Report - mycima4.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/

Report Overview

Visited public
2023-09-10 00:02:05
Tags
Submit Tags
URL
mycima4.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Finishing URL
mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
مشاهدة فيلم Dunkirk 2017 مترجم - وى سيما wecima ماى سيما mycima

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
addresseepaper.com	18169	2021-11-01	2021-11-01 22:11:31	2023-09-09 18:20:44	408 B	0 B	0.0.0.0
sculpturelooking.com	unknown	2023-09-08	2023-09-09 03:40:50	2023-09-09 16:17:56	494 B	469 B	173.233.139.164
mycima9.wecima.watch	unknown	2023-02-02	2023-09-08 03:06:14	2023-09-09 01:42:05	13 kB	2.2 MB	188.114.97.1
b.m2track.co	694165	2019-08-27	2020-11-25 08:14:25	2023-08-25 09:34:11	4.7 kB	8.9 kB	44.197.62.246
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-09-09 20:18:17	475 B	749 B	139.45.195.8
unpkg.com	11693	2016-01-06	2016-01-08 00:26:01	2023-09-09 18:12:01	2.7 kB	1.5 MB	104.16.123.175
upgulpinon.com	83187	2020-06-05	2020-06-05 14:59:18	2023-09-09 19:07:10	407 B	647 B	139.45.197.242
cima57.upbaam.com	unknown	unknown	No data	No data	586 B	757 B	104.21.22.216
fleraprt.com	unknown	2022-01-14	2022-01-14 23:55:14	2023-09-09 20:18:19	539 B	488 B	139.45.195.254
inklinkor.com	unknown	2022-04-01	2022-04-01 13:44:00	2023-09-09 18:43:23	407 B	81 kB	172.67.211.29
professionalswebcheck.com	unknown	2022-04-01	2022-04-02 00:47:29	2023-09-09 20:57:11	446 B	427 B	52.57.147.240
asnincadar.com	unknown	2023-09-04	2023-09-04 20:49:12	2023-09-09 19:01:46	409 B	85 kB	139.45.197.242
dubzenom.com	unknown	2023-09-05	2023-09-05 23:18:26	2023-09-09 18:41:55	1.7 kB	7.0 kB	139.45.197.245
wd.dimcarnie.com	unknown	2023-07-17	2023-07-19 02:38:29	2023-09-03 18:59:58	421 B	1.4 kB	23.109.82.75
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-09-09 21:22:53	439 B	91 kB	104.17.24.14
tzegilo.com	unknown	2022-01-14	2022-01-14 16:27:15	2023-09-09 20:18:18	405 B	20 kB	172.64.137.24
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-09-09 21:22:53	416 B	31 kB	69.16.175.42
wecima.tube	unknown	2023-02-02	2023-02-02 03:54:18	2023-09-01 01:15:22	461 B	6.4 kB	188.114.96.1
	unknown				625 B	7.7 MB	194.110.207.42
mycima4.wecima.watch	unknown	2023-02-02	2023-08-28 01:47:35	2023-09-08 03:47:41	591 B	352 kB	188.114.97.1
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-09-09 22:31:21	891 B	154 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-09-09 18:34:13	2.7 kB	62 kB	216.58.207.227
site-assets.fontawesome.com	299062	2012-10-18	2022-02-10 07:20:21	2023-09-09 21:59:28	2.7 kB	1.6 MB	104.18.22.52
eedsaung.net	unknown	2022-07-09	2022-08-18 13:22:07	2023-09-09 19:01:46	1.9 kB	458 kB	139.45.197.242
cdn.madservs.com	unknown	2021-07-08	2022-12-06 04:31:56	2023-08-25 09:34:12	1.3 kB	6.3 kB	151.139.128.11
alteredyacht.com	unknown	2023-08-22	2023-08-22 03:51:26	2023-09-05 05:19:21	442 B	18 kB	173.233.137.44
banquetunarmedgrater.com	unknown	2022-08-04	2022-08-04 17:12:50	2023-09-09 18:20:45	420 B	327 B	173.233.137.44

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-10	medium	alteredyacht.com	Sinkholed
2023-09-09	medium	banquetunarmedgrater.com	Sinkholed
2023-09-09	medium	fleraprt.com	Sinkholed
2023-09-09	medium	asnincadar.com	Sinkholed
2023-09-09	medium	addresseepaper.com	Sinkholed
2023-09-09	medium	dubzenom.com	Sinkholed
2023-09-09	medium	dubzenom.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (30)

	URL	From	Size	First Seen	Last Seen
	b.m2track.co/adb/zui/NTkxMDEzMzMtMjk1MTkwMTMtMjAyMy0wOS0xMC0wMHw5MS45MC40Mi4xNTR8fDY0ZmQwNzZhZDA1OGU=.js?data=ZmdjQTZ0NlZGU2xTRHEyZXQ5UTA2ODE4RmtuQWROeStlQXNZRGh1c2kwRHFQZGNwaVJ3TGpCaDRRK1BFTlZtWnVkc2pqbFhrUHBkU29CVURzbm9ZUEVvbStMcGIremNKNjQ5UVNoUG80MFU9	ScriptElement	14 B	2023-03-07	2025-05-31
Pretty URL b.m2track.co/adb/zui/NTkxMDEzMzMtMjk1MTkwMTMtMjAyMy0wOS0xMC0wMHw5MS45MC40Mi4xNTR8fDY0ZmQwNzZhZDA1OGU=.js?data=ZmdjQTZ0NlZGU2xTRHEyZXQ5UTA2ODE4RmtuQWROeStlQXNZRGh1c2kwRHFQZGNwaVJ3TGpCaDRRK1BFTlZtWnVkc2pqbFhrUHBkU29CVURzbm9ZUEVvbStMcGIremNKNjQ5UVNoUG80MFU9 IP 44.197.62.246 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39 Last Seen2025-05-31 20:45 Times Seen29 Hash b22157c4043910c5d040a4580744f1e4 72cbcc3bd16eb060bfee9c3b40a8defb212f4e1a 717ad9548beeb68612e9d6a0c0638f0c489429bf813e81b29af3181de0455c2e Loading...

	asnincadar.com/400/5097541	ScriptElement	84 kB	2023-09-10	2023-09-10
Pretty URL asnincadar.com/400/5097541 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-10 02:02 Last Seen2023-09-10 02:02 Times Seen1 Hash 60d921047ab177d55c8a42810cccb693 ac65523fccefdfe04c1d47ded016f09858b95b3a 2d9271c516bf94908fca79d81963fc422ba228b764a50e4c9aec137bb831fbdd Loading...

	tzegilo.com/stattag.js	ScriptElement	19 kB	2023-09-07	2024-08-21
Pretty URL tzegilo.com/stattag.js IP 172.64.137.24 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-07 20:07 Last Seen2024-08-21 07:20 Times Seen2395 Hash 89e89aea544ea2785d49cc4cd9cf26f6 7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b 86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9 Loading...

	mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/	ScriptElement	158 B	2023-03-25	2025-07-09
Pretty URL mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-25 21:52 Last Seen2025-07-09 01:05 Times Seen122 Hash d8df6d4045b4e1124661b5df5086c10e c17b97603a604f539a451c6d001308b0654b909c b9848daa1b8d843e20a1540f95910ea8e5190b6e22ba895ed2d1ab380f7c48d1 Loading...

	unknown	Function	79 B	2023-04-11	2025-07-16
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-07-16 08:52 Times Seen118608 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677	ScriptElement	3.9 kB	2023-06-08	2025-04-09
Pretty URL mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-08 23:32 Last Seen2025-04-09 05:14 Times Seen30 Hash bb3e4f03b87b3b3a6de5024626ff1b00 9b89fdf8178bba86940ef981524e7ff6b900c86a 2dfad1dd618978e8aaea97be4ff1d7b750b6cf8c72854c68ca4d15734e050f6f Loading...

	mycima9.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?2064532023&ver=6.2.2	ScriptElement	153 kB	2023-03-25	2024-08-21
Pretty URL mycima9.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?2064532023&ver=6.2.2 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 21:52 Last Seen2024-08-21 08:31 Times Seen84 Hash 01d86e0593e8805ec600bce502493839 7de61d6bc3f856ed4643c4d9ed9d843ac3277b4e 4f7d4554a7292450b3ff6ae2142e033a0daf173134a052a6681921f8270ca9be Loading...

	b.m2track.co/adb/zone/160.js?v=1.22	ScriptElement	1.5 kB	2023-05-27	2025-05-31
Pretty URL b.m2track.co/adb/zone/160.js?v=1.22 IP 44.197.62.246 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-27 13:08 Last Seen2025-05-31 20:45 Times Seen36 Hash 5feecf6ec1cc360c25e1a58fc54d9800 d161b7d24be0c3ab461bddd0e0b91ddc84ec6b42 ea741bfb8216c151ce5d8d86550a37b1380f34a7a7e80ac4c19872d76234348a Loading...

	alteredyacht.com/5a/ab/22/5aab22948fc5f2edc2ca37dff2cd916f.js	ScriptElement	40 kB	2023-09-10	2023-09-10
Pretty URL alteredyacht.com/5a/ab/22/5aab22948fc5f2edc2ca37dff2cd916f.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-10 02:02 Last Seen2023-09-10 02:02 Times Seen1 Hash 73df32d5dcc937d0d8a65f30d21e1151 7ed698e087713b502fa89f3cdb2511a1702d3058 31d2831f455463c730432bbbcb66b5fe024cac1ef6fbb2b4db8908b84e57530f Loading...

	eedsaung.net/1?z=4807448	ScriptElement	43 kB	2023-09-10	2023-09-10
Pretty URL eedsaung.net/1?z=4807448 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-10 02:02 Last Seen2023-09-10 02:02 Times Seen1 Hash 7f86548d58c21adfafd3201b857886e0 524b375d990861a822ce2c9730fda4d4b9bd2f19 7ab642f3cf4f7d0683a286a06aaff442fd5b4b35b54adb32feb846c95d411be2 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-07-16
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-07-16 08:54 Times Seen409195 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677	ScriptElement	6.0 kB	2024-08-21	2024-08-21
Pretty URL mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 07:10 Last Seen2024-08-21 07:10 Times Seen1 Hash 53622cb69cc97d166214ef79d4e78594 59c51ff6cdbc56aeef4cad7354e02518bac325a4 073b4fa42c5717f54c4a6388dee71243bc672aea66aa0ba25377b9de378a9ae1 Loading...

	unpkg.com/videojs-flash/dist/videojs-flash.js	ScriptElement	39 kB	2023-03-07	2025-07-13
Pretty URL unpkg.com/videojs-flash/dist/videojs-flash.js IP 104.16.123.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39 Last Seen2025-07-13 02:12 Times Seen204 Hash b671db9a73a06770313c1a05bcdc0b58 12280acce4192448e93e3b2ef9e1adf6c6eba94a 9162832cc3ed9507d8f869dd0d4fd0dacde05a078172d82a98b05e0aef1f1a34 Loading...

	inklinkor.com/tag.min.js	ScriptElement	80 kB	2023-09-05	2023-09-11
Pretty URL inklinkor.com/tag.min.js IP 172.67.211.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-05 23:18 Last Seen2023-09-11 05:51 Times Seen93 Hash c24ca6331005f0f3a13b4c73436360c9 5a480621b67be51f4c86d8229c9f9b7b88421ad3 04aa8c8fd08ed9b9b26e66314da286da6bdda7131cb826cbd0855a475acac295 Loading...

	b.m2track.co/adb/za/161.js?v=1&v=1.22&t=64fd076ab6c8b4.9023282&&referer=https%3A%2F%2Fmycima9.wecima.watch%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-dunkirk-2017-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&ct=1694304106714	ScriptElement	7.6 kB	2023-09-10	2023-09-10
Pretty URL b.m2track.co/adb/za/161.js?v=1&v=1.22&t=64fd076ab6c8b4.9023282&&referer=https%3A%2F%2Fmycima9.wecima.watch%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-dunkirk-2017-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&ct=1694304106714 IP 44.197.62.246 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-10 02:02 Last Seen2023-09-10 02:02 Times Seen1 Hash 97137d59bd07fb0967ef78532c0ab1a0 de55dbcc0d8d5bbe66fb6d7925cc4ce77742fa20 a9e1ca9dd210ab97c8bfc7834511afb9f98969752fe93c11e4e5a91f78de38bb Loading...

	mycima9.wecima.watch/wp-content/themes/Mycima2021/js/vidjs-2.js	ScriptElement	27 kB	2023-06-08	2025-04-09
Pretty URL mycima9.wecima.watch/wp-content/themes/Mycima2021/js/vidjs-2.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 23:32 Last Seen2025-04-09 05:14 Times Seen30 Hash 406de09ea0c4fcf430d7892e791d4023 791aeaa7193be874b8afd390a0283d3118e79d44 f134a2cd798e0b14125b8b625c46317eb16a70e5032ad0029bae6f0c5c087e51 Loading...

	code.jquery.com/jquery-3.5.1.min.js	ScriptElement	90 kB	2023-03-07	2025-07-16
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 08:35 Times Seen124382 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	cdnjs.cloudflare.com/ajax/libs/video.js/7.0.0/video.min.js	ScriptElement	396 kB	2023-06-08	2025-04-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/video.js/7.0.0/video.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 23:32 Last Seen2025-04-09 05:14 Times Seen33 Hash 32803413b97579648bb6d086fde72f08 8a7d229a24879f094e80b78e417c90d07cdc4f13 8636f49e04c3b2b95dbdc4bc2dfff6d5babbfd642eab954087deaa7c2c2fae11 Loading...

	eedsaung.net/27/070415381a10b3075162cd0e38d81666	ScriptElement	413 kB	2023-09-04	2023-09-11
Pretty URL eedsaung.net/27/070415381a10b3075162cd0e38d81666 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-04 20:49 Last Seen2023-09-11 03:44 Times Seen41 Hash 94339aa44b4511531dcb4660501db608 ca8df2ebb99346d5e933c734d9189197c9f2715f 3820310916466a4b86c1de8114ec8cfe8f8a259c121104587219e7d84f84b84f Loading...

	unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js	ScriptElement	717 kB	2023-03-07	2025-07-12
Pretty URL unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js IP 104.16.123.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-07-12 16:10 Times Seen73 Hash f4cfc74056724c22c4841e1d085e51e2 c9d7412fe37b091832074ee9c5656849e87ef41c aa938226e6eddc96da5a52d7a9aba85c6b4eed0e56ad1ca66fd8f5ee8bb0acd1 Loading...

	banquetunarmedgrater.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-07-16
Pretty URL banquetunarmedgrater.com/advertisers.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-07-16 08:54 Times Seen5434432 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	mycima9.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.2.2	ScriptElement	88 kB	2023-03-07	2025-07-09
Pretty URL mycima9.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.2.2 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26 Last Seen2025-07-09 09:53 Times Seen309 Hash b4999cbb6a73a9b312f635cff75e5a53 c7b683fc72d06eac129185c3e60362f5c1adc2a8 736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302 Loading...

	unknown	Function	37 B	2023-04-11	2025-07-16
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-07-16 08:53 Times Seen301505 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3	ScriptElement	263 kB	2023-09-10	2023-09-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-10 02:02 Last Seen2023-09-10 02:02 Times Seen1 Hash fe98f801e335103a68a6adc02bda7399 740a355a55cbd7f2f1d143405ad69ffe13014ff4 cf03676c33c73486ad33e0076fe9cc72f17a7042646b99e46c4328dc62caab6d Loading...

	mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/sandbox%20eval%20code		147 B	2023-04-11	2025-07-16
Pretty URL mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-07-16 08:54 Times Seen409602 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	b.m2track.co/adb/za/160.js?v=1&v=1.22&t=64fd076ac28f5c.96691454&&referer=https%3A%2F%2Fmycima9.wecima.watch%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-dunkirk-2017-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&ct=1694304106761	ScriptElement	7.6 kB	2023-09-10	2023-09-10
Pretty URL b.m2track.co/adb/za/160.js?v=1&v=1.22&t=64fd076ac28f5c.96691454&&referer=https%3A%2F%2Fmycima9.wecima.watch%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-dunkirk-2017-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&ct=1694304106761 IP 44.197.62.246 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-10 02:02 Last Seen2023-09-10 02:02 Times Seen1 Hash df1a6f5f3805e0e2ca3f77178b6f1159 abb575aefac9643c1194a1a97f6027e37fadc772 ff53c4375dffb4e1414f10f8a55259237756b224041496303265bb4989027678 Loading...

	mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/	ScriptElement	807 B	2024-08-21	2024-08-21
Pretty URL mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 07:10 Last Seen2024-08-21 07:10 Times Seen1 Hash 1ee712273a48734e0a55409624cc4993 c4d9de7b6bbf4302233f52dd5a62118a64651b68 768d6993a264007ccbca64c24fdff161e57e54e26460953cab5ccbdf51096f56 Loading...

	mycima9.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.2.2	ScriptElement	95 kB	2023-03-07	2025-07-09
Pretty URL mycima9.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.2.2 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39 Last Seen2025-07-09 01:05 Times Seen141 Hash fcdee094e98d38fe380e1b5aad9bf444 d0ea8bb98673c7daa2da3af292eeea39a4f7479a ab97310577a6474ae4b0bd9bb8ef5267698bb9fa61127cb358d4512676d90488 Loading...

	mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/	ScriptElement	193 B	2023-05-27	2025-06-11
Pretty URL mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-27 13:08 Last Seen2025-06-11 21:33 Times Seen145 Hash 82455ac64431deea965cf4b1ffc05c92 9f35df08bd07430163df6795cb73e39c98848019 2b084b56d488c9519ac67d0da4aa9d1488d51fbb731ecf657cd231975213ed51 Loading...

	www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c	ScriptElement	175 kB	2023-09-10	2023-09-10
Pretty URL www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-10 02:02 Last Seen2023-09-10 02:02 Times Seen1 Hash d6d3b6dd246eb842d6a2c71ae5f0bfc4 6db0a9dafac47b79431e5816b8a5c558587283e7 53e5167a57a5bd5bcd8fca049ad4f05857fbcb7cbf0bf649cb7a943c7502b202 Loading...

HTTP Transactions (68)

URL IP Response Size

GET mycima9.wecima.watch/contents/avatars/50/1603596723.png

188.114.97.1

200 OK

843 B

URL GET HTTP/3
mycima9.wecima.watch/contents/avatars/50/1603596723.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
843 B (843 bytes)
Hash
f15a59cd9ed519c37d388a3349fad1ae
4e309604bb0d83712d9424e8ec9d4a40832a6fba
ab190b9e6dcf678843a1950b62258d3d1062481b947ade3183bcc1ef8cb9f212

HTTP Headers

GET /contents/avatars/50/1603596723.png HTTP/1.1
Host: mycima9.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 10 Sep 2023 00:01:45 GMT
content-type: image/png
content-length: 843
last-modified: Sun, 25 Oct 2020 03:32:03 GMT
etag: "5f94f1b3-34b"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 7148
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kV8aJyzg3VRnCsJFcVdekJ2kPHvzJ95B%2B8FvbNF2yRCQH7K41E4WqveBvANHOijCr3BznGzGb20CScPXZyHZ6OgNVejQrUHTx8Ajd4uncHI6C3Hj1A0bakkY0rH3%2Fbl0tp1SiKDq7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 804365f62984b524-OSL
alt-svc: h3=":443"; ma=86400

GET www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3

142.250.74.168

200 OK

89 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-6JHTFKY3P3
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT

File type
ASCII text, with very long lines (3651)
Size
89 kB (89023 bytes)
Hash
fe98f801e335103a68a6adc02bda7399
740a355a55cbd7f2f1d143405ad69ffe13014ff4
cf03676c33c73486ad33e0076fe9cc72f17a7042646b99e46c4328dc62caab6d

HTTP Headers

GET /gtag/js?id=G-6JHTFKY3P3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 10 Sep 2023 00:01:45 GMT
expires: Sun, 10 Sep 2023 00:01:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89023
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2

216.58.207.227

200 OK

8.5 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8488, version 1.0\012- data
Size
8.5 kB (8488 bytes)
Hash
b405dddf4639fdf946fed00d4b91139c
5df4eb97753c51715b996fcec1dec7e55877404b
b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima9.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8488
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Sep 2023 05:49:11 GMT
expires: Wed, 04 Sep 2024 05:49:11 GMT
cache-control: public, max-age=31536000
age: 411155
last-modified: Tue, 16 Jul 2019 03:31:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2

216.58.207.227

200 OK

11 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10580, version 1.0\012- data
Size
11 kB (10580 bytes)
Hash
245d8f75ea8c5799e5de85a8a7bd4172
7f546a6c551e87bb224124789c11fdb2f6429479
2f96f4fd6fe569f64e044e0409274b2f2d79976497a9b275deb497dbbfc542b0

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima9.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 08 Sep 2023 10:48:07 GMT
expires: Sat, 07 Sep 2024 10:48:07 GMT
cache-control: public, max-age=31536000
age: 134019
last-modified: Tue, 16 Jul 2019 03:31:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2

216.58.207.227

200 OK

8.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8948, version 1.0\012- data
Size
8.9 kB (8948 bytes)
Hash
3ca4aaa12ffa2e1f165db59f857ee5b0
1a72fa6677fa1b70f43d4a0abf3c309c211ee9fa
d404f987f0d261c3eff16cd778fb138d5c604af7f361e609ef0b91bac16d7e67

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima9.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 09 Sep 2023 14:56:14 GMT
expires: Sun, 08 Sep 2024 14:56:14 GMT
cache-control: public, max-age=31536000
age: 32732
last-modified: Tue, 16 Jul 2019 03:31:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET mycima9.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.2.2

188.114.97.1

200 OK

42 kB

URL GET HTTP/3
mycima9.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.2.2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
42 kB (41560 bytes)
Hash
b4999cbb6a73a9b312f635cff75e5a53
c7b683fc72d06eac129185c3e60362f5c1adc2a8
736173659d4431b8a53a08aacc1bec3ad3a2f44df5209c09d76c265374698302

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23footer/js/jquery-3.4.1.min.js?ver=6.2.2 HTTP/1.1
Host: mycima9.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 10 Sep 2023 00:01:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 22 Aug 2021 16:57:00 GMT
etag: W/"612281dc-157fb"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6396
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvEyyC6xairX%2Bcjp63JAYTXLNDMhLfl2dxgHQwRSD2HZl1nx8ZWQX9gZJrfMb%2FNQg12vLYplAJMeYmkAFs6leNLRBmH4TJOGYBtpmi4eYxVuqzqafFGWUlsaFC8d441bJvJSXVdJKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 804365f62988b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET fonts.gstatic.com/s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19984, version 1.0\012- data
Size
20 kB (19984 bytes)
Hash
0db10b5d1f471ef6c3a30158ff403106
ea993e87704687d1399a3b1fd79aa84c47659c82
e0e544b2864b4c3d7425f4eff9f9365b629abcbaf37f03d0bf5ba381f227d48a

HTTP Headers

GET /s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima9.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19984
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Sep 2023 08:26:38 GMT
expires: Thu, 05 Sep 2024 08:26:38 GMT
cache-control: public, max-age=31536000
age: 315308
last-modified: Tue, 01 Sep 2020 03:51:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET wd.dimcarnie.com/r8HgeqFAdIlM23fZd/40334

23.109.82.75

200 OK

20 B

URL GET HTTP/1.1
wd.dimcarnie.com/r8HgeqFAdIlM23fZd/40334
IP
23.109.82.75:443
ASN
#7979 SERVERS-COM

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerLet's Encrypt
Subjectwd.dimcarnie.com
Fingerprint19:BB:8B:A1:17:71:B3:B7:55:F8:E6:94:62:96:A8:FE:D1:43:19:77
ValidityMon, 17 Jul 2023 13:13:51 GMT - Sun, 15 Oct 2023 13:13:50 GMT

File type
gzip compressed data, from Unix\012- data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /r8HgeqFAdIlM23fZd/40334 HTTP/1.1
Host: wd.dimcarnie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 10 Sep 2023 00:01:46 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mycima9.wecima.watch
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Mon, 11-Sep-2023 00:01:46 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjAC%2FAKJi1buM2WoQuvwDRiYJgjztjP3WeLd%2FG8SilOE7CdkFSFqXJTHk1xLkFPcNOCBw%2FdyPzuv6AZnJ%2FAs8euDU6yWhYf1z9g8zfIYn9x9pN14pZoxQfw2rbu7%2B5xuHY30KQJHEUzOIypAr00fl7rHdA%3D; expires=Mon, 11-Sep-2023 00:01:46 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET b.m2track.co/adb/zone/161.js?v=1.22

44.197.62.246

302 Found

0 B

URL GET HTTP/1.1
b.m2track.co/adb/zone/161.js?v=1.22
IP
44.197.62.246:443
ASN
#14618 AMAZON-AES

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerAmazon
Subjectm2track.co
Fingerprint0E:39:EF:ED:CC:9F:0E:48:79:15:6E:2D:2D:6F:26:F7:1E:BE:6F:08
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 06 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /adb/zone/161.js?v=1.22 HTTP/1.1
Host: b.m2track.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sun, 10 Sep 2023 00:01:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://cdn.madservs.com/js/zone.js
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET b.m2track.co/adb/zone/160.js?v=1.22

44.197.62.246

302 Found

0 B

URL GET HTTP/1.1
b.m2track.co/adb/zone/160.js?v=1.22
IP
44.197.62.246:443
ASN
#14618 AMAZON-AES

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerAmazon
Subjectm2track.co
Fingerprint0E:39:EF:ED:CC:9F:0E:48:79:15:6E:2D:2D:6F:26:F7:1E:BE:6F:08
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 06 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /adb/zone/160.js?v=1.22 HTTP/1.1
Host: b.m2track.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sun, 10 Sep 2023 00:01:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://cdn.madservs.com/js/zone.js
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET mycima9.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23header/netflix.png

188.114.97.1

200 OK

3.5 kB

URL GET HTTP/3
mycima9.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23header/netflix.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3533 bytes)
Hash
54110064037a44285faf10b2cbe55e87
b2677d46ed052bfda6eecbb61ee5539349f5603d
c5b633a4f58b811923c6d41cbe24939af6aebb02e6796169c1797f0eeb31bdd4

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23header/netflix.png HTTP/1.1
Host: mycima9.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Cookie: _ga_6JHTFKY3P3=GS1.1.1694304106.1.0.1694304106.0.0.0; _ga=GA1.1.425629549.1694304106
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 10 Sep 2023 00:01:46 GMT
content-type: image/png
content-length: 3533
last-modified: Sun, 22 Aug 2021 16:56:59 GMT
etag: "612281db-dcd"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6397
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsN3ncYDDvbX71jWklBhv0Q6%2FQQqJBPxWo50HGINIQom2sUZwGj41TMGPKSzis3kQtptPUnLlndgv%2FPL%2BJCWcS9IsSqUS1rdiCkaBM1Q0mPr6F5jPROP8O8TsaZ%2BrGuZjuOEd6oEjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 804365f9db38b524-OSL
alt-svc: h3=":443"; ma=86400

GET mycima9.wecima.watch/wp-content/uploads/2020/01/Dunkirk-2017-360x520.jpg

188.114.97.1

200 OK

23 kB

URL GET HTTP/3
mycima9.wecima.watch/wp-content/uploads/2020/01/Dunkirk-2017-360x520.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x520, components 3\012- data
Size
23 kB (23250 bytes)
Hash
6ff3a3383dca553775e3390c319d0d22
d9c8025ef9bcf404a207656bbb493615088e1bf3
e0dc41f054c661d1e90d64840334dcec1ee5bada0dff7dba119e991fb4ee0dc7

HTTP Headers

GET /wp-content/uploads/2020/01/Dunkirk-2017-360x520.jpg HTTP/1.1
Host: mycima9.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Cookie: _ga_6JHTFKY3P3=GS1.1.1694304106.1.0.1694304106.0.0.0; _ga=GA1.1.425629549.1694304106
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 10 Sep 2023 00:01:46 GMT
content-type: image/jpeg
content-length: 23250
last-modified: Sat, 08 Feb 2020 22:45:09 GMT
etag: "5e3f39f5-5ad2"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FzorILkI38RikVJJ531ZM1gD%2BkA5desPOSzVT4H4UIMUWfgyhHh465zIHl6zVWJexIbiyThC5VZtc9U8QZtlkCTT4dq%2FpbcQka5oocWNMqyc21JTNIpGkuQ8OFFgKruOc6de1DoRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 804365f9cb35b524-OSL
alt-svc: h3=":443"; ma=86400

GET cdn.madservs.com/js/zone.js

151.139.128.11

200 OK

877 B

URL GET HTTP/2
cdn.madservs.com/js/zone.js
IP
151.139.128.11:443
ASN
#20446 STACKPATH-CDN

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerLet's Encrypt
Subjectcdn.madservs.com
Fingerprint94:34:31:D6:17:9F:F7:89:4C:DC:13:31:66:E7:D7:1F:03:60:A9:0A
ValidityWed, 02 Aug 2023 22:53:07 GMT - Tue, 31 Oct 2023 22:53:06 GMT

File type
ASCII text, with very long lines (1531)
Size
877 B (877 bytes)
Hash
5feecf6ec1cc360c25e1a58fc54d9800
d161b7d24be0c3ab461bddd0e0b91ddc84ec6b42
ea741bfb8216c151ce5d8d86550a37b1380f34a7a7e80ac4c19872d76234348a

HTTP Headers

GET /js/zone.js HTTP/1.1
Host: cdn.madservs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycima9.wecima.watch/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 00:01:46 GMT
content-encoding: gzip
content-length: 877
content-type: application/javascript; charset=utf-8
last-modified: Tue, 23 May 2023 09:50:45 GMT
accept-ranges: bytes
server: nginx
etag: W/"646c8c75-5fc"
cache-control: max-age=172800, public
access-control-allow-origin: *
x-hw: 1694304106.cds242.sk1.hn,1694304106.cds210.sk1.c
X-Firefox-Spdy: h2

GET cdn.madservs.com/js/zone.js

151.139.128.11

200 OK

877 B

URL GET HTTP/2
cdn.madservs.com/js/zone.js
IP
151.139.128.11:443
ASN
#20446 STACKPATH-CDN

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerLet's Encrypt
Subjectcdn.madservs.com
Fingerprint94:34:31:D6:17:9F:F7:89:4C:DC:13:31:66:E7:D7:1F:03:60:A9:0A
ValidityWed, 02 Aug 2023 22:53:07 GMT - Tue, 31 Oct 2023 22:53:06 GMT

File type
ASCII text, with very long lines (1531)
Size
877 B (877 bytes)
Hash
5feecf6ec1cc360c25e1a58fc54d9800
d161b7d24be0c3ab461bddd0e0b91ddc84ec6b42
ea741bfb8216c151ce5d8d86550a37b1380f34a7a7e80ac4c19872d76234348a

HTTP Headers

GET /js/zone.js HTTP/1.1
Host: cdn.madservs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycima9.wecima.watch/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 00:01:46 GMT
content-encoding: gzip
content-length: 877
content-type: application/javascript; charset=utf-8
last-modified: Tue, 23 May 2023 09:50:45 GMT
accept-ranges: bytes
server: nginx
etag: W/"646c8c75-5fc"
cache-control: max-age=172800, public
access-control-allow-origin: *
x-hw: 1694304106.cds242.sk1.hn,1694304106.cds210.sk1.c
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c

142.250.74.168

200 OK

64 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-128370636-1&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT

File type
ASCII text, with very long lines (2952)
Size
64 kB (64289 bytes)
Hash
d6d3b6dd246eb842d6a2c71ae5f0bfc4
6db0a9dafac47b79431e5816b8a5c558587283e7
53e5167a57a5bd5bcd8fca049ad4f05857fbcb7cbf0bf649cb7a943c7502b202

HTTP Headers

GET /gtag/js?id=UA-128370636-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 10 Sep 2023 00:01:46 GMT
expires: Sun, 10 Sep 2023 00:01:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET alteredyacht.com/5a/ab/22/5aab22948fc5f2edc2ca37dff2cd916f.js

173.233.137.44

200 OK

17 kB

URL GET HTTP/1.1
alteredyacht.com/5a/ab/22/5aab22948fc5f2edc2ca37dff2cd916f.js
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerLet's Encrypt
Subjectalteredyacht.com
Fingerprint90:14:CD:68:4B:DA:1E:77:58:9D:4F:9C:85:B4:EA:B0:87:F6:72:8B
ValidityTue, 22 Aug 2023 00:49:59 GMT - Mon, 20 Nov 2023 00:49:58 GMT

File type
ASCII text, with very long lines (40395)
Size
17 kB (16710 bytes)
Hash
73df32d5dcc937d0d8a65f30d21e1151
7ed698e087713b502fa89f3cdb2511a1702d3058
31d2831f455463c730432bbbcb66b5fe024cac1ef6fbb2b4db8908b84e57530f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5a/ab/22/5aab22948fc5f2edc2ca37dff2cd916f.js HTTP/1.1
Host: alteredyacht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 10 Sep 2023 00:01:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_cf-2687=0; expires=Thu, 14 Sep 2023 04:01:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 75264518bf8097ad7a3072a68e461991
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET b.m2track.co/adb/za/160.js?v=1&v=1.22&t=64fd076ac28f5c.96691454&&referer=https%3A%2F%2Fmycima9.wecima.watch%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-dunkirk-2017-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&ct=1694304106761

44.197.62.246

200 OK

3.2 kB

URL GET HTTP/1.1
b.m2track.co/adb/za/160.js?v=1&v=1.22&t=64fd076ac28f5c.96691454&&referer=https%3A%2F%2Fmycima9.wecima.watch%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-dunkirk-2017-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&ct=1694304106761
IP
44.197.62.246:443
ASN
#14618 AMAZON-AES

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerAmazon
Subjectm2track.co
Fingerprint0E:39:EF:ED:CC:9F:0E:48:79:15:6E:2D:2D:6F:26:F7:1E:BE:6F:08
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 06 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1482)
Size
3.2 kB (3216 bytes)
Hash
df1a6f5f3805e0e2ca3f77178b6f1159
abb575aefac9643c1194a1a97f6027e37fadc772
ff53c4375dffb4e1414f10f8a55259237756b224041496303265bb4989027678

HTTP Headers

GET /adb/za/160.js?v=1&v=1.22&t=64fd076ac28f5c.96691454&&referer=https%3A%2F%2Fmycima9.wecima.watch%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-dunkirk-2017-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&ct=1694304106761 HTTP/1.1
Host: b.m2track.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 10 Sep 2023 00:01:46 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET b.m2track.co/adb/za/161.js?v=1&v=1.22&t=64fd076ab6c8b4.9023282&&referer=https%3A%2F%2Fmycima9.wecima.watch%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-dunkirk-2017-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&ct=1694304106714

44.197.62.246

200 OK

3.2 kB

URL GET HTTP/1.1
b.m2track.co/adb/za/161.js?v=1&v=1.22&t=64fd076ab6c8b4.9023282&&referer=https%3A%2F%2Fmycima9.wecima.watch%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-dunkirk-2017-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&ct=1694304106714
IP
44.197.62.246:443
ASN
#14618 AMAZON-AES

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerAmazon
Subjectm2track.co
Fingerprint0E:39:EF:ED:CC:9F:0E:48:79:15:6E:2D:2D:6F:26:F7:1E:BE:6F:08
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 06 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1482)
Size
3.2 kB (3214 bytes)
Hash
97137d59bd07fb0967ef78532c0ab1a0
de55dbcc0d8d5bbe66fb6d7925cc4ce77742fa20
a9e1ca9dd210ab97c8bfc7834511afb9f98969752fe93c11e4e5a91f78de38bb

HTTP Headers

GET /adb/za/161.js?v=1&v=1.22&t=64fd076ab6c8b4.9023282&&referer=https%3A%2F%2Fmycima9.wecima.watch%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-dunkirk-2017-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&ct=1694304106714 HTTP/1.1
Host: b.m2track.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 10 Sep 2023 00:01:46 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-brands-400.woff2

104.18.22.52

200 OK

105 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-brands-400.woff2
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 104740, version 768.256\012- data
Size
105 kB (104740 bytes)
Hash
27ed7b486bfe3163c0d312b6d2aa9069
97cb3773774b591841557c859b0f1b4b1b1cde09
fb347c28258cfeeb9b0904c469d8049fcb2ad4d1bb5e4c9601e0edda3b76bb69

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima9.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 00:01:46 GMT
content-type: font/woff2
content-length: 104740
x-amz-id-2: Xk3QyLMcWZpcm9NOsmUjmgp00HdtPzB8hMyGI8I5TxI9J7YKZhbvK4fMl+9wca80n1nC4/iXTq4=
x-amz-request-id: EASQMPYM289KMEST
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "27ed7b486bfe3163c0d312b6d2aa9069"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 183631
accept-ranges: bytes
server: cloudflare
cf-ray: 804365fc4841b515-OSL
X-Firefox-Spdy: h2

GET site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-light-300.woff2

104.18.22.52

200 OK

392 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-light-300.woff2
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 392136, version 768.256\012- data
Size
392 kB (392136 bytes)
Hash
2cb9262f4870f225de120af23500828a
0330732496c970248a96c6df732b4b6e8407246f
d9c0c73c3e6a75d59ff20ce5e1d4bdec5ee8c6f2724ff0deb6cddb8f7f207dbe

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-light-300.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima9.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 00:01:46 GMT
content-type: font/woff2
content-length: 392136
x-amz-id-2: tHr0yxOPSPnEHNia+JgMK6qpIwuxhaCL1J+ufAS0Jjy+nwrnQJkATzs9mbzjUmMWnIgp9Okze1w=
x-amz-request-id: EASH7ZFRYE221PXG
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "2cb9262f4870f225de120af23500828a"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 183631
accept-ranges: bytes
server: cloudflare
cf-ray: 804365fc4842b515-OSL
X-Firefox-Spdy: h2

GET site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-solid-900.woff2

104.18.22.52

200 OK

304 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-solid-900.woff2
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 303544, version 768.256\012- data
Size
304 kB (303544 bytes)
Hash
78863e0f6e65fbe6175866e6d5b6f18a
8cda0fc2a701bd6dcfaa94261178fa78df1d15de
82877c6d33c5d786db4815f756437c3e853e08bf8c6c267fd246760d2a96d029

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima9.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 00:01:46 GMT
content-type: font/woff2
content-length: 303544
x-amz-id-2: YWTu2+b6nl+lWd99HAhdGYU0frPuJ2Jue2vqhF7AeJZJbo67J4/iSZppolA/k+u+1hq6svlRcps=
x-amz-request-id: EASQNDNG9XM6FG07
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "78863e0f6e65fbe6175866e6d5b6f18a"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 183631
accept-ranges: bytes
server: cloudflare
cf-ray: 804365fc584bb515-OSL
X-Firefox-Spdy: h2

GET professionalswebcheck.com/stats

52.57.147.240

200 OK

40 B

URL GET HTTP/2
professionalswebcheck.com/stats
IP
52.57.147.240:443
ASN
#16509 AMAZON-02

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
4a94d7ac9374e98558a848b6f96b702f
001de947c6ee5084ad3638bc1f8ec11084ffcd45
81fc0f5ebade9a6f97991bd9f43eb9bfa38d75c14202a6f9d0ad828b5a6487d1

HTTP Headers

GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mycima9.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mycima9.wecima.watch
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=fa35a89a-ff77-4a1a-9475-d98545f8b760:1:1; expires=Wed, 07 Sep 2033 00:01:47 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-regular-400.woff2

104.18.22.52

200 OK

358 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/webfonts/fa-regular-400.woff2
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 357732, version 768.256\012- data
Size
358 kB (357732 bytes)
Hash
aca950cc283a103f77e0001fb67043b7
bf0d2965fbc75a8a23ca081c7094a95535d46ca6
d2d786476ddb1827a07bc0ac83e78cee6d262a16092b6064c166091132f09b65

HTTP Headers

GET /releases/v6.0.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima9.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: font/woff2
content-length: 357732
x-amz-id-2: TWIOE8F8SnCw7tHQSTLcC4gZsZbVIgsVMrqnGn5kX4LEDBPdHuY0o1PRpU40IM6YBBeybXa2mx8=
x-amz-request-id: EASVSNNMTH5Y4CZ9
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 07 Feb 2022 20:26:45 GMT
etag: "aca950cc283a103f77e0001fb67043b7"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 183632
accept-ranges: bytes
server: cloudflare
cf-ray: 804365fce89cb515-OSL
X-Firefox-Spdy: h2

GET cdn.madservs.com/storage/uploads/1_1680163852453.png

151.139.128.11

200 OK

3.4 kB

URL GET HTTP/2
cdn.madservs.com/storage/uploads/1_1680163852453.png
IP
151.139.128.11:443
ASN
#20446 STACKPATH-CDN

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerLet's Encrypt
Subjectcdn.madservs.com
Fingerprint94:34:31:D6:17:9F:F7:89:4C:DC:13:31:66:E7:D7:1F:03:60:A9:0A
ValidityWed, 02 Aug 2023 22:53:07 GMT - Tue, 31 Oct 2023 22:53:06 GMT

File type
PNG image data, 320 x 100, 8-bit colormap, non-interlaced\012- data
Size
3.4 kB (3353 bytes)
Hash
a5499cf61e81dd4bd10ac7d0296815ae
12b7d3fc9f1c9ad6ce07802a866e554e31934215
185253bdf649d040ab6e230ac3046321ae60dbc355f866b2f304b80e01702257

HTTP Headers

GET /storage/uploads/1_1680163852453.png HTTP/1.1
Host: cdn.madservs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 00:01:47 GMT
content-length: 3353
content-type: image/png
last-modified: Thu, 30 Mar 2023 08:10:52 GMT
accept-ranges: bytes
server: nginx
etag: "6425440c-d19"
cache-control: max-age=172800, public
access-control-allow-origin: *
x-hw: 1694304107.cds242.sk1.hn,1694304107.cds210.sk1.c
X-Firefox-Spdy: h2

GET b.m2track.co/adb/zi/NTkxMDEzMzMtMjk1MTkwMTMtMjAyMy0wOS0xMC0wMHw5MS45MC40Mi4xNTR8fDY0ZmQwNzZhZDA1OGU=.js?data=ZmdjQTZ0NlZGU2xTRHEyZXQ5UTA2ODE4RmtuQWROeStlQXNZRGh1c2kwRHFQZGNwaVJ3TGpCaDRRK1BFTlZtWnVkc2pqbFhrUHBkU29CVURzbm9ZUEVvbStMcGIremNKNjQ5UVNoUG80MFU9

44.197.62.246

200 OK

34 B

URL GET HTTP/1.1
b.m2track.co/adb/zi/NTkxMDEzMzMtMjk1MTkwMTMtMjAyMy0wOS0xMC0wMHw5MS45MC40Mi4xNTR8fDY0ZmQwNzZhZDA1OGU=.js?data=ZmdjQTZ0NlZGU2xTRHEyZXQ5UTA2ODE4RmtuQWROeStlQXNZRGh1c2kwRHFQZGNwaVJ3TGpCaDRRK1BFTlZtWnVkc2pqbFhrUHBkU29CVURzbm9ZUEVvbStMcGIremNKNjQ5UVNoUG80MFU9
IP
44.197.62.246:443
ASN
#14618 AMAZON-AES

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerAmazon
Subjectm2track.co
Fingerprint0E:39:EF:ED:CC:9F:0E:48:79:15:6E:2D:2D:6F:26:F7:1E:BE:6F:08
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 06 Aug 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
34 B (34 bytes)
Hash
b22157c4043910c5d040a4580744f1e4
72cbcc3bd16eb060bfee9c3b40a8defb212f4e1a
717ad9548beeb68612e9d6a0c0638f0c489429bf813e81b29af3181de0455c2e

HTTP Headers

GET /adb/zi/NTkxMDEzMzMtMjk1MTkwMTMtMjAyMy0wOS0xMC0wMHw5MS45MC40Mi4xNTR8fDY0ZmQwNzZhZDA1OGU=.js?data=ZmdjQTZ0NlZGU2xTRHEyZXQ5UTA2ODE4RmtuQWROeStlQXNZRGh1c2kwRHFQZGNwaVJ3TGpCaDRRK1BFTlZtWnVkc2pqbFhrUHBkU29CVURzbm9ZUEVvbStMcGIremNKNjQ5UVNoUG80MFU9 HTTP/1.1
Host: b.m2track.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 10 Sep 2023 00:01:47 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET b.m2track.co/adb/zui/NTkxMDEzMzMtMjk1MTkwMTMtMjAyMy0wOS0xMC0wMHw5MS45MC40Mi4xNTR8fDY0ZmQwNzZhZDA1OGU=.js?data=ZmdjQTZ0NlZGU2xTRHEyZXQ5UTA2ODE4RmtuQWROeStlQXNZRGh1c2kwRHFQZGNwaVJ3TGpCaDRRK1BFTlZtWnVkc2pqbFhrUHBkU29CVURzbm9ZUEVvbStMcGIremNKNjQ5UVNoUG80MFU9

44.197.62.246

200 OK

34 B

URL GET HTTP/1.1
b.m2track.co/adb/zui/NTkxMDEzMzMtMjk1MTkwMTMtMjAyMy0wOS0xMC0wMHw5MS45MC40Mi4xNTR8fDY0ZmQwNzZhZDA1OGU=.js?data=ZmdjQTZ0NlZGU2xTRHEyZXQ5UTA2ODE4RmtuQWROeStlQXNZRGh1c2kwRHFQZGNwaVJ3TGpCaDRRK1BFTlZtWnVkc2pqbFhrUHBkU29CVURzbm9ZUEVvbStMcGIremNKNjQ5UVNoUG80MFU9
IP
44.197.62.246:443
ASN
#14618 AMAZON-AES

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerAmazon
Subjectm2track.co
Fingerprint0E:39:EF:ED:CC:9F:0E:48:79:15:6E:2D:2D:6F:26:F7:1E:BE:6F:08
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 06 Aug 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
34 B (34 bytes)
Hash
b22157c4043910c5d040a4580744f1e4
72cbcc3bd16eb060bfee9c3b40a8defb212f4e1a
717ad9548beeb68612e9d6a0c0638f0c489429bf813e81b29af3181de0455c2e

HTTP Headers

GET /adb/zui/NTkxMDEzMzMtMjk1MTkwMTMtMjAyMy0wOS0xMC0wMHw5MS45MC40Mi4xNTR8fDY0ZmQwNzZhZDA1OGU=.js?data=ZmdjQTZ0NlZGU2xTRHEyZXQ5UTA2ODE4RmtuQWROeStlQXNZRGh1c2kwRHFQZGNwaVJ3TGpCaDRRK1BFTlZtWnVkc2pqbFhrUHBkU29CVURzbm9ZUEVvbStMcGIremNKNjQ5UVNoUG80MFU9 HTTP/1.1
Host: b.m2track.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 10 Sep 2023 00:01:47 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400, public
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET mycima9.wecima.watch/wp-content/uploads/2020/01/Dunkirk-2017.jpg

188.114.97.1

200 OK

40 kB

URL GET HTTP/3
mycima9.wecima.watch/wp-content/uploads/2020/01/Dunkirk-2017.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 450x650, components 3\012- data
Size
40 kB (39973 bytes)
Hash
53fc356f16917eb359240106be76e8ee
24540b54cd0db78cd87a2d5bd0b0b3678f503a57
f43dc3c7c7121bb29dd2cf1ffdaee36aaf6a0de4db68935426f0bc3d5e0e5bfd

HTTP Headers

GET /wp-content/uploads/2020/01/Dunkirk-2017.jpg HTTP/1.1
Host: mycima9.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
Cookie: _ga_6JHTFKY3P3=GS1.1.1694304106.1.0.1694304106.0.0.0; _ga=GA1.1.425629549.1694304106; ppu_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1; cap160={"zi":{"v":1,"t":1694304107011},"zc":{"v":0,"t":null},"ac":{"i":1,"c":0,"t":null},"c":{"1300":{"i":0,"c":0,"t":null}}}; cap161={"zi":{"v":1,"t":1694304107014},"zc":{"v":0,"t":null},"ac":{"i":1,"c":0,"t":null},"c":{"1300":{"i":0,"c":0,"t":null}}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: image/jpeg
content-length: 39973
last-modified: Sat, 08 Feb 2020 22:47:28 GMT
etag: "5e3f3a80-9c25"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUhCemW4Be%2Fpnb9EEUYpozp%2F27aHjds05AOUnMKrnrPkJglqeIMYxBK6jUT9FdJnc3iS7xsLLYrXfJ5lZGg4oIRGIsvygnh7CYJ7HiQpZB96mzS%2BJLJXU6krcDVQ25aeTPho94xdWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 804365fe1d16b524-OSL
alt-svc: h3=":443"; ma=86400

GET b.m2track.co/adb/zui/NTkxMDEzMzItMjk1MTkwMTMtMjAyMy0wOS0xMC0wMHw5MS45MC40Mi4xNTR8fDY0ZmQwNzZhZDA4ZGI=.js?data=MFdrZ2VCUmROVDZ2ekhhOXdWS2Nkb3BoaVBMTGppOWFsazgyeFFHajFhS2EwbG1CM2YxRGE5Zk0wOCtYdnJ0V2JGZjRhc1BxNXdTQlJZeVMyZE40KzJ2N3VPK3dOOGcrSXpkakVTVjE0K1k9

44.197.62.246

200 OK

34 B

URL GET HTTP/1.1
b.m2track.co/adb/zui/NTkxMDEzMzItMjk1MTkwMTMtMjAyMy0wOS0xMC0wMHw5MS45MC40Mi4xNTR8fDY0ZmQwNzZhZDA4ZGI=.js?data=MFdrZ2VCUmROVDZ2ekhhOXdWS2Nkb3BoaVBMTGppOWFsazgyeFFHajFhS2EwbG1CM2YxRGE5Zk0wOCtYdnJ0V2JGZjRhc1BxNXdTQlJZeVMyZE40KzJ2N3VPK3dOOGcrSXpkakVTVjE0K1k9
IP
44.197.62.246:443
ASN
#14618 AMAZON-AES

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerAmazon
Subjectm2track.co
Fingerprint0E:39:EF:ED:CC:9F:0E:48:79:15:6E:2D:2D:6F:26:F7:1E:BE:6F:08
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 06 Aug 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
34 B (34 bytes)
Hash
b22157c4043910c5d040a4580744f1e4
72cbcc3bd16eb060bfee9c3b40a8defb212f4e1a
717ad9548beeb68612e9d6a0c0638f0c489429bf813e81b29af3181de0455c2e

HTTP Headers

GET /adb/zui/NTkxMDEzMzItMjk1MTkwMTMtMjAyMy0wOS0xMC0wMHw5MS45MC40Mi4xNTR8fDY0ZmQwNzZhZDA4ZGI=.js?data=MFdrZ2VCUmROVDZ2ekhhOXdWS2Nkb3BoaVBMTGppOWFsazgyeFFHajFhS2EwbG1CM2YxRGE5Zk0wOCtYdnJ0V2JGZjRhc1BxNXdTQlJZeVMyZE40KzJ2N3VPK3dOOGcrSXpkakVTVjE0K1k9 HTTP/1.1
Host: b.m2track.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 10 Sep 2023 00:01:47 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400, public
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET b.m2track.co/adb/zi/NTkxMDEzMzItMjk1MTkwMTMtMjAyMy0wOS0xMC0wMHw5MS45MC40Mi4xNTR8fDY0ZmQwNzZhZDA4ZGI=.js?data=MFdrZ2VCUmROVDZ2ekhhOXdWS2Nkb3BoaVBMTGppOWFsazgyeFFHajFhS2EwbG1CM2YxRGE5Zk0wOCtYdnJ0V2JGZjRhc1BxNXdTQlJZeVMyZE40KzJ2N3VPK3dOOGcrSXpkakVTVjE0K1k9

44.197.62.246

200 OK

34 B

URL GET HTTP/1.1
b.m2track.co/adb/zi/NTkxMDEzMzItMjk1MTkwMTMtMjAyMy0wOS0xMC0wMHw5MS45MC40Mi4xNTR8fDY0ZmQwNzZhZDA4ZGI=.js?data=MFdrZ2VCUmROVDZ2ekhhOXdWS2Nkb3BoaVBMTGppOWFsazgyeFFHajFhS2EwbG1CM2YxRGE5Zk0wOCtYdnJ0V2JGZjRhc1BxNXdTQlJZeVMyZE40KzJ2N3VPK3dOOGcrSXpkakVTVjE0K1k9
IP
44.197.62.246:443
ASN
#14618 AMAZON-AES

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerAmazon
Subjectm2track.co
Fingerprint0E:39:EF:ED:CC:9F:0E:48:79:15:6E:2D:2D:6F:26:F7:1E:BE:6F:08
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 06 Aug 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
34 B (34 bytes)
Hash
b22157c4043910c5d040a4580744f1e4
72cbcc3bd16eb060bfee9c3b40a8defb212f4e1a
717ad9548beeb68612e9d6a0c0638f0c489429bf813e81b29af3181de0455c2e

HTTP Headers

GET /adb/zi/NTkxMDEzMzItMjk1MTkwMTMtMjAyMy0wOS0xMC0wMHw5MS45MC40Mi4xNTR8fDY0ZmQwNzZhZDA4ZGI=.js?data=MFdrZ2VCUmROVDZ2ekhhOXdWS2Nkb3BoaVBMTGppOWFsazgyeFFHajFhS2EwbG1CM2YxRGE5Zk0wOCtYdnJ0V2JGZjRhc1BxNXdTQlJZeVMyZE40KzJ2N3VPK3dOOGcrSXpkakVTVjE0K1k9 HTTP/1.1
Host: b.m2track.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 10 Sep 2023 00:01:47 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677

188.114.97.1

301 Moved Permanently

0 B

URL GET HTTP/3
mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677 HTTP/1.1
Host: mycima9.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Cookie: _ga_6JHTFKY3P3=GS1.1.1694304106.1.0.1694304106.0.0.0; _ga=GA1.1.425629549.1694304106
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Sun, 10 Sep 2023 00:01:46 GMT
content-type: text/html; charset=UTF-8
location: https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
x-redirect-by: WordPress
x-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKeuqfmFL8pOsK%2BWh3i8VY5JUQi1sr5FY0v56sHGeK%2FTBVFCAD5%2FIMRfwgzdLRSOEAkORfpWz3faxMcWlYQ%2F4Lc8IhyhfJqMg4%2BpDGvZtgDI4b30t9mfHpMq504jRR9ehhP7N9K6AA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 804365fa2b5fb524-OSL
alt-svc: h3=":443"; ma=86400

GET cdnjs.cloudflare.com/ajax/libs/video.js/7.0.0/video.min.js

104.17.24.14

200 OK

90 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/video.js/7.0.0/video.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65141)
Size
90 kB (89873 bytes)
Hash
32803413b97579648bb6d086fde72f08
8a7d229a24879f094e80b78e417c90d07cdc4f13
8636f49e04c3b2b95dbdc4bc2dfff6d5babbfd642eab954087deaa7c2c2fae11

HTTP Headers

GET /ajax/libs/video.js/7.0.0/video.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 89873
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942eda-15f11"
last-modified: Thu, 22 Jun 2023 11:22:02 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4409038
expires: Fri, 30 Aug 2024 00:01:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPTUUvFmFeZGxBBLltJjHpuAmRZMzcOKn4C0t4w3YMEMmj%2B3%2BirmjhO8AXnfIdHnN71JQzg2tVda83BxzwdocHZFOjjLld7f03ZlkuYiOlVd2J6bu7TfQALXEPzCLCxSLiv2VEFX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 804365febf6b1c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET code.jquery.com/jquery-3.5.1.min.js

69.16.175.42

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.5.1.min.js
IP
69.16.175.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (30879 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 00:01:47 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1694304107.dop013.sk1.t,1694304107.cds249.sk1.hn,1694304107.cds208.sk1.c
X-Firefox-Spdy: h2

GET my.rtmark.net/gid.js?userId=8451e9ab9c974d69875f94634160addb

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=8451e9ab9c974d69875f94634160addb
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintB4:02:64:AF:5C:AB:27:5B:1B:80:CF:C8:FF:EB:BF:43:29:C3:C5:C1
ValidityTue, 25 Jul 2023 06:29:27 GMT - Mon, 23 Oct 2023 06:29:26 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
19edb73a135fd41841a3d16055c22bf0
f6da949fc99e1ccf8834732d3b220d85e50dc41a
1191a381ade4ab68300d0f230da4e507912c917a909e81c1990cba39cc40219a

HTTP Headers

GET /gid.js?userId=8451e9ab9c974d69875f94634160addb HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mycima9.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://mycima9.wecima.watch
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8451e9ab9c974d69875f94634160addb; expires=Mon, 09 Sep 2024 00:01:47 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js

104.16.123.175

200 OK

11 kB

URL GET HTTP/2
unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js
IP
104.16.123.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text
Size
11 kB (10704 bytes)
Hash
b671db9a73a06770313c1a05bcdc0b58
12280acce4192448e93e3b2ef9e1adf6c6eba94a
9162832cc3ed9507d8f869dd0d4fd0dacde05a078172d82a98b05e0aef1f1a34

HTTP Headers

GET /videojs-flash@2.2.1/dist/videojs-flash.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycima9.wecima.watch/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"99ef-EigKzOQZJEjpPjsu+eGt9sbrqUo"
via: 1.1 fly.io
fly-request-id: 01H95T4E8TAPRENPM7W6299EV1-fra
cf-cache-status: HIT
age: 818070
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 804366015e1f56cc-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET upgulpinon.com/1?z=4967771

139.45.197.242

404 Not Found

7 B

URL GET HTTP/2
upgulpinon.com/1?z=4967771
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerLet's Encrypt
Subjectupgulpinon.com
FingerprintBF:64:6F:DF:55:B2:6B:1F:12:44:C8:89:7C:70:2A:0A:F0:4D:72:02
ValidityThu, 07 Sep 2023 18:37:51 GMT - Wed, 06 Dec 2023 18:37:50 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
3b66fb7a307f3ca29bd59b2f354055bd
d6ae6ccb37eb272d94d4a5191fa50372f4d06bba
de68e8f959bc131328db7581860711517d6ae1eb03aa047043dc7f826906e5a4

HTTP Headers

GET /1?z=4967771 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Sun, 10 Sep 2023 00:01:48 GMT
content-type: text/plain; charset=utf-8
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 9c783b681c9a5cd042618d8b5aa6fb8a
access-control-expose-headers: X-Sc
x-sc: 4KdnrdofxFOHMlcU
set-cookie: scm=1; expires=Mon, 09 Sep 2024 00:01:48 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET banquetunarmedgrater.com/advertisers.js

173.233.137.44

200 OK

0 B

URL GET HTTP/1.1
banquetunarmedgrater.com/advertisers.js
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerLet's Encrypt
Subject*.banquetunarmedgrater.com
FingerprintD9:F1:C8:4D:8E:F9:05:9D:D3:62:54:EE:E6:FA:28:C2:81:34:80:C2
ValidityTue, 01 Aug 2023 06:03:28 GMT - Mon, 30 Oct 2023 06:03:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 10 Sep 2023 00:01:48 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d8d08d5cdca14dfcced08f5895b6641e
Strict-Transport-Security: max-age=0; includeSubdomains

GET cima57.upbaam.com/smforvio5yll/Dunkirk.2017.1080p.BluRay.MyCima.TV.mp4.html?Key=EcBwXuxrldWdALhho3hdhw&Expires=1694314906

104.21.22.216

302 Found

0 B

URL GET HTTP/2
cima57.upbaam.com/smforvio5yll/Dunkirk.2017.1080p.BluRay.MyCima.TV.mp4.html?Key=EcBwXuxrldWdALhho3hdhw&Expires=1694314906
IP
104.21.22.216:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintED:65:F5:50:3F:3A:58:D3:AA:2E:F8:77:27:57:FF:CB:6E:D4:49:BD
ValidityMon, 06 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /smforvio5yll/Dunkirk.2017.1080p.BluRay.MyCima.TV.mp4.html?Key=EcBwXuxrldWdALhho3hdhw&Expires=1694314906 HTTP/1.1
Host: cima57.upbaam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 10 Sep 2023 00:01:48 GMT
content-length: 0
location: https://cdnx4xv-12.cdnbom.org:82/d/nnrulrybbgeyf3tklaozf4iyof77cvewybqligttwuwjzs4wtuhuvbipyuyl2wxnoo3yvurt/Dunkirk.2017.1080p.BluRay.MyCima.TV.mp4
set-cookie: lang=english; domain=.cima57.upbaam.com; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTxkoD73kRx5S%2FE0xIrd1glMELJp7MIYQCYpxnn%2FrZK1vsl%2Bqb%2Fp8vR1NlMjIi0LM%2BJ0VQFc4QjgbwzoaYozM602W%2Bizys0j3MqFS3kpBdBWDTDo60KYjUPamubS0YhKmckfOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8043660599491c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET unpkg.com/@videojs/themes@1.0.1/dist/forest/index.css

104.16.123.175

200 OK

8.5 kB

URL GET HTTP/2
unpkg.com/@videojs/themes@1.0.1/dist/forest/index.css
IP
104.16.123.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4705), with no line terminators
Size
8.5 kB (8482 bytes)
Hash
98f1320ad97b9d00d843e72159ad5a41
4d112d6a9f1ccd8b9d8cc6e8656cc79286453a0b
85ea9da0a74f01fd6b4d7949be984a901049af62bf5d84208310f506dd3fab79

HTTP Headers

GET /@videojs/themes@1.0.1/dist/forest/index.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycima9.wecima.watch/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Wed, 28 Oct 2020 04:24:35 GMT
etag: W/"1261-TREtap8czYudjMboZWzHkoZFOgs"
via: 1.1 fly.io
fly-request-id: 01H95W1476WMHN3D6AYEN66XFN-fra
cf-cache-status: HIT
age: 816081
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 804366014e1b56cc-OSL
content-encoding: br
X-Firefox-Spdy: h2

POST eedsaung.net/9?z=4807448&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmycima9.wecima.watch%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-dunkirk-2017-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&sah=1024&drf=&hil=1&ist=0&oaid=8451e9ab9c974d69875f94634160addb

139.45.197.242

200 OK

7 B

URL POST HTTP/2
eedsaung.net/9?z=4807448&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmycima9.wecima.watch%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-dunkirk-2017-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&sah=1024&drf=&hil=1&ist=0&oaid=8451e9ab9c974d69875f94634160addb
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerLet's Encrypt
Subjecteedsaung.net
Fingerprint39:1A:51:39:17:5B:6C:AA:21:3B:A2:96:D4:95:44:AB:8E:75:75:65
ValiditySun, 13 Aug 2023 02:55:57 GMT - Sat, 11 Nov 2023 02:55:56 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

HTTP Headers

POST /9?z=4807448&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmycima9.wecima.watch%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-dunkirk-2017-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&sah=1024&drf=&hil=1&ist=0&oaid=8451e9ab9c974d69875f94634160addb HTTP/1.1
Host: eedsaung.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 134
Origin: https://mycima9.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Cookie: scm=1; OAID=9d741201d3e94d63812956182c049eb2; oaidts=1694304107
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 00:01:48 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://mycima9.wecima.watch
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 80cda3ff1dbcd200f21ee8f11feaf9b7
access-control-expose-headers: X-Sc
set-cookie: OAID=8451e9ab9c974d69875f94634160addb; expires=Mon, 09 Sep 2024 00:01:48 GMT; secure; SameSite=None
oaidts=1694304107; expires=Mon, 09 Sep 2024 00:01:48 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

GET wecima.tube/wp-content/uploads/2023/02/wecima-favicon-1.png

188.114.96.1

301 Moved Permanently

5.7 kB

URL GET HTTP/2
wecima.tube/wp-content/uploads/2023/02/wecima-favicon-1.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint38:85:67:EA:CB:D5:AA:EA:AA:13:D8:8E:A0:F9:5E:3A:EC:0B:54:66
ValidityThu, 02 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
data
Size
5.7 kB (5654 bytes)
Hash
1a85eb31bd19467c5b67050103cbb106
6e250902546d110adf8d30c9fda9df1e6a82be88
b82a0d1d847e5825068a185c406f8322db2158962eb9245205daf75487649196

HTTP Headers

GET /wp-content/uploads/2023/02/wecima-favicon-1.png HTTP/1.1
Host: wecima.tube
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sun, 10 Sep 2023 00:01:48 GMT
content-type: text/html
location: https://mycima9.wecima.watch/wp-content/uploads/2023/02/wecima-favicon-1.png
cache-control: max-age=31536000
cf-cache-status: HIT
age: 734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2B35n%2B%2FIqvTeRiEj0Z55p3rNXIczy0quedR5Ba7VrFY5ZeD1xfzgoMdx0fkmLRg%2FiyrPCsfwJ7FO9%2FuwrGWaaeqgpjHzDQW1F%2FtNtRsP87ix4AR0pXcGaSSZ92u4Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80436605590756ba-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1461
Origin: https://mycima9.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 10 Sep 2023 00:03:05 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://mycima9.wecima.watch
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

GET mycima9.wecima.watch/wp-content/themes/Mycima2021/Style/fonts.css

188.114.97.1

404 Not Found

265 kB

URL GET HTTP/3
mycima9.wecima.watch/wp-content/themes/Mycima2021/Style/fonts.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type

Size
265 kB (264867 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/Mycima2021/Style/fonts.css HTTP/1.1
Host: mycima9.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
Cookie: _ga_6JHTFKY3P3=GS1.1.1694304106.1.0.1694304106.0.0.0; _ga=GA1.1.425629549.1694304106; ppu_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1; cap160={"zi":{"v":1,"t":1694304107011},"zc":{"v":0,"t":null},"ac":{"i":1,"c":0,"t":null},"c":{"1300":{"i":0,"c":0,"t":null}}}; cap161={"zi":{"v":1,"t":1694304107014},"zc":{"v":0,"t":null},"ac":{"i":1,"c":0,"t":null},"c":{"1300":{"i":0,"c":0,"t":null}}}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRtQXC9k5M4ZnFa%2B8eS3csey4ZgaYyDknz9ogJpdmQGCVdEpi4170QW9L9XsldIRG5vJlWH%2Bt%2FjKBW3s3Bh5tJnHfRcVUV1B2OfQO7CxG6baZ0wyQwnOJ%2Fk4%2FLJTENyaCjp3VBkP3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 804365fdfd0bb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET mycima9.wecima.watch/wp-content/themes/Mycima2021/js/vidjs-2.js

188.114.97.1

200 OK

27 kB

URL GET HTTP/3
mycima9.wecima.watch/wp-content/themes/Mycima2021/js/vidjs-2.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type

Size
27 kB (27283 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/Mycima2021/js/vidjs-2.js HTTP/1.1
Host: mycima9.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
Cookie: _ga_6JHTFKY3P3=GS1.1.1694304106.1.0.1694304106.0.0.0; _ga=GA1.1.425629549.1694304106; ppu_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1; cap160={"zi":{"v":1,"t":1694304107011},"zc":{"v":0,"t":null},"ac":{"i":1,"c":0,"t":null},"c":{"1300":{"i":0,"c":0,"t":null}}}; cap161={"zi":{"v":1,"t":1694304107014},"zc":{"v":0,"t":null},"ac":{"i":1,"c":0,"t":null},"c":{"1300":{"i":0,"c":0,"t":null}}}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 06 Jun 2023 18:43:27 GMT
etag: W/"647f7e4f-6a93"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5343
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3szrL%2BqoE3HSJZftBaTyFzBFLUn1PPRg0VJbg8SDo3U5W%2BBqKRt8p82bsBm3ufCRUWEfAmI33EAY%2FU3tCzM9yfcpiqW42Bb%2BXwa9uUwc9twLLy7He4LXkUSUoLs3ptzJ1vs8hkpZKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 804365fdfd0eb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET unpkg.com/videojs-flash/dist/videojs-flash.js

104.16.123.175

302 Found

39 kB

URL GET HTTP/2
unpkg.com/videojs-flash/dist/videojs-flash.js
IP
104.16.123.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
39 kB (39407 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /videojs-flash/dist/videojs-flash.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /videojs-flash@2.2.1/dist/videojs-flash.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01H9Y5SABRZ5N882DSBPNMX6FJ-fra
cf-cache-status: HIT
age: 545
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 804365fe4d1256cc-OSL
X-Firefox-Spdy: h2

GET cdnx4xv-12.cdnbom.org:82/d/nnrulrybbgeyf3tklaozf4iyof77cvewybqligttwuwjzs4wtuhuvbipyuyl2wxnoo3yvurt/Dunkirk.2017.1080p.BluRay.MyCima.TV.mp4

194.110.207.42

206 Partial Content

7.7 MB

URL GET HTTP/1.1
cdnx4xv-12.cdnbom.org:82/d/nnrulrybbgeyf3tklaozf4iyof77cvewybqligttwuwjzs4wtuhuvbipyuyl2wxnoo3yvurt/Dunkirk.2017.1080p.BluRay.MyCima.TV.mp4
IP
194.110.207.42:82
ASN
#0

Requested by
https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
Certificate
IssuerGlobalSign nv-sa
Subject*.cdnbom.org
FingerprintEC:D5:37:CD:2F:5C:62:AA:34:B1:84:D4:2C:D4:DF:C3:0A:01:E2:A0
ValidityThu, 05 Jan 2023 11:45:51 GMT - Tue, 06 Feb 2024 11:45:50 GMT

File type

Size
7.7 MB (7667316 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /d/nnrulrybbgeyf3tklaozf4iyof77cvewybqligttwuwjzs4wtuhuvbipyuyl2wxnoo3yvurt/Dunkirk.2017.1080p.BluRay.MyCima.TV.mp4 HTTP/1.1
Host: cdnx4xv-12.cdnbom.org:82
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, identity
Range: bytes=0-
Referer: https://mycima9.wecima.watch/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Server: nginx
Date: Sat, 09 Sep 2023 23:59:23 GMT
Content-Type: application/octet-stream
Content-Length: 1658725975
Last-Modified: Sun, 27 Aug 2023 00:39:43 GMT
Connection: close
Content-Disposition: attachment
ETag: "64ea9b4f-62de2657"
Content-Range: bytes 0-1658725974/1658725975

GET asnincadar.com/400/5097541

139.45.197.242

200 OK

84 kB

URL GET HTTP/2
asnincadar.com/400/5097541
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerLet's Encrypt
Subjectasnincadar.com
FingerprintDA:F0:A4:F4:07:DF:60:E2:DA:A0:4E:15:FF:29:97:AD:B7:06:E6:9B
ValidityMon, 04 Sep 2023 11:12:44 GMT - Sun, 03 Dec 2023 11:12:43 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
84 kB (84127 bytes)
Hash
60d921047ab177d55c8a42810cccb693
ac65523fccefdfe04c1d47ded016f09858b95b3a
2d9271c516bf94908fca79d81963fc422ba228b764a50e4c9aec137bb831fbdd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /400/5097541 HTTP/1.1
Host: asnincadar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: application/javascript
x-trace-id: fe28580f5015396e513fe8f72ab6e0e2
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=3d5936673bc243d3b6c737170da315b0; expires=Mon, 09 Sep 2024 00:01:47 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

GET unpkg.com/@videojs/themes@1/dist/forest/index.css

104.16.123.175

302 Found

4.7 kB

URL GET HTTP/2
unpkg.com/@videojs/themes@1/dist/forest/index.css
IP
104.16.123.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
4.7 kB (4705 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /@videojs/themes@1/dist/forest/index.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /@videojs/themes@1.0.1/dist/forest/index.css
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01H9Y5ZMV7F96WJ88KCFE3P955-fra
cf-cache-status: HIT
age: 338
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 804365fe3d1056cc-OSL
X-Firefox-Spdy: h2

GET mycima9.wecima.watch/wp-includes/css/classic-themes.min.css?ver=6.2.2

188.114.97.1

200 OK

291 B

URL GET HTTP/3
mycima9.wecima.watch/wp-includes/css/classic-themes.min.css?ver=6.2.2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type
ASCII text, with no line terminators
Size
291 B (291 bytes)
Hash
2485a0fab337da61deb41cc4aa994c1b
af1a1d4c6b7c287dc881dd4f46b6b547ac5a5353
7e0bdafc01d81aed845a69d0a32120145155f75aca4c603d8952de7ecc5c6410

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=6.2.2 HTTP/1.1
Host: mycima9.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 10 Sep 2023 00:01:45 GMT
content-type: text/css
last-modified: Thu, 08 Jun 2023 18:55:51 GMT
etag: W/"64822437-123"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6518
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCHiDvXoZp01dIiZzdWau8I2X8JShBPo34najlmekdjfUpJ41Fn7KIXOrBWyhIHIqniTbMOY21B3mkQk%2BwR0%2BvlW2N3%2BGE5N4iA7YS05Ej6BnM89qEMC4CUkhx4uMwD4xSVnw435nw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 804365f62980b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET addresseepaper.com/sfp.js

0.0.0.0

0 B

URL GET
addresseepaper.com/sfp.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET dubzenom.com/?rb=4G3Beypjt222ybF0tIt_OLRdqYRJ3i3K_2vCcqAKz191iYtdjcOb82N7a-nA5EbVAyOLKVJbREEIqSkk9I6XyaOO5t2djp4FVKliCo2AeTfEjgmD2ROQhP2PsGtLqTz98WLK3-xZ4vUiYxaFPSdu8JQp3xFSXlTqPqJP-uyDQ4ff1bDEw-YS9n-ffW2Ph4uNSmwNPGHUYtnjZM8bHtsOwDdPiJR1_RsVsCukAQ%3D%3D&request_ab2=0&zoneid=4796941&js_build=iclick-v1.598.1-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fmycima9.wecima.watch%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-dunkirk-2017-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.598.1-auto&bs=e120325a-9239-48cb-91eb-0f1f1ea25ea4&userId=8451e9ab9c974d69875f94634160addb&m=link

139.45.197.245

200 OK

1.6 kB

URL GET HTTP/2
dubzenom.com/?rb=4G3Beypjt222ybF0tIt_OLRdqYRJ3i3K_2vCcqAKz191iYtdjcOb82N7a-nA5EbVAyOLKVJbREEIqSkk9I6XyaOO5t2djp4FVKliCo2AeTfEjgmD2ROQhP2PsGtLqTz98WLK3-xZ4vUiYxaFPSdu8JQp3xFSXlTqPqJP-uyDQ4ff1bDEw-YS9n-ffW2Ph4uNSmwNPGHUYtnjZM8bHtsOwDdPiJR1_RsVsCukAQ%3D%3D&request_ab2=0&zoneid=4796941&js_build=iclick-v1.598.1-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fmycima9.wecima.watch%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-dunkirk-2017-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.598.1-auto&bs=e120325a-9239-48cb-91eb-0f1f1ea25ea4&userId=8451e9ab9c974d69875f94634160addb&m=link
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerLet's Encrypt
Subjectdubzenom.com
FingerprintB4:A2:7A:7C:28:7D:21:81:28:0D:43:28:55:83:62:AB:A7:E8:B5:4B
ValidityTue, 05 Sep 2023 14:16:13 GMT - Mon, 04 Dec 2023 14:16:12 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1667), with no line terminators
Size
1.6 kB (1649 bytes)
Hash
015bc2cd756d01c00e67cf6b6e972615
883995a2f1eb5ea1adf9cc4059a80eb705db3e1d
bdabfc291da071e5a67ad7d47a5c78fab06c2781e566e5990d7bf52102494927

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=4G3Beypjt222ybF0tIt_OLRdqYRJ3i3K_2vCcqAKz191iYtdjcOb82N7a-nA5EbVAyOLKVJbREEIqSkk9I6XyaOO5t2djp4FVKliCo2AeTfEjgmD2ROQhP2PsGtLqTz98WLK3-xZ4vUiYxaFPSdu8JQp3xFSXlTqPqJP-uyDQ4ff1bDEw-YS9n-ffW2Ph4uNSmwNPGHUYtnjZM8bHtsOwDdPiJR1_RsVsCukAQ%3D%3D&request_ab2=0&zoneid=4796941&js_build=iclick-v1.598.1-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fmycima9.wecima.watch%2Fwatch%2F%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A%25D9%2584%25D9%2585-dunkirk-2017-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.598.1-auto&bs=e120325a-9239-48cb-91eb-0f1f1ea25ea4&userId=8451e9ab9c974d69875f94634160addb&m=link HTTP/1.1
Host: dubzenom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycima9.wecima.watch/
Origin: https://mycima9.wecima.watch
DNT: 1
Connection: keep-alive
Cookie: OAID=8451e9ab9c974d69875f94634160addb; oaidts=1694304106
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: application/json
x-trace-id: aded36946a82ad99740aefa01c28ab36
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://mycima9.wecima.watch
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=8451e9ab9c974d69875f94634160addb; expires=Mon, 09 Sep 2024 00:01:47 GMT; path=/; secure; SameSite=None
oaidts=1694304107; expires=Mon, 09 Sep 2024 00:01:47 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 17 Sep 2023 00:01:47 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

GET sculpturelooking.com/pixel/purst?dl=0&th=0&sc=0&rs=1489&rd=1489&fd=888&bv=23.9.v.1&tmpl=70

173.233.139.164

200 OK

0 B

URL GET HTTP/1.1
sculpturelooking.com/pixel/purst?dl=0&th=0&sc=0&rs=1489&rd=1489&fd=888&bv=23.9.v.1&tmpl=70
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerLet's Encrypt
Subjectsculpturelooking.com
FingerprintBA:6B:BF:AC:00:49:7F:46:F6:C1:5E:B2:5B:53:D5:26:BF:5D:E1:1E
ValidityFri, 08 Sep 2023 01:50:01 GMT - Thu, 07 Dec 2023 01:50:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1489&rd=1489&fd=888&bv=23.9.v.1&tmpl=70 HTTP/1.1
Host: sculpturelooking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 10 Sep 2023 00:01:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET mycima9.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.2.2

188.114.97.1

200 OK

95 kB

URL GET HTTP/3
mycima9.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.2.2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
95 kB (95124 bytes)
Hash
fcdee094e98d38fe380e1b5aad9bf444
d0ea8bb98673c7daa2da3af292eeea39a4f7479a
ab97310577a6474ae4b0bd9bb8ef5267698bb9fa61127cb358d4512676d90488

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23footer/js/owl.carousel.min.js?ver=6.2.2 HTTP/1.1
Host: mycima9.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 10 Sep 2023 00:01:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 22 Aug 2021 16:57:00 GMT
etag: W/"612281dc-17394"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6396
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GVaAy7o0dCIcfYDvTQTNFobjIWG%2FbbgicO1RAD%2B0%2BQu6Do9gLnk88kehtC4PeKCu9ajwU2E3E8NOfNVOM7t4Ruov5AO%2F9URLmYUu6iJqf3e%2FxGfpoBmdlVsqDlpU0ju7EmjV7Psjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 804365f62989b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET eedsaung.net/27/070415381a10b3075162cd0e38d81666

139.45.197.242

200 OK

413 kB

URL GET HTTP/2
eedsaung.net/27/070415381a10b3075162cd0e38d81666
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerLet's Encrypt
Subjecteedsaung.net
Fingerprint39:1A:51:39:17:5B:6C:AA:21:3B:A2:96:D4:95:44:AB:8E:75:75:65
ValiditySun, 13 Aug 2023 02:55:57 GMT - Sat, 11 Nov 2023 02:55:56 GMT

File type
ASCII text, with very long lines (65523)
Size
413 kB (412662 bytes)
Hash
94339aa44b4511531dcb4660501db608
ca8df2ebb99346d5e933c734d9189197c9f2715f
3820310916466a4b86c1de8114ec8cfe8f8a259c121104587219e7d84f84b84f

HTTP Headers

GET /27/070415381a10b3075162cd0e38d81666 HTTP/1.1
Host: eedsaung.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Cookie: scm=1; OAID=9d741201d3e94d63812956182c049eb2; oaidts=1694304107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 3c33c90a3da3b0b72638c4a51ffe6fef
cache-control: max-age:290304000, public
last-modified: Mon, 04 Sep 2023 08:40:46 GMT
expires: Mon, 04 Oct 2083 08:40:46 GMT
access-control-expose-headers: X-Sc
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

GET site-assets.fontawesome.com/releases/v6.0.0/css/all.css

104.18.22.52

200 OK

466 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.0.0/css/all.css
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65360)
Size
466 kB (465728 bytes)
Hash
c8ccf9786058107114b343d52efb40bc
f690727a3f4aede7f2287320db4a07874381c10c
7ef19507353beb14a0415f80892c79742e8bd5072cfafd0e8806b12baeb7ef2d

HTTP Headers

GET /releases/v6.0.0/css/all.css HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 00:01:46 GMT
content-type: text/css
x-amz-id-2: 337fVZ4ZdAKxyzLnKE2d+X71JOK4Oe9XxTBYW44KQJLUzI1Pgj+HvUUa7hlvsA8Uwn/cBkw1fX0=
x-amz-request-id: G4RKZP5PY830TVGW
last-modified: Mon, 07 Feb 2022 20:23:49 GMT
etag: W/"c8ccf9786058107114b343d52efb40bc"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 18833556
vary: Accept-Encoding
server: cloudflare
cf-ray: 804365fa6e7956aa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

GET eedsaung.net/1?z=4807448

139.45.197.242

200 OK

43 kB

URL GET HTTP/2
eedsaung.net/1?z=4807448
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerLet's Encrypt
Subjecteedsaung.net
Fingerprint39:1A:51:39:17:5B:6C:AA:21:3B:A2:96:D4:95:44:AB:8E:75:75:65
ValiditySun, 13 Aug 2023 02:55:57 GMT - Sat, 11 Nov 2023 02:55:56 GMT

File type
ASCII text, with very long lines (41880)
Size
43 kB (42921 bytes)
Hash
7f86548d58c21adfafd3201b857886e0
524b375d990861a822ce2c9730fda4d4b9bd2f19
7ab642f3cf4f7d0683a286a06aaff442fd5b4b35b54adb32feb846c95d411be2

HTTP Headers

GET /1?z=4807448 HTTP/1.1
Host: eedsaung.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 3420d702a4c173946242ba8c5d55570e
access-control-expose-headers: X-Sc
x-sc: 1B-MkpFl9sJg54-UkcjWKT0IXY2AEkF9uTLb2JCEuKQNzdmbokUchcx_z3PLroRJuMqCHE0Rd2_t_LYjHbRf-6ZBhHk=
set-cookie: scm=1; expires=Mon, 09 Sep 2024 00:01:47 GMT; secure; SameSite=None
OAID=9d741201d3e94d63812956182c049eb2; expires=Mon, 09 Sep 2024 00:01:47 GMT; secure; SameSite=None
oaidts=1694304107; expires=Mon, 09 Sep 2024 00:01:47 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET mycima9.wecima.watch/wp-content/uploads/2023/02/wecima-favicon-1.png

188.114.97.1

200 OK

5.5 kB

URL GET HTTP/3
mycima9.wecima.watch/wp-content/uploads/2023/02/wecima-favicon-1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type
PNG image data, 271 x 211, 8-bit/color RGBA, non-interlaced\012- data
Size
5.5 kB (5499 bytes)
Hash
de6cab0eb34528ddc75c0bba91468367
805566b4421a52ccbc7ddea87282ce4df241f64e
ab33b59200764ca718a5f977d0eccf57c27d02560c59ba3a9b12af1819b1f7fa

HTTP Headers

GET /wp-content/uploads/2023/02/wecima-favicon-1.png HTTP/1.1
Host: mycima9.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycima9.wecima.watch/
DNT: 1
Connection: keep-alive
Cookie: _ga_6JHTFKY3P3=GS1.1.1694304106.1.0.1694304106.0.0.0; _ga=GA1.1.425629549.1694304106; cap160={"zi":{"v":1,"t":1694304107011},"zc":{"v":0,"t":null},"ac":{"i":1,"c":0,"t":null},"c":{"1300":{"i":0,"c":0,"t":null}}}; cap161={"zi":{"v":1,"t":1694304107014},"zc":{"v":0,"t":null},"ac":{"i":1,"c":0,"t":null},"c":{"1300":{"i":0,"c":0,"t":null}}}; prefetchAd_4796941=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 10 Sep 2023 00:01:48 GMT
content-type: image/png
content-length: 5499
last-modified: Mon, 13 Feb 2023 20:21:20 GMT
etag: "63ea9bc0-157b"
vary: Accept, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6397
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQG%2FOP19UJ7h2RTSP6Ry65OQFhSFzoTyhPzTUwWovBVTy0N4moODk0o3smjnc7PsasYY7MAgbjH3Sz35b101pQ17gnKrVkMaNu4NUaWiSwYbkD%2FCIVojD7BisWZGnNHI06YEi8glxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80436606fa47b524-OSL
alt-svc: h3=":443"; ma=86400

GET fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2

216.58.207.227

200 OK

9.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9864, version 1.0\012- data
Size
9.9 kB (9864 bytes)
Hash
9751651b345afc0e49ca1a302c19a294
05393c6e747f5e8a3c7fbee5fe15cad4c80837e1
d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54

HTTP Headers

GET /s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycima9.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9864
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 08 Sep 2023 10:28:09 GMT
expires: Sat, 07 Sep 2024 10:28:09 GMT
cache-control: public, max-age=31536000
age: 135217
last-modified: Tue, 16 Jul 2019 03:31:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET tzegilo.com/stattag.js

172.64.137.24

200 OK

19 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
172.64.137.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint42:15:A6:1F:C2:2C:D5:FF:32:2C:B9:6C:84:A6:86:63:B0:45:C5:20
ValidityMon, 07 Aug 2023 17:09:01 GMT - Sun, 05 Nov 2023 17:09:00 GMT

File type
ASCII text, with very long lines (18369)
Size
19 kB (19019 bytes)
Hash
89e89aea544ea2785d49cc4cd9cf26f6
7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 00:01:48 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
etag: W/"64f987a8-4a4b"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5168
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BNgGwXTIcsBh2BGxCuaeugU86Ngw61DgXpaVTJrfvD0RfrmNf50vSLnrMnXUeStQEv6vS5cPwBMYkhWeh6Wu4dsutDGFs139q1F2VqADzTUfTshqYxr1UohEodyWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 804366035da77753-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET inklinkor.com/tag.min.js

172.67.211.29

200 OK

80 kB

URL GET HTTP/2
inklinkor.com/tag.min.js
IP
172.67.211.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subjectinklinkor.com
FingerprintF9:E2:87:BB:45:BD:69:84:B8:1A:2C:23:70:4D:BE:9E:4F:00:3C:F6
ValidityFri, 25 Aug 2023 12:55:35 GMT - Thu, 23 Nov 2023 12:55:34 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
80 kB (79892 bytes)
Hash
c24ca6331005f0f3a13b4c73436360c9
5a480621b67be51f4c86d8229c9f9b7b88421ad3
04aa8c8fd08ed9b9b26e66314da286da6bdda7131cb826cbd0855a475acac295

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 00:01:46 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 17a26b2b982d02ca89dfa5d7727fb0ee
cache-control: max-age=86400
last-modified: Tue, 05 Sep 2023 20:27:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Sun, 10 Sep 2023 23:22:57 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2329
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T97OHZBF2MJRefvmoFJOuBV2CpK8bKdxiQS%2BnVlVZIV8c39s9Yrk%2Buo7lAncoISuT6W7CWysAo9LYqTYSIqS4Bj04fzV%2BoY2RS%2BRSuXTfo6N5gejp4GUmzqpSRSNqA9T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 804365f94b26b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET unpkg.com/videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js

104.16.123.175

200 OK

717 kB

URL GET HTTP/2
unpkg.com/videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js
IP
104.16.123.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
717 kB (717184 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycima9.wecima.watch/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"af180-yddBL+N7CRgyB07pxWVoSeh+9Bw"
via: 1.1 fly.io
fly-request-id: 01H95W5S54NNYJA6300RNRJJJ4-fra
cf-cache-status: HIT
age: 815928
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 804366015e1d56cc-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET mycima9.wecima.watch/AjaxCenter/RightBar/

188.114.97.1

200 OK

86 kB

URL GET HTTP/3
mycima9.wecima.watch/AjaxCenter/RightBar/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type
JSON data\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
86 kB (85815 bytes)
Hash
b08564c9a5ddc34aa4a7616ab999c7b0
3ead59ccc4aa223986179089b50b7c2a000de5f4
5d00bec55ee76caa48bb222183624eec5c572c442c27a1821b09c24ead037556

HTTP Headers

GET /AjaxCenter/RightBar/ HTTP/1.1
Host: mycima9.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Cookie: _ga_6JHTFKY3P3=GS1.1.1694304106.1.0.1694304106.0.0.0; _ga=GA1.1.425629549.1694304106; ppu_show_on_5aab22948fc5f2edc2ca37dff2cd916f=1; cap160={"zi":{"v":1,"t":1694304107011},"zc":{"v":0,"t":null},"ac":{"i":1,"c":0,"t":null},"c":{"1300":{"i":0,"c":0,"t":null}}}; cap161={"zi":{"v":1,"t":1694304107014},"zc":{"v":0,"t":null},"ac":{"i":1,"c":0,"t":null},"c":{"1300":{"i":0,"c":0,"t":null}}}; ppu_main_5aab22948fc5f2edc2ca37dff2cd916f=1; ppu_exp_5aab22948fc5f2edc2ca37dff2cd916f=1694307707493; dom3ic8zudi28v8lr6fgphwffqoz0j6c=fa35a89a-ff77-4a1a-9475-d98545f8b760%3A1%3A1; prefetchAd_4796941=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 10 Sep 2023 00:01:49 GMT
content-type: application/json
x-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yznB%2Fl4O9BmgtrgBdGDsRCNEu5xPd01ll6rcckqYia7iKO7B%2FaVzpb1yw51KLewskmvkOkQ3qKTPgxPMQJflxgP3nMX3amShqimjzIpDUa8Efv4QMaV%2Fni%2F9P7lgQr5EagJHcjNpMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8043660b3c01b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/

188.114.97.1

200 OK

351 kB

URL User Request GET HTTP/3
mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type

Size
351 kB (351444 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/ HTTP/1.1
Host: mycima9.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 10 Sep 2023 00:01:45 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://mycima9.wecima.watch/xmlrpc.php
x-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvca0SX4BVPzeHHEjxHGukr7mAmE%2BRIustAGUUvpDtWdCSGPD1LAljGuvkAj732Iqay6hrpFW6mNts0Ntb3LdkiifEF9f0arSEO0LKn%2BL8XoB1Jjg%2BokDfKey2J%2FiKTma4baeiv1aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 804365f3387eb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js

104.16.123.175

302 Found

717 kB

URL GET HTTP/2
unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js
IP
104.16.123.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
717 kB (717184 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /videojs-contrib-hls/dist/videojs-contrib-hls.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 10 Sep 2023 00:01:47 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01H9Y5ZMWN4960AY80G79ZYZ1R-fra
cf-cache-status: HIT
age: 338
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 804365fe4d1156cc-OSL
X-Firefox-Spdy: h2

POST mycima9.wecima.watch/insights.php

188.114.97.1

200 OK

35 B

URL POST HTTP/3
mycima9.wecima.watch/insights.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
35 B (35 bytes)
Hash
6b652cac01878c3fd56eb6144f8ec758
2fb0dbad10a7c55b807ebc198e20ed61e8e1569f
95eff1092198a47f11a7261d5419945c9b7745f457589fc3c9f1cbac4cd5fe95

HTTP Headers

POST /insights.php HTTP/1.1
Host: mycima9.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 12
Origin: https://mycima9.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 10 Sep 2023 00:01:46 GMT
content-type: application/json
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtA4XEAhKx9fO4%2B%2BQBj65zvI23iFGtmahRbjD2gDk4qis0cfp8QWM9wg%2FVPWVGqwpX31tgDrrcWOB5dJ4WISuCedn1Pi40Cx%2Beqe5hA4IPL6SsVndG5M%2B5%2FkLNEA7MFNk08qKtvp9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 804365f8fadfb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET dubzenom.com/5/4796941/?oo=1&js_build=iclick-v1.598.1-auto

139.45.197.245

200 OK

2.8 kB

URL GET HTTP/2
dubzenom.com/5/4796941/?oo=1&js_build=iclick-v1.598.1-auto
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerLet's Encrypt
Subjectdubzenom.com
FingerprintB4:A2:7A:7C:28:7D:21:81:28:0D:43:28:55:83:62:AB:A7:E8:B5:4B
ValidityTue, 05 Sep 2023 14:16:13 GMT - Mon, 04 Dec 2023 14:16:12 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3072), with no line terminators
Size
2.8 kB (2832 bytes)
Hash
e337b28fbc4b299574715a53a0df70c3
33e4b45e617c99f09f2847fce1a93cfabe88e47b
bc937e80a6422da8c8cf3c895973031f6f83dd441b2186a1edd57845735e5a18

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/4796941/?oo=1&js_build=iclick-v1.598.1-auto HTTP/1.1
Host: dubzenom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mycima9.wecima.watch
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 00:01:46 GMT
content-type: application/json
x-trace-id: cbfb58e21d4a1ae4d1f89d9732ac71fb
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://mycima9.wecima.watch
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=8451e9ab9c974d69875f94634160addb; expires=Mon, 09 Sep 2024 00:01:46 GMT; path=/; secure; SameSite=None
oaidts=1694304106; expires=Mon, 09 Sep 2024 00:01:46 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

188.114.97.1

200 OK

1.1 MB

URL GET HTTP/3
mycima9.wecima.watch/run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type

Size
1.1 MB (1077167 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /run/9e2151216e4082eae0acf5145efabe3a67de7deb53e3104d14a08de5c42d023d3d51ace4589f0af0b00c8eefab30643a8b7641cbde3d49f89c7c77ca2cdeca5c73231e65a9f0b4c015c0f3359c64850e63069/?Key=HQceaU-aQNMH1jQunMEwNw&Expires=1694314677 HTTP/1.1
Host: mycima9.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
DNT: 1
Connection: keep-alive
Cookie: _ga_6JHTFKY3P3=GS1.1.1694304106.1.0.1694304106.0.0.0; _ga=GA1.1.425629549.1694304106
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 10 Sep 2023 00:01:46 GMT
content-type: text/html; charset=UTF-8
x-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d137dB6a%2Fi8SjxepeQZ5SPEoUpNMaEZMwC0b0KKjTUw0MY5l%2FMib33lf7zVuDmQqGj6c8D4sy5IUTH7F4rnow%2BCgVeQIe5ifZ6C%2FN%2BYeeNQpx5T%2FKHGyvljTTDEVMm%2FjvIBnWuMJpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 804365fb9be2b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET mycima4.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/

188.114.97.1

301 Moved Permanently

351 kB

URL User Request GET HTTP/2
mycima4.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type

Size
351 kB (351444 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/ HTTP/1.1
Host: mycima4.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sun, 10 Sep 2023 00:01:45 GMT
content-type: text/html
location: https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1EL7d5CWrliinQnP9ne%2FVeBVoe756g3v4kYXhsCZ9RmllAEG8lkYAYpVP8M0eFOLo4yXA2nHtd5Lkl2CFSDuBwfk7hLRsiwVgEerJmr0vqK%2BecWz0GD3atP2b%2BAom2z3mKfwidXLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 804365f29fa456a4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET mycima9.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?2064532023&ver=6.2.2

188.114.97.1

200 OK

153 kB

URL GET HTTP/3
mycima9.wecima.watch/wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?2064532023&ver=6.2.2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Certificate
IssuerGoogle Trust Services LLC
Subjectwecima.watch
Fingerprint2D:52:53:72:00:3E:0D:E6:35:90:69:49:F1:F5:2B:78:AF:90:28:1B
ValiditySat, 29 Jul 2023 11:15:37 GMT - Fri, 27 Oct 2023 11:15:36 GMT

File type

Size
153 kB (152752 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/Mycima2021/components/packs/%23footer/js/setup.js?2064532023&ver=6.2.2 HTTP/1.1
Host: mycima9.wecima.watch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mycima9.wecima.watch/watch/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%81%D9%8A%D9%84%D9%85-dunkirk-2017-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 10 Sep 2023 00:01:46 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 13 Feb 2023 19:31:57 GMT
etag: W/"63ea902d-254b0"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jokuK72mVMFT%2B7mnQ2UP9cmpGluN8%2BRqqLF6qfnVyaZ6ywB0sa%2F2A%2F0nQFjlVOzI4aawTo3IrXMClaAG7tc1A%2FdCE7N4xGf7maH4dDnHFJtRR16H15IEw%2Fsq1aS1yC473vWvA9zd2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 804365f6398eb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash