1

200 OK

28 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/Spirit-Doll-2023-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
28 kB (28131 bytes)
Hash
7fe12992569eb92a6095fdb64acf81aa
3da080ffa4450e5201c1d86c81242b69df572809
7acf86d2599ced4e2113c2c3129b23bbc93a3238bfd42c4906c6603913acddad

HTTP Headers

GET /wp-content/uploads/2023/10/Spirit-Doll-2023-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 28131
last-modified: Wed, 18 Oct 2023 18:03:57 GMT
etag: "65301e0d-6de3"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 15
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6u6D6cx32w%2B6CHiOeo3p2DMjRKR1aQKiebn9VgWPTjsIcf4iqkDnRiYPR3EWyNJb1H3%2FKstnG2OpLBvw1f44RwyHzoojFvDQM8A8Rpc92zJ2cEtxZq9%2BrZ45p4CPNooTKmmdsGOO04%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d3e966569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2022/12/%D8%B1%D8%AC%D9%84-%D8%A7%D9%84%D8%B9%D8%B5%D8%A7-347x520.jpg

188.114.97.1

200 OK

36 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2022/12/%D8%B1%D8%AC%D9%84-%D8%A7%D9%84%D8%B9%D8%B5%D8%A7-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
36 kB (36264 bytes)
Hash
933216ae031fcf0933aa70047992cd8a
9f65049ae327c30c6bcb8c757307055d813be59e
1c7d5ff60a6d23445f6eb52ea3b93d6e27a05a33b2bc2dc66a41ecc4f1d29649

HTTP Headers

GET /wp-content/uploads/2022/12/%D8%B1%D8%AC%D9%84-%D8%A7%D9%84%D8%B9%D8%B5%D8%A7-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 36264
last-modified: Thu, 01 Dec 2022 15:57:21 GMT
etag: "6388cee1-8da8"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 15
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXhSFchBGVKg6z2dzNxQ5HSdgWD4lw6pIjlGQeSslWDukKpuJUObdz1xZPn8DhwrGIqvVIn7fbLq%2Bh%2FCxTZH5oHDT1CzvQTCLZoLP890jAra02dmy3fR78Qd2%2FOzWK7m3AwHiM8CJV8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d3e96b569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D9%85%D9%88%D8%B3%D9%85-5-%D9%85%D8%AA%D8%B1%D8%AC%D9%85-346x520.jpg

188.114.97.1

200 OK

41 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D9%85%D9%88%D8%B3%D9%85-5-%D9%85%D8%AA%D8%B1%D8%AC%D9%85-346x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 346x520, components 3\012- data
Size
41 kB (41317 bytes)
Hash
8460ee1ca7561f8d685f6a8e21d33ac8
9b31446305757ea3c417d61a493bf47ffc4c13e6
72c171f7090aee222aa4aed13528a7fb22fb9c5ccad6d7a28658e7207233c9f8

HTTP Headers

GET /wp-content/uploads/2023/10/%D8%B9%D8%AB%D9%85%D8%A7%D9%86-%D9%85%D9%88%D8%B3%D9%85-5-%D9%85%D8%AA%D8%B1%D8%AC%D9%85-346x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 41317
last-modified: Wed, 04 Oct 2023 21:49:41 GMT
etag: "651dddf5-a165"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 15
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apxNXLfLjz7uKFMEcbG6gLZs8T4x4868n8xLZ1RZrhQwnyVDKTeDeEzBUiT84y1u3zieF4r5VYyq4XBnJm03Vz3oWspW8Cn0IMelO2lWfqIALOg2Atn5LEytc3dxctH60bkdw8ev%2FfM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d40983569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/%D8%A5%D8%AA%D9%86%D9%8A%D9%86-%D9%84%D9%84%D8%A5%D9%8A%D8%AC%D8%A7%D8%B1-370x463.png

188.114.97.1

200 OK

318 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/%D8%A5%D8%AA%D9%86%D9%8A%D9%86-%D9%84%D9%84%D8%A5%D9%8A%D8%AC%D8%A7%D8%B1-370x463.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
PNG image data, 370 x 463, 8-bit/color RGBA, non-interlaced\012- data
Size
318 kB (317920 bytes)
Hash
ca6b1181c47cbca0fac6ab96cceccd4a
c63705f575591cc76170b0801ecc19d81ce9e923
8984cf69986e5ad3b2da6bbf7c4b5624d9141603fd5525c819e9fd4f79bf3172

HTTP Headers

GET /wp-content/uploads/2023/10/%D8%A5%D8%AA%D9%86%D9%8A%D9%86-%D9%84%D9%84%D8%A5%D9%8A%D8%AC%D8%A7%D8%B1-370x463.png HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/png
content-length: 317920
last-modified: Wed, 04 Oct 2023 23:10:14 GMT
etag: "651df0d6-4d9e0"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 15
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzsYkmTQKedupIf8j40bjyRPxSD%2FQyhj6%2F7aN8reU%2Bq9ETmfKrmuKPJZF1M3sChX0OBvOcTSnNzPKHOa0ZPSX39HidDg0ENkAOugH3k0g82WxarCLF6QDkKMx3kKcoO%2FKD%2BtrAwbH7A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d41989569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/07/%D8%B9%D8%B1%D8%B6-WWE-Smackdown-370x414.jpg

188.114.97.1

200 OK

48 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/07/%D8%B9%D8%B1%D8%B6-WWE-Smackdown-370x414.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 370x414, components 3\012- data
Size
48 kB (48194 bytes)
Hash
b800b4948b12699b76badfef794aae05
8efd66955642284ae008176e94260872b98afad5
0bc12f1af00ed9158976888f720b187f4149428a5054f7d9e7b988c7f2646c41

HTTP Headers

GET /wp-content/uploads/2023/07/%D8%B9%D8%B1%D8%B6-WWE-Smackdown-370x414.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 48194
last-modified: Sat, 22 Jul 2023 06:59:36 GMT
etag: "64bb7e58-bc42"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1391
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnUUcTARYPVYoUpBKxW9mTo3m2UQnZfQ93%2BpdGlE9CScxoQGftrqszwoxjHhxyX8cdT2bLBDQaBpjgVm86J24ZCWAV%2BvN46tg4RA9mbmi2PzJwwBi2jBOyP3IOrYfpBwvIDu5PwIuO8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d4198c569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/08/%D9%85%D8%B3%D9%84%D8%B3%D9%84-Billions-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B3%D8%A7%D8%A8%D8%B9-347x520.jpg

188.114.97.1

200 OK

47 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/08/%D9%85%D8%B3%D9%84%D8%B3%D9%84-Billions-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B3%D8%A7%D8%A8%D8%B9-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
47 kB (46582 bytes)
Hash
9cc2884f862b74f03b39b8e024cfdfde
bb280b24e13649536f5c3788c838dc2b8fd85401
78e5a4818c72ee683a1680f0c24712170a549d2de4552e4c90ae679f7d913ad0

HTTP Headers

GET /wp-content/uploads/2023/08/%D9%85%D8%B3%D9%84%D8%B3%D9%84-Billions-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B3%D8%A7%D8%A8%D8%B9-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 46582
last-modified: Thu, 10 Aug 2023 23:27:49 GMT
etag: "64d57275-b5f6"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2886
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Th3Y91PR2v1hJyzthR9iiQbwxEe0feh8e%2Fib6LK%2F4zzm%2FB4eiUGTKBva%2Feey2b5%2FPeSlLm6R5bjn720S4byeauoOzXlbWZ%2FP%2BimJiVYF2%2BP42BnKmdl13r8K3FS7XGHj0Zei5NUFUzI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d4299d569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/Virodh.jpg

188.114.97.1

200 OK

35 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/Virodh.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Size
35 kB (35146 bytes)
Hash
e20489a3af557eb936e0dbc0d725adbd
0d850364bf0708f34f4ef921d9c09ca3209d8799
370c96723eff55d090844243faba8317b04391d07bcdab64c97accf17e26863c

HTTP Headers

GET /wp-content/uploads/2023/10/Virodh.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 35146
last-modified: Fri, 27 Oct 2023 16:55:32 GMT
etag: "653beb84-894a"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrqM4Yefu4cMRqS6SaC8c6y2nllPU%2Bi64IsINqQclMaA9NGt%2BliFFuEKK7KuhO4jy2msgmBIMnYJsgNU5RYqTc19tZxlNvg4klKcHzkU9bUxFXyORZhD9QkfNNUUq%2FNmGmieNH%2BURF8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d4299e569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/08/%D9%85%D8%B3%D9%84%D8%B3%D9%84-My-Dearest-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%A7%D9%88%D9%84-354x520.jpg

188.114.97.1

200 OK

22 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/08/%D9%85%D8%B3%D9%84%D8%B3%D9%84-My-Dearest-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%A7%D9%88%D9%84-354x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 354x520, components 3\012- data
Size
22 kB (21607 bytes)
Hash
8aa2f94d65469a5cbc129428bdb5304c
b72b1a3afb22adc32cb9e4b307a02a25712773e9
30acb97df5bdd4a219d0c7879e766453b3cfebe0a5526067a27ae3dcac5b407e

HTTP Headers

GET /wp-content/uploads/2023/08/%D9%85%D8%B3%D9%84%D8%B3%D9%84-My-Dearest-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%A7%D9%88%D9%84-354x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 21607
last-modified: Mon, 07 Aug 2023 11:08:52 GMT
etag: "64d0d0c4-5467"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3912
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EngHv64h%2BYfYx6wlgsBJrXh3EYiERLit1IdKohclt3%2B21wnZHBd0ylylVz9WpwMfh%2BKUrpFxcg2ZLPI%2FCnrEeSJDndY3Jg%2FQse0In6E4BfavOvlRoErihe3rVe2%2Fg5kA%2BVP1irMCrTo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d429a1569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/%D8%B9%D9%86%D8%A8%D8%B1-351x520.jpg

188.114.97.1

200 OK

31 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/%D8%B9%D9%86%D8%A8%D8%B1-351x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 351x520, components 3\012- data
Size
31 kB (31027 bytes)
Hash
96cce6bc6bd524522b297bc10d3a0a04
3ced316567f6d0cc08f9484b4163061dadd8dcfc
9401447ef201759a5b0085aad1807cc978563fc72465e521c6c9a8ee1be2875c

HTTP Headers

GET /wp-content/uploads/2023/10/%D8%B9%D9%86%D8%A8%D8%B1-351x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 31027
last-modified: Wed, 11 Oct 2023 22:00:24 GMT
etag: "65271af8-7933"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 15
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7x9eJlfdR65Jyyjatx9ZXJfGTZYD41Fwm3JEE%2BO9lgsR%2BvKUvnzGttXo0%2B%2BVnnpMtW9BgQUSpn7DeoRzbd5nwLpTm4K2wRE8x0iDN2BBTJGBhaJ3W4%2F84cjWIL9whgyEdcobntyNY7Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d479d5569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23header/netflix.png

188.114.97.1

200 OK

3.5 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23header/netflix.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3533 bytes)
Hash
54110064037a44285faf10b2cbe55e87
b2677d46ed052bfda6eecbb61ee5539349f5603d
c5b633a4f58b811923c6d41cbe24939af6aebb02e6796169c1797f0eeb31bdd4

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23header/netflix.png HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/png
content-length: 3533
last-modified: Sun, 22 Aug 2021 16:56:59 GMT
etag: "612281db-dcd"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5179
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McOl0eZ2I7OrLumugehbxoy6KPoH9RCsNuK72FWYRQMHJzjn5S750m6zqHrLLQMc6z2L7HNMkbYUdaV1vc5RGNsDwI19lMIJ3pjkbsavZsbWqdwu9Z6DbfjDsAs3uBEf33kkBtG3aOc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d479d8569a-OSL
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/uploads/2023/10/Masterpeace-347x520.jpg

188.114.97.1

200 OK

42 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/10/Masterpeace-347x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 347x520, components 3\012- data
Size
42 kB (41902 bytes)
Hash
3cf8a844821407b2fb1e249c0acf94ff
4040d74750fab930e98154b07fd847de08fddb36
9bcc4ef167bdca2b47091f2cf9462cf86e11d4fed9a65deed181c2ff6c170be6

HTTP Headers

GET /wp-content/uploads/2023/10/Masterpeace-347x520.jpg HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: image/jpeg
content-length: 41902
last-modified: Fri, 27 Oct 2023 22:16:48 GMT
etag: "653c36d0-a3ae"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 15
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIPJmN6jZ9Z8XB%2FU32xFTgh6TUWOFWf57%2BI%2FeaummG3ioExd1oiMtiHXmMcWJAPOkfPjvucBG53yvgSZ0c7wbNjk5hrVPowz4AkY4cD56Cl%2BsDsGFohuseXdK5IVdU5rWbwFoQkCPe4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d479d6569a-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c

142.250.74.168

200 OK

65 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint97:15:34:CA:DF:1A:DF:2E:7B:EF:E9:6E:44:21:30:2B:ED:13:54:AE
ValidityMon, 09 Oct 2023 08:03:58 GMT - Mon, 01 Jan 2024 08:03:57 GMT

File type
ASCII text, with very long lines (3026)
Size
65 kB (64656 bytes)
Hash
a9b5f98ce35acfc362618f449e774761
106f954ba8c14a89112301902d41a2fa732b3c75
bb798e09962c670d2597b700e9d39117d3e760c795c49b11617db9c448908d00

HTTP Headers

GET /gtag/js?id=UA-128370636-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Oct 2023 10:00:22 GMT
expires: Sat, 28 Oct 2023 10:00:22 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Oct 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64656
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-light-300.woff2

172.64.147.188

200 OK

392 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-light-300.woff2
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 392136, version 768.256\012- data
Size
392 kB (392136 bytes)
Hash
2cb9262f4870f225de120af23500828a
0330732496c970248a96c6df732b4b6e8407246f
d9c0c73c3e6a75d59ff20ce5e1d4bdec5ee8c6f2724ff0deb6cddb8f7f207dbe

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-light-300.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: font/woff2
content-length: 392136
x-amz-id-2: DpcG0HPBOIEQ5aI844Ay2iRxnq48H5XaLxRL3O4duG05qEkh3BeTNVAtB31kd/FR1BubmMpZ5yg=
x-amz-request-id: 9FK3PVV9VKEVCJ2H
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "2cb9262f4870f225de120af23500828a"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 38327
accept-ranges: bytes
server: cloudflare
cf-ray: 81d254d71937b4eb-OSL
X-Firefox-Spdy: h2

braceletdistraughtpoll.com/pixel/purst?dl=0&th=0&sc=0&rs=1291&rd=1291&fd=584&bv=23.10.v.29&tmpl=70

173.233.137.44

200 OK

0 B

URL GET HTTP/1.1
braceletdistraughtpoll.com/pixel/purst?dl=0&th=0&sc=0&rs=1291&rd=1291&fd=584&bv=23.10.v.29&tmpl=70
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectbraceletdistraughtpoll.com
FingerprintCF:2F:4E:E5:4D:6A:DC:4E:2A:EE:4A:6D:40:59:00:A3:63:B0:8C:00
ValidityTue, 10 Oct 2023 08:34:07 GMT - Mon, 08 Jan 2024 08:34:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1291&rd=1291&fd=584&bv=23.10.v.29&tmpl=70 HTTP/1.1
Host: braceletdistraughtpoll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 28 Oct 2023 10:00:22 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-regular-400.woff2

172.64.147.188

200 OK

358 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-regular-400.woff2
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 357732, version 768.256\012- data
Size
358 kB (357732 bytes)
Hash
aca950cc283a103f77e0001fb67043b7
bf0d2965fbc75a8a23ca081c7094a95535d46ca6
d2d786476ddb1827a07bc0ac83e78cee6d262a16092b6064c166091132f09b65

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: font/woff2
content-length: 357732
x-amz-id-2: D897C38fvQ6akHiQjxPcSfuCCl2AWtJBzIDeA0eCx7hCZ9TlnYD2/9T0xNla6WUCHnP59IgDZXYDX+pDAHt8yQ==
x-amz-request-id: 9FKEB2TJFKWGHD68
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "aca950cc283a103f77e0001fb67043b7"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 25957
accept-ranges: bytes
server: cloudflare
cf-ray: 81d254d7796cb4eb-OSL
X-Firefox-Spdy: h2

site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-brands-400.woff2

172.64.147.188

200 OK

105 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-brands-400.woff2
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 104740, version 768.256\012- data
Size
105 kB (104740 bytes)
Hash
27ed7b486bfe3163c0d312b6d2aa9069
97cb3773774b591841557c859b0f1b4b1b1cde09
fb347c28258cfeeb9b0904c469d8049fcb2ad4d1bb5e4c9601e0edda3b76bb69

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: font/woff2
content-length: 104740
x-amz-id-2: c/aTa4YryYy+s55A5OWmh1xMPgsglmJpvYUbER/C9EYF5K3aJLZLOHnFb1dmMMWfontemfiSramaUGjeFKL5cQ==
x-amz-request-id: 9FK1N4E1WSV6BC9C
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "27ed7b486bfe3163c0d312b6d2aa9069"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 38327
accept-ranges: bytes
server: cloudflare
cf-ray: 81d254d7a980b4eb-OSL
X-Firefox-Spdy: h2

banquetunarmedgrater.com/advertisers.js

172.67.219.12

200 OK

0 B

URL GET HTTP/2
banquetunarmedgrater.com/advertisers.js
IP
172.67.219.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint77:2B:76:51:D0:51:70:02:2E:BF:B7:9B:02:8B:5A:A4:91:FA:0B:9E
ValidityMon, 11 Sep 2023 08:34:11 GMT - Sun, 10 Dec 2023 08:34:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:23 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: a9c0406b4952e8444e7600bb02441091
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 28 Oct 2023 10:00:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NkUKHDMXj%2FId9xTyZ6FqB6jRES97dSaTzwF4%2FLUramaBZXW5YjytZGwTznH3WqOfV3y5VZJXZAXPCa4mZHS4c0dTcvvv1tZhas0SaYPmoUe%2BXsEMjkuLMR4zDCWL4KXJE9YmCoEA1EfvYM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d254d879c4b527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=65dc8b688d2d487db57fedba9a10a0c1

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=65dc8b688d2d487db57fedba9a10a0c1
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
44809afd7511b9d4640d3e80abcf0d54
e9eb2b3226a9f40bd71db2686abb0ad6ef274418
1af56539fe1ee40e1fde9bda7c7c1d69a15ce6562c79ba8229191abe774c8d04

HTTP Headers

GET /gid.js?userId=65dc8b688d2d487db57fedba9a10a0c1 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 28 Oct 2023 10:00:23 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://mycima18.wecima.watch
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=65dc8b688d2d487db57fedba9a10a0c1; expires=Sun, 27 Oct 2024 10:00:23 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

mycima18.wecima.watch/wp-content/uploads/2023/02/wecima-favicon-1.png

188.114.97.1

200 OK

5.5 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/uploads/2023/02/wecima-favicon-1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
PNG image data, 271 x 211, 8-bit/color RGBA, non-interlaced\012- data
Size
5.5 kB (5499 bytes)
Hash
de6cab0eb34528ddc75c0bba91468367
805566b4421a52ccbc7ddea87282ce4df241f64e
ab33b59200764ca718a5f977d0eccf57c27d02560c59ba3a9b12af1819b1f7fa

HTTP Headers

GET /wp-content/uploads/2023/02/wecima-favicon-1.png HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycima18.wecima.watch/
DNT: 1
Connection: keep-alive
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:23 GMT
content-type: image/png
content-length: 5499
last-modified: Mon, 13 Feb 2023 20:21:20 GMT
etag: "63ea9bc0-157b"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 440
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEuskg5ErU1qi2mEKcUVLIZ%2FO58Uc%2Fgy4QQSa%2FaF6b1Lzl6%2F43Jrd0gMIO3n53WwvmLpDShX%2Fq750EApJBmpgZoro%2BciNQd0jyiYFgANBgDADWALfVGchHhsq413YCHoMA9%2F6gZdJc4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254da9efa569a-OSL
alt-svc: h3=":443"; ma=86400

cameesse.net/1?z=4807448

139.45.197.242

200 OK

23 kB

URL GET HTTP/2
cameesse.net/1?z=4807448
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6
ValidityWed, 18 Oct 2023 10:27:53 GMT - Tue, 16 Jan 2024 10:27:52 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
23 kB (23132 bytes)
Hash
8d5deffd423f33af9f4e9bf871ac5988
573c589c8d0bbae915eb6c7e65b962128d97f093
8d567c49ce5ce15c4740cfc69f05cee5eb570d922780078170c427b7a654abfe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1?z=4807448 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 28 Oct 2023 10:00:23 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 746bddfcbac44d649b5b4b6920327d07
access-control-expose-headers: X-Sc
x-sc: muIJ_pAO67UPvaOW6CzazaCEecek9E7mWovpafPQ8R37yW0mzIQunR6Q0yFddHDiTFII62tzeDwV10s6hhpcVTs9OK0=
set-cookie: scm=1; expires=Sun, 27 Oct 2024 10:00:23 GMT; secure; SameSite=None
OAID=523ec0d870cb416f86691a830d7bbc60; expires=Sun, 27 Oct 2024 10:00:23 GMT; secure; SameSite=None
oaidts=1698487223; expires=Sun, 27 Oct 2024 10:00:23 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1349
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 28 Oct 2023 10:00:28 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://mycima18.wecima.watch
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

gishejuy.com/400/5097541

139.45.197.242

200 OK

162 kB

URL GET HTTP/2
gishejuy.com/400/5097541
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectgishejuy.com
Fingerprint99:91:AA:4E:BA:FC:75:A0:0A:79:EE:F6:15:64:FA:15:B2:BC:61:31
ValidityWed, 25 Oct 2023 09:21:45 GMT - Tue, 23 Jan 2024 09:21:44 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
162 kB (161822 bytes)
Hash
0fb2c832b66b4c3004365c472d37d1dc
17c70168847218823f568e8e599ce65a640f4cd5
9bf3c0cc06b65fa3cdb1f5dfd8ae3eecc3d094cf3a0e5fd2f1ac6fac1ca2ffba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /400/5097541 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 28 Oct 2023 10:00:23 GMT
content-type: application/javascript
x-trace-id: 2817378212f744d73d9a85a7948e17fe
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=f07265e1cb2c4c84adb0611f76bf2fbf; expires=Sun, 27 Oct 2024 10:00:23 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

cameesse.net/9?z=4807448&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmycima18.wecima.watch%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=65dc8b688d2d487db57fedba9a10a0c1

139.45.197.242

200 OK

7 B

URL POST HTTP/2
cameesse.net/9?z=4807448&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmycima18.wecima.watch%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=65dc8b688d2d487db57fedba9a10a0c1
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6
ValidityWed, 18 Oct 2023 10:27:53 GMT - Tue, 16 Jan 2024 10:27:52 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /9?z=4807448&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmycima18.wecima.watch%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=65dc8b688d2d487db57fedba9a10a0c1 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 429
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: scm=1; OAID=523ec0d870cb416f86691a830d7bbc60; oaidts=1698487223
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 28 Oct 2023 10:00:23 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://mycima18.wecima.watch
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 1c0fc545c8e3f5b87123414d95a2477c
access-control-expose-headers: X-Sc
set-cookie: OAID=65dc8b688d2d487db57fedba9a10a0c1; expires=Sun, 27 Oct 2024 10:00:23 GMT; secure; SameSite=None
oaidts=1698487223; expires=Sun, 27 Oct 2024 10:00:23 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-solid-900.woff2

172.64.147.188

200 OK

304 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-solid-900.woff2
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 303544, version 768.256\012- data
Size
304 kB (303544 bytes)
Hash
78863e0f6e65fbe6175866e6d5b6f18a
8cda0fc2a701bd6dcfaa94261178fa78df1d15de
82877c6d33c5d786db4815f756437c3e853e08bf8c6c267fd246760d2a96d029

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:23 GMT
content-type: font/woff2
content-length: 303544
x-amz-id-2: UGQ6xSihhhcTLCiKRxRP8XCynEaXxy8BLCuCTEpnjMXLywu4ZpFA4LQNDXRu5e1XmTzwnsyxVTCweqOtpRYFzw==
x-amz-request-id: 9FK5PMR4E6M6HH88
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "78863e0f6e65fbe6175866e6d5b6f18a"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 38328
accept-ranges: bytes
server: cloudflare
cf-ray: 81d254ddde78b4eb-OSL
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=73a4e032-fc9b-4d20-b18c-37d517d5a9b4&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=5aab22948fc5f2edc2ca37dff2cd916f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10

192.243.59.13

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=73a4e032-fc9b-4d20-b18c-37d517d5a9b4&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=5aab22948fc5f2edc2ca37dff2cd916f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintBE:8C:78:D1:BA:58:B8:88:10:09:32:1D:31:7A:D9:4A:09:BF:6C:7A
ValiditySat, 23 Sep 2023 07:33:12 GMT - Fri, 22 Dec 2023 07:33:11 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=73a4e032-fc9b-4d20-b18c-37d517d5a9b4&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=5aab22948fc5f2edc2ca37dff2cd916f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 28 Oct 2023 10:00:24 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 35822a301db67ffe2e7f974e5409da06
Strict-Transport-Security: max-age=0; includeSubdomains

cameesse.net/1?z=4967771

139.45.197.242

404 Not Found

0 B

URL GET HTTP/2
cameesse.net/1?z=4967771
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6
ValidityWed, 18 Oct 2023 10:27:53 GMT - Tue, 16 Jan 2024 10:27:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1?z=4967771 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: scm=1; OAID=523ec0d870cb416f86691a830d7bbc60; oaidts=1698487223
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Sat, 28 Oct 2023 10:00:23 GMT
content-type: text/plain; charset=utf-8
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 66967964a05d02029b24ba03f84da79c
access-control-expose-headers: X-Sc
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.163.2

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
172.64.163.2:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85471 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: a7f573ce2d4adc1787242d276432c965
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 28 Oct 2023 10:00:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKhkstQX5yWaUbCqXM3RFLSe7RHbGxrtSqiNr%2FU%2FicvZVKiN3ydftPsPq%2BSEBLvanGNzWkkFGT5m78eugxbuGgS0TLQOyTErQhVbaeIs8T7MudFyhjshmYgT3vsJ8ZvHrkhcqTw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d254d34c157201-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

professionalswebcheck.com/stats

3.73.202.184

200 OK

40 B

URL GET HTTP/2
professionalswebcheck.com/stats
IP
3.73.202.184:443
ASN
#16509 AMAZON-02

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
2104915a93fdca0daaf3e03ece014cc1
26194425fccba91e41b956eafcb766b2975022f5
00cc1fff5542c539a10a86ccb309a9f9f856a6c69e83029e0557f3752b7dcb7e

HTTP Headers

GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mycima18.wecima.watch
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=73a4e032-fc9b-4d20-b18c-37d517d5a9b4:2:1; expires=Tue, 25 Oct 2033 10:00:22 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

wecima.tube/wp-content/uploads/2023/02/wecima-favicon-1.png

188.114.96.1

301 Moved Permanently

5.5 kB

URL GET HTTP/2
wecima.tube/wp-content/uploads/2023/02/wecima-favicon-1.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint38:85:67:EA:CB:D5:AA:EA:AA:13:D8:8E:A0:F9:5E:3A:EC:0B:54:66
ValidityThu, 02 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type

Size
5.5 kB (5499 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/uploads/2023/02/wecima-favicon-1.png HTTP/1.1
Host: wecima.tube
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 28 Oct 2023 10:00:23 GMT
content-type: text/html
location: https://mycima18.wecima.watch/wp-content/uploads/2023/02/wecima-favicon-1.png
cache-control: max-age=31536000
cf-cache-status: HIT
age: 728
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffUEFOFDh9MVJuMCN%2B0h44B6c3NU%2F%2B%2BVUbuXo1xmm567Fq1r3ZFKB9qMn67gEVuzvS%2BPNDPJJKdPtdYt7LbDZFTaffrU1pQ5HiL0BVrKyYwd8K5nWuoYx1VAsZkv4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d254d91b985696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

104.21.11.245

200 OK

19 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
104.21.11.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint52:B8:ED:73:BB:55:6F:9C:F8:97:7C:04:34:2B:AD:DB:55:0A:C9:6A
ValidityThu, 05 Oct 2023 17:59:18 GMT - Wed, 03 Jan 2024 17:59:17 GMT

File type
ASCII text, with very long lines (18369)
Size
19 kB (19019 bytes)
Hash
89e89aea544ea2785d49cc4cd9cf26f6
7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:23 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
etag: W/"64f987a8-4a4b"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4316
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOHNwSI%2BZNuztp6hU%2BPrSXJUt5GpMwdH0Dy%2FQ71biTQXzeEp7U%2BYxbqgVb%2B0hHITXtQXFF51xpqGKDSvh%2Fm%2F1bNYBwMtbTlgM%2BwbKtdfucJ%2BxGLCyfgEunrlLuw3JA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d254daeaa556ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mycima18.wecima.watch/profile/admin/

188.114.97.1

302 Found

351 kB

URL User Request GET HTTP/2
mycima18.wecima.watch/profile/admin/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type

Size
351 kB (350932 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /profile/admin/ HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 28 Oct 2023 10:00:20 GMT
content-type: text/html; charset=UTF-8
location: https://mycima18.wecima.watch
x-redirect-by: WordPress
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wukletemk2M6lBy5BzQ3bJqLzrlxp5%2BLVzfV5f10aSaNZuLdZRGsL1EXuBkCZIGhEoix%2BBV5UVHf8r16LCdmGRbrRZPCAdQ4NvQa0%2Fp27Pe4FaQlT%2BHs5ba290UXNkfzLTlS4bAFct8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254cad9f956a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mycima18.wecima.watch/insights.php

188.114.97.1

200 OK

35 B

URL POST HTTP/3
mycima18.wecima.watch/insights.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
35 B (35 bytes)
Hash
6b652cac01878c3fd56eb6144f8ec758
2fb0dbad10a7c55b807ebc198e20ed61e8e1569f
95eff1092198a47f11a7261d5419945c9b7745f457589fc3c9f1cbac4cd5fe95

HTTP Headers

POST /insights.php HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 12
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:21 GMT
content-type: application/json
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39hiUMbGqmgW0t5VtLwntf95lqae6twZFWjxlM06DWHb7aEewkXjuaPw5gV0rdc40b8RiXaqT%2BdlAPWClSHLfEq1RC0l6VVbIpkFJtMlS7NZ%2BtnIW23c68ot%2BFrv%2FW9iViiPzjYwerA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254d0ce2b569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.2.2

188.114.97.1

200 OK

88 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.2.2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
88 kB (88059 bytes)
Hash
b4999cbb6a73a9b312f635cff75e5a53
c7b683fc72d06eac129185c3e60362f5c1adc2a8
736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.2.2 HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:21 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 22 Aug 2021 16:57:00 GMT
etag: W/"612281dc-157fb"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wusynTRS9L%2B5Mvb1%2F14FZzyXL%2Bx2Vk7EzNlpMY%2B2qFG7mg92%2BkwkL4H7zFS7xdW2MG7KlSFiXe%2BraBL8q1l5wX7SdWnRVJWS9eWJwPK2cSF%2FXF6YT6K0%2BMUUf0%2Fm9%2BWBIiUdCilD8Ow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d254ce3bf2569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/AjaxCenter/RightBar/

188.114.97.1

200 OK

87 kB

URL GET HTTP/3
mycima18.wecima.watch/AjaxCenter/RightBar/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
JSON data\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
87 kB (86672 bytes)
Hash
ef8dbce000adc143e2c3ac9e936e5e52
2e0cc488722bc0d47b79c71a80e89ddd6b53e698
cc27ad7e00afdeac1dd29768484881275dbe1a6c7863ff54d22eef18039def4f

HTTP Headers

GET /AjaxCenter/RightBar/ HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1; pp_main_5aab22948fc5f2edc2ca37dff2cd916f=1; pp_exp_5aab22948fc5f2edc2ca37dff2cd916f=1698490823827; dom3ic8zudi28v8lr6fgphwffqoz0j6c=73a4e032-fc9b-4d20-b18c-37d517d5a9b4%3A2%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:23 GMT
content-type: application/json
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkPOM%2FZzpLSJGlCFWSrDbIDT8NnRBPwrpAcQyPpkSuvIKr1dzZRDPfEzoqLcVRVqJshE8HxJEG%2FsHlveba6wWKBxnVqXdJPmOIWtnqfZ68KhsSadf67PVIzo52dz7j34nJFU6KTB%2F4c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254dd292f569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cameesse.net/27/1a35f96fe99c6fb6ce26f56167ed6e04

139.45.197.242

200 OK

412 kB

URL GET HTTP/2
cameesse.net/27/1a35f96fe99c6fb6ce26f56167ed6e04
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint95:AE:4C:29:A9:9F:0C:04:38:32:00:81:30:07:95:A7:F8:B0:77:D6
ValidityWed, 18 Oct 2023 10:27:53 GMT - Tue, 16 Jan 2024 10:27:52 GMT

File type
ASCII text, with very long lines (65523)
Size
412 kB (412537 bytes)
Hash
e3d10345a5e4f16d7842e70768393edd
96f2cc5910d6179f94a71eb9710d24504bb4b5c8
105cdd8ee1488423586ad4e289970eafc093376355ecc88bfc3eaed4ea3f2432

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /27/1a35f96fe99c6fb6ce26f56167ed6e04 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: scm=1; OAID=523ec0d870cb416f86691a830d7bbc60; oaidts=1698487223
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 28 Oct 2023 10:00:23 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: https://french-stream.moe
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: c80fd5c82dd7d6d6108b1ef978aab893
cache-control: max-age:290304000, public
last-modified: Thu, 19 Oct 2023 07:17:48 GMT
expires: Thu, 18 Nov 2083 07:17:48 GMT
access-control-expose-headers: X-Sc
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

groorsoa.net/5/4796941/?oo=1&js_build=iclick-v1.615.0

139.45.197.245

200 OK

2.8 kB

URL GET HTTP/2
groorsoa.net/5/4796941/?oo=1&js_build=iclick-v1.615.0
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerLet's Encrypt
Subjectgroorsoa.net
FingerprintD7:6E:83:AB:7A:9A:E5:7C:B8:7B:8D:12:E4:FD:B6:E5:71:49:D0:F8
ValidityMon, 23 Oct 2023 16:34:15 GMT - Sun, 21 Jan 2024 16:34:14 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3059), with no line terminators
Size
2.8 kB (2819 bytes)
Hash
d21f6d933d3dd70a765d2711b8f68908
92a96efb0bfdbd581a9741734c710f21b76844e6
435b306263f79795d0bb5c165459a26808957471c53cae33fa91682254308e28

HTTP Headers

GET /5/4796941/?oo=1&js_build=iclick-v1.615.0 HTTP/1.1
Host: groorsoa.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mycima18.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: application/json
x-trace-id: f4e4cbfeb95642e78cb7042397b18904
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://mycima18.wecima.watch
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=65dc8b688d2d487db57fedba9a10a0c1; expires=Sun, 27 Oct 2024 10:00:22 GMT; path=/; secure; SameSite=None
oaidts=1698487222; expires=Sun, 27 Oct 2024 10:00:22 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

mycima18.wecima.watch/wp-includes/css/classic-themes.min.css?ver=6.2.2

188.114.97.1

200 OK

291 B

URL GET HTTP/3
mycima18.wecima.watch/wp-includes/css/classic-themes.min.css?ver=6.2.2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
ASCII text, with no line terminators
Size
291 B (291 bytes)
Hash
2485a0fab337da61deb41cc4aa994c1b
af1a1d4c6b7c287dc881dd4f46b6b547ac5a5353
7e0bdafc01d81aed845a69d0a32120145155f75aca4c603d8952de7ecc5c6410

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=6.2.2 HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:21 GMT
content-type: text/css
last-modified: Thu, 08 Jun 2023 18:55:51 GMT
etag: W/"64822437-123"
cache-control: max-age=14400
cf-cache-status: HIT
age: 827
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmKnh%2FuZNcWh0sQ8P5rmDKakcLlasqKxYUl1oXsb9ccHSu8JrnoPiY2dVFahotjQqI51%2BYPAtNI0ZBqPzux0ZFHMYNoXVFa7gIol8KZa87BWuTp5mo3gFJ9zGTeJzgj%2FS3JHN14Rqzg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d254ce3bed569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?1659366893&ver=6.2.2

188.114.97.1

200 OK

153 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?1659366893&ver=6.2.2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type

Size
153 kB (152752 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?1659366893&ver=6.2.2 HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:21 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 13 Feb 2023 19:31:57 GMT
etag: W/"63ea902d-254b0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1135
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chp9EgfGc6mV%2Fue6B99xSvvLZtB6QUl8i6KAlhKn%2BHQ2EWWqe2D625DBksAn15TqlFqQYQ8NRGFPG1YYQfY8McNIozpy%2B6xxyKmP8IL%2BoRrmCeMunB0T4aOSTEEH38Pofe1dU%2FAhVAc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d254ce4bfe569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

site-assets.fontawesome.com/releases/v6.0.0/css/all.css

172.64.147.188

200 OK

466 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/css/all.css
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65360)
Size
466 kB (465728 bytes)
Hash
c8ccf9786058107114b343d52efb40bc
f690727a3f4aede7f2287320db4a07874381c10c
7ef19507353beb14a0415f80892c79742e8bd5072cfafd0e8806b12baeb7ef2d

HTTP Headers

GET /releases/v6.0.0/css/all.css HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:22 GMT
content-type: text/css
x-amz-id-2: 337fVZ4ZdAKxyzLnKE2d+X71JOK4Oe9XxTBYW44KQJLUzI1Pgj+HvUUa7hlvsA8Uwn/cBkw1fX0=
x-amz-request-id: G4RKZP5PY830TVGW
last-modified: Mon, 07 Feb 2022 20:23:49 GMT
etag: W/"c8ccf9786058107114b343d52efb40bc"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 119588
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d254d4afd11bfa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

mycima18.wecima.watch/page/2/

188.114.97.1

200 OK

352 kB

URL GET HTTP/3
mycima18.wecima.watch/page/2/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type

Size
352 kB (351616 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /page/2/ HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Cookie: _ga_6JHTFKY3P3=GS1.1.1698487222.1.0.1698487222.0.0.0; _ga=GA1.1.212925772.1698487223; pp_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1; pp_main_5aab22948fc5f2edc2ca37dff2cd916f=1; pp_exp_5aab22948fc5f2edc2ca37dff2cd916f=1698490823827; dom3ic8zudi28v8lr6fgphwffqoz0j6c=73a4e032-fc9b-4d20-b18c-37d517d5a9b4%3A2%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:23 GMT
content-type: text/html; charset=utf-8
last-modified: Sat, 28 Oct 2023 09:39:29 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYKzD%2FTGPp4WWyaz4qL5ub0RjZeF0qihTr0UVYsIVzUDgV%2FFJWabzE9yZqxJDOB6JuKf4124fw3gblfF%2BQRFiE54xcCPOXJWxTMAIE72xV4LoYZpFvQinmYYENvkZh56ewbSxxtVzUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254dd795b569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mycima18.wecima.watch/

188.114.97.1

200 OK

351 kB

URL User Request GET HTTP/2
mycima18.wecima.watch/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type

Size
351 kB (350932 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Oct 2023 10:00:21 GMT
content-type: text/html; charset=utf-8
last-modified: Sat, 28 Oct 2023 09:38:53 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ff80MonYO2eYaOIEZUA9XuAAkFFqly9lFMfs1dbLqqRqEd%2FMNr6oP1S%2B67KVdSfa0FZ90egXpBfTXlkBlNifglVPWk353SuIHl%2F9A3quSIvrA7SeEJOWDOmdOhqkLSEgM0n1acQWzaU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81d254cb3a3856a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.2.2

188.114.97.1

200 OK

95 kB

URL GET HTTP/3
mycima18.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.2.2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima18.wecima.watch/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
FingerprintB7:D4:0A:4C:01:E5:AD:7B:78:9E:57:40:6B:0A:65:9F:93:2F:7D:52
ValidityTue, 26 Sep 2023 13:10:12 GMT - Mon, 25 Dec 2023 13:10:11 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
95 kB (95124 bytes)
Hash
fcdee094e98d38fe380e1b5aad9bf444
d0ea8bb98673c7daa2da3af292eeea39a4f7479a
ab97310577a6474ae4b0bd9bb8ef5267698bb9fa61127cb358d4512676d90488

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.2.2 HTTP/1.1
Host: mycima18.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima18.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Oct 2023 10:00:21 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 22 Aug 2021 16:57:00 GMT
etag: W/"612281dc-17394"
cache-control: max-age=14400
cf-cache-status: HIT
age: 826
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaNLZAFdSdso1zTjmAsAoL0QKex8fFwx6wkA9G6NBQlgLYI8KTjMIH%2BGXCTvmAWP5Tm6umA89vvXHYLLaQXqy2V0vA6AqAW9q44WOI1AG3yNeCIMZkqmHEXhtpg%2BvcUEa8OApbDQlB0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81d254ce4bf7569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash