Overview

URL dramacool9.co/
IP104.21.51.232
ASNCLOUDFLARENET
Location
Report completed2022-09-28 16:32:37 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-28 2 fleraprt.com Sinkholed
2022-09-28 2 goomaphy.com Sinkholed
2022-09-28 2 goomaphy.com Sinkholed
2022-09-28 2 goomaphy.com Sinkholed
2022-09-28 2 goomaphy.com Sinkholed


Files

No files detected



Passive DNS (44)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS fleraprt.com (1) 0 2022-01-14 22:55:14 UTC 2022-09-28 07:56:21 UTC 139.45.195.254 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-28 08:06:38 UTC 34.120.237.76
mnemonic passive DNS c.statcounter.com (1) 7772 2016-04-06 11:04:27 UTC 2022-09-28 05:22:54 UTC 104.20.229.67
mnemonic passive DNS ads.pubmatic.com (1) 469 2012-10-30 07:42:53 UTC 2022-09-28 04:52:22 UTC 23.38.200.201
mnemonic passive DNS pagead2.googlesyndication.com (1) 101 2021-02-20 15:52:05 UTC 2022-09-28 11:52:43 UTC 142.250.74.98
mnemonic passive DNS cdn.1vag.com (1) 48829 2021-02-10 15:12:50 UTC 2022-09-28 14:22:24 UTC 45.133.44.25
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-28 11:00:28 UTC 143.204.55.27
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-28 13:14:04 UTC 172.64.155.188
mnemonic passive DNS jsc.adskeeper.com (3) 31191 2020-07-04 10:58:29 UTC 2022-09-28 06:06:03 UTC 104.18.4.42
mnemonic passive DNS securepubads.g.doubleclick.net (1) 190 2013-05-31 04:19:39 UTC 2022-09-28 05:37:46 UTC 216.58.207.194
mnemonic passive DNS cdn.uponelectabuzzor.club (4) 0 2022-03-10 06:30:29 UTC 2022-09-28 16:08:09 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS cdn.itskiddoan.club (2) 24539 2021-09-23 10:55:49 UTC 2022-09-28 07:57:26 UTC 139.45.197.236
mnemonic passive DNS my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-09-28 12:03:19 UTC 139.45.195.8
mnemonic passive DNS lb.eu-1-id5-sync.com (3) 0 2022-06-06 12:52:22 UTC 2022-09-28 04:57:20 UTC 141.95.98.66 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-28 11:46:46 UTC 142.250.74.10
mnemonic passive DNS ocsp.digicert.com (10) 86 2012-05-21 07:02:23 UTC 2022-09-28 16:15:39 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-28 05:02:28 UTC 52.41.98.34
mnemonic passive DNS eced49d8e5.20e2b2c425.com (2) 0 2022-09-26 01:35:14 UTC 2022-09-28 07:57:29 UTC 162.55.139.130 Unknown ranking
mnemonic passive DNS js.wpadmngr.com (2) 25762 2021-06-02 14:43:46 UTC 2022-09-28 10:08:28 UTC 45.133.44.24
mnemonic passive DNS rtbrennab.com (1) 0 2022-04-20 15:49:10 UTC 2022-09-28 07:57:34 UTC 159.69.163.6 Unknown ranking
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-28 05:34:56 UTC 104.17.24.14
mnemonic passive DNS ocsp.pki.goog (9) 175 2017-06-14 07:23:31 UTC 2022-09-28 04:36:20 UTC 142.250.74.3
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-28 14:54:21 UTC 142.250.74.174
mnemonic passive DNS id5-sync.com (3) 504 2017-01-25 21:02:34 UTC 2022-09-28 04:37:15 UTC 162.19.138.82
mnemonic passive DNS tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-09-28 07:56:20 UTC 172.67.194.45 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-28 04:36:06 UTC 34.117.237.239
mnemonic passive DNS platform.bidgear.com (3) 30367 2018-11-15 19:45:56 UTC 2022-09-28 08:17:36 UTC 104.26.2.107
mnemonic passive DNS js.cabnnr.com (1) 37463 2021-08-30 12:50:21 UTC 2022-09-28 07:57:22 UTC 45.133.44.25
mnemonic passive DNS r3.o.lencr.org (18) 344 2020-12-02 08:52:13 UTC 2022-09-28 04:36:09 UTC 23.36.77.32
mnemonic passive DNS 192d42a802.20e2b2c425.com (1) 0 2022-09-25 03:31:30 UTC 2022-09-28 07:01:26 UTC 45.133.44.25 Unknown ranking
mnemonic passive DNS s-img.adskeeper.com (5) 13551 2020-05-01 09:37:09 UTC 2022-09-28 08:15:14 UTC 104.18.5.42
mnemonic passive DNS fp.metricswpsh.com (2) 0 2022-04-22 11:20:32 UTC 2022-09-28 10:08:29 UTC 157.90.84.244 Unknown ranking
mnemonic passive DNS goomaphy.com (4) 0 2022-07-22 19:39:03 UTC 2022-09-28 08:49:08 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS notification.tubecup.net (1) 8210 2019-08-30 09:36:01 UTC 2022-09-28 16:00:27 UTC 138.201.236.216
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-28 04:39:06 UTC 64.233.165.154
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-28 04:42:17 UTC 142.250.74.72
mnemonic passive DNS imp9.bidgear.com (3) 34078 2021-03-15 11:09:09 UTC 2022-09-28 08:17:36 UTC 104.26.2.107
mnemonic passive DNS rhombicsomeday.com (1) 0 2022-05-14 08:11:12 UTC 2022-09-28 07:57:09 UTC 172.255.6.16 Unknown ranking
mnemonic passive DNS cdn.adskeeper.co.uk (1) 25177 2015-04-14 15:24:15 UTC 2022-09-28 15:43:40 UTC 104.18.26.174
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-28 04:36:33 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS btds.zog.link (1) 38469 2019-10-07 21:35:03 UTC 2022-09-28 07:57:38 UTC 109.206.163.112
mnemonic passive DNS www.statcounter.com (1) 11621 2013-07-16 09:44:13 UTC 2022-09-28 13:32:15 UTC 104.20.229.67
mnemonic passive DNS dramacool9.co (2) 134703 2019-12-21 16:57:55 UTC 2022-09-28 08:07:23 UTC 172.67.190.162
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-28 05:13:47 UTC 143.204.55.25


Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 104.21.51.232

Date UQ / IDS / BL URL IP
2022-12-04 11:14:06 +0000
0 - 0 - 14 www.dramacool9.co/200-pounds-beauty-episode-1/ 104.21.51.232
2022-09-28 16:32:37 +0000
0 - 0 - 5 dramacool9.co/ 104.21.51.232

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-09 23:33:52 +0000
0 - 0 - 6 olyeql.codesandbox.io/?wc=benjamin.benita@slu (...) 104.18.6.114
2022-12-09 23:32:36 +0000
0 - 0 - 4 wood-owl.com/ 188.114.97.1
2022-12-09 23:31:45 +0000
0 - 0 - 4 tusfiles.com/ofldynb88mzq 172.67.138.108
2022-12-09 23:30:15 +0000
0 - 0 - 3 freshworldnews.pro/u7y8V5dS 104.21.18.56
2022-12-09 23:29:28 +0000
0 - 0 - 7 olyeql.codesandbox.io/?wc=adam.flint@slurpmail.net 104.18.6.114

Last 5 reports on domain: dramacool9.co

Date UQ / IDS / BL URL IP
2022-12-04 11:14:06 +0000
0 - 0 - 14 www.dramacool9.co/200-pounds-beauty-episode-1/ 104.21.51.232
2022-12-02 00:36:10 +0000
0 - 0 - 4 dramacool9.co/ 188.114.97.1
2022-11-21 08:35:07 +0000
0 - 0 - 4 dramacool9.co/ 172.67.190.162
2022-09-28 16:32:37 +0000
0 - 0 - 5 dramacool9.co/ 104.21.51.232
2022-09-24 16:23:05 +0000
0 - 0 - 3 dramacool9.co/ 172.67.190.162

No other reports with similar screenshot



JavaScript

Executed Scripts (35)


Executed Evals (29)

#1 JavaScript::Eval (size: 46, repeated: 1) - SHA256: e218a1ac15f252350ef2646dead414bf35db450215962e63da301cb7c3f064eb

                                        this.context['navigator']['webkitGetGamepads']
                                    

#2 JavaScript::Eval (size: 30, repeated: 1) - SHA256: 7ceacb36606d6f6599d3ed5454c31152cb4417fb3c02ebb66431c4227a653726

                                        this.context['clearImmediate']
                                    

#3 JavaScript::Eval (size: 31, repeated: 1) - SHA256: fb71685befff6e5c6fb9e2dd5f9bea6c71a2a162b39920f3927ef5ebfcf0134d

                                        this.context['BeforeLoadEvent']
                                    

#4 JavaScript::Eval (size: 22, repeated: 1) - SHA256: c624a79f9c72c617d0ed1ad3207a67a39f6243071e14c4ebeace5dcff97313a3

                                        this.context['Entity']
                                    

#5 JavaScript::Eval (size: 19, repeated: 1) - SHA256: 631bd9a13534679ce526b007d4fc8352793377d89bcc321392b01ecf075c4101

                                        this.context['Set']
                                    

#6 JavaScript::Eval (size: 42, repeated: 1) - SHA256: 2fc752a40595d1d6681e6be3ebd8f44cdda99876ff9ee19fe654647a6a11415e

                                        this.context['ApplicationCacheErrorEvent']
                                    

#7 JavaScript::Eval (size: 45, repeated: 1) - SHA256: d7fff9897aaa9675a3652e7cac1a8c2a3427b896b5cc0ab5ffd628f9bb106e34

                                        this.context['external']['AddSearchProvider']
                                    

#8 JavaScript::Eval (size: 33, repeated: 1) - SHA256: 92cc9c48ca7d897742a37b1578ba7c99e9d9c405fced233bb9a3270ef84fddfc

                                        this.context['DeviceMotionEvent']
                                    

#9 JavaScript::Eval (size: 28, repeated: 1) - SHA256: fca3cd5a7ca3a44b75f81e0c169fe599fb48741835c83b5616e304b3f722522b

                                        this.context['AnalyserNode']
                                    

#10 JavaScript::Eval (size: 41, repeated: 1) - SHA256: 25fde17ee6ee622be6ebf83118c8802af55f2721a375a4017d6dec6edaf3b37b

                                        this.context['DOMException']['ABORT_ERR']
                                    

#11 JavaScript::Eval (size: 39, repeated: 1) - SHA256: 04f881dff1163e4e36943700ddbcf25667dfe7e0b154d21e181a771955264d60

                                        this.context['document']['createTouch']
                                    

#12 JavaScript::Eval (size: 35, repeated: 1) - SHA256: 7013ec5264e02f54f3b42e05b51fd1ad0f180fa3870b71acd2f1a384cc81d601

                                        this.context['document']['prepend']
                                    

#13 JavaScript::Eval (size: 35, repeated: 1) - SHA256: 41aae560d6dd4b675e6e45d30c1572db537659e580ac434c4b89b76e4f3dc5ac

                                        this.context['SiteBoundCredential']
                                    

#14 JavaScript::Eval (size: 9, repeated: 1) - SHA256: 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351

                                        debugger;
                                    

#15 JavaScript::Eval (size: 41, repeated: 1) - SHA256: e9d851c02746b7bd4d9207264c143f76480b69aa3552b1cdaa79ee537d83f5ac

                                        this.context['navigator']['taintEnabled']
                                    

#16 JavaScript::Eval (size: 28, repeated: 1) - SHA256: 4f6a557989f79654728dcb244539b604c5329db30b964d6e8c524c72517b9fa6

                                        this.context['Notification']
                                    

#17 JavaScript::Eval (size: 32, repeated: 1) - SHA256: a535a9a97ed5a801419c63a6e764dd3b24c8456f177155717caf9ba3411ef756

                                        this.context['chrome']['search']
                                    

#18 JavaScript::Eval (size: 43, repeated: 1) - SHA256: 0220aceb9c3413632235ce2598b94dd7a130a95558114c04ad41f9386b69777b

                                        this.context['clientInformation']['vendor']
                                    

#19 JavaScript::Eval (size: 31, repeated: 1) - SHA256: 0408d20a8555f96ab5cced9f89880c477f78d4ade576e5618b04094f034fb081

                                        this.context['ArrayBufferView']
                                    

#20 JavaScript::Eval (size: 26, repeated: 1) - SHA256: 59d45abada49f5b514521b527330402a2d826ae3f0dab2199c58c38f1e511777

                                        this.context['TouchEvent']
                                    

#21 JavaScript::Eval (size: 36, repeated: 1) - SHA256: a612f8985aebacd5c5fa6b17d16982a29983ae9131bae94403ff9abe1ce2ded2

                                        this.context['navigator']['appName']
                                    

#22 JavaScript::Eval (size: 25, repeated: 1) - SHA256: cfd8889f26f46323b63c7766e414faf4a4171cc959c4c2b2e6a64c0ec3edf13f

                                        this.context['CryptoKey']
                                    

#23 JavaScript::Eval (size: 35, repeated: 1) - SHA256: 022ae916a59e1d7cb709a35e757c60e6626bfccd2c1e87c5ad6b432f0f1b1538

                                        this.context['HTMLBaseFontElement']
                                    

#24 JavaScript::Eval (size: 36, repeated: 1) - SHA256: 2d498779a32244d72a8a7d953918ce95c00fab9d3b129b2a1c3125fb263ccb45

                                        this.context['self']['SharedWorker']
                                    

#25 JavaScript::Eval (size: 45, repeated: 1) - SHA256: e44d38f746ee1fa3b3ef03ed6ea3f298c25e173b6daea3c4505afce8bb869508

                                        this.context['CanvasCaptureMediaStreamTrack']
                                    

#26 JavaScript::Eval (size: 21, repeated: 1) - SHA256: 5f7d79033f82e1d81e2e6490b1fe43f241e2889aae35ea6d5f968ca697f5a577

                                        this.context['close']
                                    

#27 JavaScript::Eval (size: 39, repeated: 1) - SHA256: aaa8c0ab87c7070701d0a29a610c65a4c1d29153c2d14623602acef3eea646dd

                                        this.context['EventTarget']['toString']
                                    

#28 JavaScript::Eval (size: 21, repeated: 1) - SHA256: 37ceb2a749341c51c7b8c25daaa71dc167b4aba7485c9b398b8ab004b685e492

                                        this.context['Touch']
                                    

#29 JavaScript::Eval (size: 19, repeated: 1) - SHA256: 67909fba812519f6eced963d195970a41923b591290d48f96704719fc6b74ec5

                                        this.context['NaN']
                                    

Executed Writes (3)

#1 JavaScript::Write (size: 859, repeated: 1) - SHA256: 98040956282fd68ca913ae178f06bfb1adccac6b5b650614818d3dfb05365be6

                                        < div class = "bg-ssp-3133"
style = "width:300px!important;height:250px!important;position:relative!important;text-align:left!important;overflow:hidden!important;border: 1px solid #E5E5E5;" > < div style = "display:none" > < img data - cfasync = "false"
src = "//imp9.bidgear.com/rec?t=1&z=3133&uuid=cbf5fae5866e4595a524f557a505080c&p=81&g=NO&token=4a44335432&tbg=1664382746"
rel = "noindex nofollow"
referrerpolicy = "unsafe-url" / > < /div><style> .ind-11 { z-index: 2; position: relative; } .ind-21 { z-index: 1; width: 300px; height: 18px; background-color: #fff; bottom: 0; right: 0; position: absolute; } </style > < div class = "ind-11" > < div class = "ind-21" > < /div> <div id="M551636ScriptRootC1364502"></div > < script src = "https://jsc.adskeeper.com/b/i/bidgear.dramacool9.co.1364502.js"
async > < /script> </div > < style > .bg - ssp - 3133 {
    margin - left: auto;
    margin - right: auto;
} < /style></div >
                                    

#2 JavaScript::Write (size: 858, repeated: 1) - SHA256: 6b18c70d9bbe3ffb6ba762473faf5248bcad3e74c3a67ec2e5de856f5893c9c3

                                        < div class = "bg-ssp-6833"
style = "width:300px!important;height:250px!important;position:relative!important;text-align:left!important;overflow:hidden!important;border: 1px solid #E5E5E5;" > < div style = "display:none" > < img data - cfasync = "false"
src = "//imp9.bidgear.com/rec?t=1&z=6833&uuid=136a1e3c1bd24109b7bc373c5a7e6530&p=78&g=NO&token=4a44335432&tbg=1664382746"
rel = "noindex nofollow"
referrerpolicy = "unsafe-url" / > < /div><style> .ind-12 { z-index: 2; position: relative; } .ind-22 { z-index: 1; width: 300px; height: 18px; background-color: #fff; bottom: 0; right: 0; position: absolute; } </style > < div class = "ind-12" > < div class = "ind-22" > < /div> <div id="M551636ScriptRootC1332671"></div > < script src = "https://jsc.adskeeper.com/b/i/bidgear.dramacool9.co.1332671.js"
async > < /script> </div > < style > .bg - ssp - 6833 {
    margin - left: auto;
    margin - right: auto;
} < /style></div >
                                    

#3 JavaScript::Write (size: 788, repeated: 1) - SHA256: f2ee98268a535deb167ce4e768831801bbfff2ee37f2746d120f7a74fc50836e

                                        < div class = "bg-ssp-5787"
style = "width:160px!important;height:600px!important;position:relative!important;text-align:left!important;overflow:hidden!important;border: 1px solid #E5E5E5;" > < div style = "display:none" > < img data - cfasync = "false"
src = "//imp9.bidgear.com/rec?t=1&z=5787&uuid=2edccc536d6a42cfbcfd0ef36bbc024d&p=78&g=NO&token=4a44335432&tbg=1664382746"
rel = "noindex nofollow"
referrerpolicy = "unsafe-url" / > < /div><style> .ind-13 { z-index: 2; position: relative; } .ind-23 { z-index: 1; width: 90px; height: 18px; background-color: #fff; bottom: 0; right: 0; position: absolute; } </style > < div class = "ind-13" > < div class = "ind-23" > < /div> <div id="M551636ScriptRootC1329573"></div > < script src = "https://jsc.adskeeper.com/b/i/bidgear.dramacool9.co.1329573.js"
async > < /script> </div > < /div>
                                    


HTTP Transactions (109)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: dramacool9.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.67.190.162
HTTP/1.1 301 Moved Permanently
                                        
Date: Wed, 28 Sep 2022 16:32:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 28 Sep 2022 17:32:25 GMT
Location: https://dramacool9.co/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBHCM9oPUBduKHR1QcF%2BkaGOehBBI34vMkhbVru3gqehOr3UlFKFf2UHo6C794pK0S7VB9XqhkT0S5kUqcmJnen9hQ9y4TmyveVfTD08QzEdM44mQgnUtkSxXGEnpoS1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751de0014bd7b4fa-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 15:54:51 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UJhrtxvPn9wmv226irb0fPaQzbFLSZ8FklR4DHcHCP1guBURTG8Djw==
Age: 2254


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9FE6BEB1CB3851018168765A243B6DE69EC71D30770F8C2DCC57CAE7D9978CC1"
Last-Modified: Wed, 28 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13512
Expires: Wed, 28 Sep 2022 20:17:38 GMT
Date: Wed, 28 Sep 2022 16:32:26 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TPTmY9DtRlaYufY00cuEv7m3aeXkaQIt52yN9c3JVEUJhUmwyQMO4Q==
age: 39840
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET / HTTP/1.1 
Host: dramacool9.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.67.190.162
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
date: Wed, 28 Sep 2022 16:32:26 GMT
location: http://www.dramacool9.co/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83VAioikZDevu36IApLFuf%2BIY56ncdvrAV98I6aDf9K7xtfoSXXc23Kzchd4k0lXGJ1cJ6PNl8g4KaJRtk8%2FEOS9GAgK%2BlTSCk7u22a%2Brenztc5raQXx8M17udp9bGJq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751de002eb81b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 28 Sep 2022 16:32:26 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 16:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 17:25:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: boiOsmP2F81Fc6oZ9E95RTzLxS4ATyG4Rew6OVEyq_JkF6RF3qamwA==
Age: 173


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4596
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 16:32:26 GMT
Last-Modified: Wed, 28 Sep 2022 15:15:50 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js?ver=1 HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 16:32:26 GMT
content-length: 1120
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-d35"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3753
expires: Mon, 18 Sep 2023 16:32:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2B5Ra19BUBrD3JA%2BAeVowAUzLlz9agBl6MfMUfNlbkmeSWJQmtPixcvxedcOb%2FhP%2FMsFlS3wJgVSF3WlhlGi0ZfxkYIWy%2BY5XU5pp390%2F6N%2Ba14qJotl%2Fj6J5zOFCB9o7JROxNnV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 751de006fb45b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3309)
Size:   1120
Md5:    edf1dd25b1ab3d24fbf2444b4061838c
Sha1:   e59cb30ed49d56313ee1f770f6784f5faaa1199f
Sha256: c31915d8a610a15ca29180348abb37bdaff9d8bde76f13c0e78bc841e633c06e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 16:32:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4596
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 16:32:26 GMT
Last-Modified: Wed, 28 Sep 2022 15:15:50 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8509E30A8E2540A57AD250887C514112648E06DA9806CEC40734E338C9005266"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7517
Expires: Wed, 28 Sep 2022 18:37:43 GMT
Date: Wed, 28 Sep 2022 16:32:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2466
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 16:32:26 GMT
Last-Modified: Wed, 28 Sep 2022 15:51:20 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /gtag/js?id=UA-131447009-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 16:32:26 GMT
expires: Wed, 28 Sep 2022 16:32:26 GMT
cache-control: private, max-age=900
last-modified: Wed, 28 Sep 2022 16:03:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   42337
Md5:    8af794efc36a439a856480e1ece73afd
Sha1:   964b4a16e65b6d896d40b744dd175664d16c80a2
Sha256: eac63b4b8f9bb6ceb4f5fa49ec118b975b8f12cd8efd7a50af78317bd50a3223
                                        
                                            GET /1clkn/16782 HTTP/1.1 
Host: rhombicsomeday.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.255.6.16
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Wed, 28 Sep 2022 16:32:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Thu, 29-Sep-2022 16:32:26 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Thu, 29-Sep-2022 16:32:26 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    414a242a6fee8464282857e475d3ef61
Sha1:   f669890350347f53aa9bd19c1a355692e8d17d2f
Sha256: d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 16:32:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "47B66B7984C8B993C5ADE91310D8E37692237A56EF16D396A8EEDE67D85F9F70"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12899
Expires: Wed, 28 Sep 2022 20:07:25 GMT
Date: Wed, 28 Sep 2022 16:32:26 GMT
Connection: keep-alive

                                        
                                            GET /static/adManager.js HTTP/1.1 
Host: js.wpadmngr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.24
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 16:32:26 GMT
server: nginx/1.18.0
last-modified: Wed, 13 Jul 2022 06:52:04 GMT
etag: W/"62ce6b94-4e2"
content-encoding: gzip
expires: Wed, 28 Sep 2022 16:37:26 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1250), with no line terminators
Size:   615
Md5:    c8b99d4f5dc6ae49e8f5ce37cbb4763c
Sha1:   2c2902e8c4c4771e83273ed0adc73a1e734b8303
Sha256: 5633d5692593688e684ad11bac5e2d21d8a2764127632144cd6b8f4a38ef34a2
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8kUWLLrxkMuRV+iy3hxdtw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.41.98.34
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sHRCIVnGDJifQlPEL5NA5AH8QV0=

                                        
                                            GET /rec?t=1&z=3133&uuid=cbf5fae5866e4595a524f557a505080c&p=81&g=NO&token=4a44335432&tbg=1664382746 HTTP/1.1 
Host: imp9.bidgear.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.2.107
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 16:32:27 GMT
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4QXelQJg2VK%2BeT9Ha7vfqC%2FHlb4a2%2Blz1J%2BtQmfvaplxZJoSB0Y2PXX7WZ9%2FkJdMvot4djodYYrJSPnQ2mhvky6tF9CfgPASS%2FE7L56V45ut90PDZ3qVlo4hlkIienBlaA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751de007efedb4f9-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size:   599
Md5:    ca49a7e783b806a4e8576ea80346203d
Sha1:   6fe9d083221dae98f6c76f7121c37bc884b02d82
Sha256: 3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
                                        
                                            GET /ads.php?domainid=2175&sizeid=2&zoneid=6833 HTTP/1.1 
Host: platform.bidgear.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.2.107
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 16:32:27 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihb9YopqjIgbxQXiEdvc%2BaN%2B7PvLki2z7Ue1W%2FMzH2voQMc%2B4oDnJ3BgirtOKNpX29MSchbew%2BTRiHfWEDifD4gz2LShW9luzOvaMu6Xxfz1zmq1vcHjFGeHZWDi%2BRQgvzrqeyOY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751de006dec0b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (888), with no line terminators
Size:   986
Md5:    c19fa02d2824f2175b9867376a1c7788
Sha1:   a389e8c005ebe30c55fb424740790abcdcc6dfa5
Sha256: 80f619a8a5a4019ad272830fcdf446086d81587cbf65ff0d42bb5acb2b1bc922
                                        
                                            GET /rec?t=1&z=6833&uuid=136a1e3c1bd24109b7bc373c5a7e6530&p=78&g=NO&token=4a44335432&tbg=1664382746 HTTP/1.1 
Host: imp9.bidgear.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.2.107
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 16:32:27 GMT
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBA9Pv1YJ09M5Cs73TWDYTReeOVs5BGeKngnu8%2FXZPormmP5zeQgNJUW4iqZTpDZutyGukE6zDjK2W2WpnHdeyXKc34HVfuNBZw481rUxlfop%2F6ROHKP2YR18kd2WppAgBQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751de00989e9b4f9-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size:   599
Md5:    ca49a7e783b806a4e8576ea80346203d
Sha1:   6fe9d083221dae98f6c76f7121c37bc884b02d82
Sha256: 3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BFE36D1D5B5E033D20F3C6E5C5A5CD999F25B5F954113BBA8EC8825FA331E8F"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3378
Expires: Wed, 28 Sep 2022 17:28:45 GMT
Date: Wed, 28 Sep 2022 16:32:27 GMT
Connection: keep-alive

                                        
                                            GET /rec?t=1&z=5787&uuid=2edccc536d6a42cfbcfd0ef36bbc024d&p=78&g=NO&token=4a44335432&tbg=1664382746 HTTP/1.1 
Host: imp9.bidgear.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.2.107
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 16:32:27 GMT
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E41uk1gwgyP2CC%2FEl9eATUYHT6UQUTloVvD9DrsUnDpkVYVlV8QCe%2FXvw07FtU69eG5RSf5dkGlLCszK0fH7sNxl95WLl3zuyE6FS%2F%2FIls6IxsK6IILl%2FeEfR0NhFH3EbGY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751de0099a14b4f9-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size:   599
Md5:    ca49a7e783b806a4e8576ea80346203d
Sha1:   6fe9d083221dae98f6c76f7121c37bc884b02d82
Sha256: 3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
                                        
                                            GET /ads.php?domainid=2175&sizeid=2&zoneid=3133 HTTP/1.1 
Host: platform.bidgear.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.2.107
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 16:32:26 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPAKXG1Q4%2Bq1xqH9lQ2weglidP9eg%2FB6f220J2M%2FXJlnHFRgICG2ZJnCgKxfgQ7JhuvcYVaUd5%2Fi621LCb%2FFUZ4qccy%2FGZAeAp6Tru40szKtLoGPCFxU2Lb3wEaLnMtmzqW75Rzf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751de006deb9b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (889), with no line terminators
Size:   12506
Md5:    7a58e6536768c57425bd609796efa94f
Sha1:   a2d9638876b01fcb47b632f54bd92c74b4d795fc
Sha256: eef4c6bf57e8a859a8f4058c30453a0137d8fcd12558cb05f6d83981c36d02d6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4829
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 16:32:27 GMT
Last-Modified: Wed, 28 Sep 2022 15:11:58 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4829
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 16:32:27 GMT
Last-Modified: Wed, 28 Sep 2022 15:11:58 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2140
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 16:32:27 GMT
Last-Modified: Wed, 28 Sep 2022 15:56:47 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /b/i/bidgear.dramacool9.co.1329573.js HTTP/1.1 
Host: jsc.adskeeper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.4.42
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Wed, 28 Sep 2022 16:32:27 GMT
content-length: 914
x-amz-id-2: W3FOiZ97EzudGJbp2XD0oyNWXX4VnFc2ZwsuVHU58fkaAp1NbCo+AxfAtKIs/a1dDM0axgb7dvU=
x-amz-request-id: 6CF04NDFNQFQ84PH
last-modified: Fri, 24 Jun 2022 15:23:06 GMT
etag: "d5ab2135a77d913058f3259022db6e03"
content-encoding: gzip
x-amz-version-id: TEtDV_qmGna89BsWeE04RFszhRJV4XCN
cf-cache-status: HIT
age: 5908
expires: Wed, 28 Sep 2022 20:32:27 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751de00c4f4fb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2350)
Size:   914
Md5:    d5ab2135a77d913058f3259022db6e03
Sha1:   0047f3c2357656964cdcc40fcf02170fd66f399e
Sha256: a369b32d63b33ffe5b3c2f1eb8772b8e2eb8a78b29d8779c21a1869a1c11affe
                                        
                                            GET /b/i/bidgear.dramacool9.co.1364502.js HTTP/1.1 
Host: jsc.adskeeper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.4.42
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Wed, 28 Sep 2022 16:32:27 GMT
content-length: 913
x-amz-id-2: 77adqSBim5oWo2vR6+a9ddeYVNeEFITkLUkGSHnuUAoxtsQLUQdBplSKqXLPTmYvFhWhG3+0JWY=
x-amz-request-id: YFSTX6SS75KRM19Q
last-modified: Wed, 21 Sep 2022 19:28:36 GMT
etag: "a8a3feb1832300a0cf92f938dd7cd3da"
content-encoding: gzip
x-amz-version-id: I0fCd9cXY7XJ4yhaSu8kU.2fcK1kotQ.
cf-cache-status: HIT
age: 4898
expires: Wed, 28 Sep 2022 20:32:27 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751de00c5f6cb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2350)
Size:   913
Md5:    a8a3feb1832300a0cf92f938dd7cd3da
Sha1:   fa0cf96681b372358412efdc39e0ff8be59fa96c
Sha256: 59981ea78afacfacdee093fae69a23c7e7a274a8dfde45332018bcd8763ce293
                                        
                                            GET /b/i/bidgear.dramacool9.co.1332671.js HTTP/1.1 
Host: jsc.adskeeper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.4.42
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Wed, 28 Sep 2022 16:32:27 GMT
content-length: 913
x-amz-id-2: b2PjQRYZhOm2JUXSTW2DEvNamPQqNiM0FGjeiS1gEZWb8ZYJHMQG3EJFIackKtpfk2D38ODNCNpPLZd8k/2HBQ==
x-amz-request-id: 02648CTXNZYPW0MR
last-modified: Wed, 24 Aug 2022 10:28:37 GMT
etag: "e9b76b5544d05c107269640692311375"
content-encoding: gzip
x-amz-version-id: a5W0cvH5zo5anLHMKThCQjjWo70.OEyi
cf-cache-status: HIT
age: 5908
expires: Wed, 28 Sep 2022 20:32:27 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751de00c5f6fb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2350)
Size:   913
Md5:    e9b76b5544d05c107269640692311375
Sha1:   60f21b9ff62963fb30f7c846190b9233558a4fc9
Sha256: dad9937760c263ef39ca4e2552a8af973d7de715d6e460f7b958ec6f2d673d04
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 28 Sep 2022 14:41:09 GMT
expires: Wed, 28 Sep 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 6678
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 16:32:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4829
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 16:32:27 GMT
Last-Modified: Wed, 28 Sep 2022 15:11:58 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /tag/js/gpt.js HTTP/1.1 
Host: securepubads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.194
HTTP/2 200 OK
content-type: text/javascript
                                        
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27722
date: Wed, 28 Sep 2022 16:32:27 GMT
expires: Wed, 28 Sep 2022 16:32:27 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1347 / 520 of 1000 / last-modified: 1664363254"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (45165)
Size:   27722
Md5:    8da3ae2b65b7cf87403d7c61ef9cfd3f
Sha1:   6cefcf9ca6305883477f3261b1fc837d0b712edc
Sha256: 971b1b8d60d082347cc0ffa651dab6f04fb7aaf7673addae26b449a10a23f915
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "92721C7AB4EEB285CF22743E7CD3A70BED636F866146C230A154BE78C556DC3B"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1483
Expires: Wed, 28 Sep 2022 16:57:10 GMT
Date: Wed, 28 Sep 2022 16:32:27 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 16:32:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 16:32:27 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 15:02:18 GMT
Expires: Mon, 03 Oct 2022 15:02:17 GMT
Etag: "02745fc47df86f86aeb0f8c25bbd67cff0bdbab7"
Cache-Control: max-age=425989,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751de00ceaceb51e-OSL

                                        
                                            GET /42/38?z=5305455 HTTP/1.1 
Host: cdn.uponelectabuzzor.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: scm=1; OAID=0e891b7d69ed44be9861ce0b3cee0a0b; oaidts=1664382747
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 28 Sep 2022 16:32:27 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 7ac8e90e5d564ef9310a1055eacaeb33
access-control-expose-headers: X-Sc
set-cookie: OAID=0e891b7d69ed44be9861ce0b3cee0a0b; expires=Thu, 28 Sep 2023 16:32:27 GMT; secure; SameSite=None oaidts=1664382747; expires=Thu, 28 Sep 2023 16:32:27 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 16:32:27 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 16:30:35 GMT
Expires: Wed, 05 Oct 2022 16:30:34 GMT
Etag: "edd03fdb888f93ea24fef13ce2615cd68c1e6ce7"
Cache-Control: max-age=604086,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751de00c2f39b524-OSL

                                        
                                            GET /1?z=5305455 HTTP/1.1 
Host: cdn.uponelectabuzzor.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Wed, 28 Sep 2022 16:32:27 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 241b6045df452c8a54ea827a2a5647b9
access-control-expose-headers: X-Sc
x-sc: nXxhljLkzlTAlQ_SxGWYZ39bV2d7HGcUWV-O5XU074Y0cBOsZ_bE1eJtQZQ6gxSSWMMIJMCeA9TCrcwr8hof-0cI10o=
set-cookie: scm=1; expires=Thu, 28 Sep 2023 16:32:27 GMT; secure; SameSite=None OAID=0e891b7d69ed44be9861ce0b3cee0a0b; expires=Thu, 28 Sep 2023 16:32:27 GMT; secure; SameSite=None oaidts=1664382747; expires=Thu, 28 Sep 2023 16:32:27 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   135272
Md5:    d38b6572f2f7cd58a7ae104b29768c2f
Sha1:   adc684401fc6980178a6b97fadcaee5a00801785
Sha256: a15c774f59a64f66655f44ca083b886ad62be06bcf346e7aa972022946989c4a
                                        
                                            GET /apu.php?zoneid=5290228 HTTP/1.1 
Host: cdn.itskiddoan.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 28 Sep 2022 16:32:27 GMT
x-trace-id: 9d90de7a648cca2e5501bbfc5f0c95fc
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=6114ea5387af46238db9380443348743; expires=Thu, 28 Sep 2023 16:32:27 GMT; path=/; secure; SameSite=None oaidts=1664382747; expires=Thu, 28 Sep 2023 16:32:27 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   29339
Md5:    636e35d96c7b6c561ff4ba9ea32f6ed8
Sha1:   8759cc94a353c5f631cbf3cbf2e4d0c2b51f24a7
Sha256: 0e3b148bf901d5d4b9b1b558f73b0c7d48354754f9ddbd39a08bc6f690dad3dc
                                        
                                            GET /gid.js?userId=6114ea5387af46238db9380443348743 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Wed, 28 Sep 2022 16:32:27 GMT
content-length: 65
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=6114ea5387af46238db9380443348743; expires=Thu, 28 Sep 2023 16:32:27 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    61c453fab481c29fc271bed8749a4fb4
Sha1:   7d2f881f80609d87dc19baf1234834e5491cb3e1
Sha256: 62febf3da22e7a847d40775644ad46674f7dd353579788d41cdf26613d7b8798
                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: fleraprt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.dramacool9.co
Content-Length: 1513
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.254
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Wed, 28 Sep 2022 16:32:47 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www.dramacool9.co
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2972
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 16:32:28 GMT
Last-Modified: Wed, 28 Sep 2022 15:42:56 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /images/adskeeper_svg.svg HTTP/1.1 
Host: cdn.adskeeper.co.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.26.174
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 16:32:28 GMT
x-amz-id-2: 9+wK7//B9wiKymVhwJBS49yIWsknA1BYnHtl2rpiLd1F4bVgMRR1xL0U37+qHDuhswdKTk5XkFw=
x-amz-request-id: P23ZACW8NK08CPPP
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
x-amz-version-id: null
cf-cache-status: HIT
age: 2700
expires: Wed, 28 Sep 2022 20:32:28 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 751de010ba88b4f1-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1282
Md5:    9284e44a6e3b94e764ae5ecca02eace8
Sha1:   f83fedadde2bcf7111c5ef82b3e25428895a7997
Sha256: a0326aa06bb1c1ff028811908c571062c07447dd62a69d636740d0754577fb6b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2441
Expires: Wed, 28 Sep 2022 17:13:09 GMT
Date: Wed, 28 Sep 2022 16:32:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2441
Expires: Wed, 28 Sep 2022 17:13:09 GMT
Date: Wed, 28 Sep 2022 16:32:28 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   1349
Md5:    972c6858a5dd7c4cabe9b85506f7919b
Sha1:   09fca2f04376f8ed9ffc56eba8889dd1ba4d399b
Sha256: 7a27def8c4ff19d5662564a864e5017214dd250213ea5175f6c3513df1f670dd
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2441
Expires: Wed, 28 Sep 2022 17:13:09 GMT
Date: Wed, 28 Sep 2022 16:32:28 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KmVkKXoPqZmnwFtpKhuox1kJNDoSxMEmYE39_zVPyaeoU4sPqq-_wA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:23 GMT
age: 67685
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   14585
Md5:    7f0ba7d1c37f960f55945586f239cd31
Sha1:   de444a45b3d9ea57ac75e61e55e2de8656348f5f
Sha256: 954a076c0be76cbed75997fc8c9cfdd4ac0ba50506511329246e82833581488b
                                        
                                            GET /t.php?sc_project=11857087&u1=F3F6621E481D4FC96A8BB60A8D8978F3&java=1&security=513b4a2c&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.dramacool9.co/&t=Dramacool%3A%20Asian%20Drama%2C%20Movies%20and%20KShow%20English%20Sub%20in%20HD%20(2022)&invisible=1&sc_rum_e_s=2217&sc_rum_e_e=2221&sc_rum_f_s=0&sc_rum_f_e=2206&get_config=true HTTP/1.1 
Host: c.statcounter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.20.229.67
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 28 Sep 2022 16:32:28 GMT
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc11857087.1664382748.0; SameSite=None; Secure; Expires=Tuesday, 28-Sep-2027 00:32:28 CST; Path=/; Domain=.statcounter.com is_visitor_unique=1664382748172383506; SameSite=None; Secure; Expires=Saturday, 28-Sep-2024 00:32:28 CST; Path=/; Domain=.statcounter.com
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751de00f2dc6b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   14614
Md5:    f83b63ed45d0f14bb7e420cdc4f50a03
Sha1:   3383e5f3372700e20386171d7c6bc70a770d32e0
Sha256: d24642496bdb50adf6d99f1f01131a0e3a301eee1c54d12589a0c6e11a575696
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2441
Expires: Wed, 28 Sep 2022 17:13:09 GMT
Date: Wed, 28 Sep 2022 16:32:28 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 67525
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8500
Md5:    6139c878a7d2bd32c61fc8287996eb5b
Sha1:   9c4692ea64832895fbd107d91f879728b6a440c7
Sha256: 3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
                                        
                                            GET /g/10881049/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF80ODIseV80NDgvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMTAxOTI0LzViZjEyZGRhNjI3ZjI1ZTY0Mzc0NTc3NGVkMGM1MWZmLmpwZw.webp?v=1664382748-cXUaRGF13menOgh1PynBiUQVoLUng8v1a7UoFQQuHxY HTTP/1.1 
Host: s-img.adskeeper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.5.42
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 28 Sep 2022 16:32:28 GMT
content-length: 25586
x-mg-request-uuid: e09c80bb-a1b2-4231-86a8-750f1c5a4206
access-control-allow-origin: *
last-modified: Thu, 11 Nov 2021 15:56:22 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 866920
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751de0117c19b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   25586
Md5:    72f28a87a22b6d8e8c9632cc0f877572
Sha1:   409c2228be40f5f77b657f114209dab2c8d5f602
Sha256: 1a56eeeb171647b9104713e58552e0e1e7dc23f7ccd626e5b9747b00a67a503a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rV80hKsopWPf_A8hKw0kwTOjVN4Bq-5f8oXDP2wluyGwof5yXFe2Bw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:42:47 GMT
age: 67781
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13213
Md5:    62e68c3cd08dd94d910507512a67e85f
Sha1:   3d4fa8701f17e8818c25584ef5f04bfbee8440cd
Sha256: 058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
                                        
                                            GET /g/13785600/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzE3NTY4NS8wNDIxYmJlYzc2NDk4Zjk0OGJlNzVmMjhkMGFkM2Y5OC5qcGc.webp?v=1664382748-Lv1_brEIAJcd5mC4ZC-mW4c2x2joUvuNGcX1XS-0M1U HTTP/1.1 
Host: s-img.adskeeper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.5.42
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 28 Sep 2022 16:32:28 GMT
content-length: 17450
x-mg-request-uuid: 6275f015-00a8-43b4-9cf7-1fc45d21503a
access-control-allow-origin: *
last-modified: Fri, 12 Aug 2022 17:55:49 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 869488
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751de0117c15b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   17450
Md5:    a2d0166594a243128e280592e2f649f7
Sha1:   2039a6dd017bc4fc04bca20b623510d44b2a8028
Sha256: 56d38c169f1683dd98f2dfc224703e54bd43114cda13c0fd7a4e7658e7bd995d
                                        
                                            GET /ads.php?domainid=2175&sizeid=3&zoneid=5787 HTTP/1.1 
Host: platform.bidgear.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.2.107
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 16:32:26 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17dlEvNY137dKE4y4iMwp5xe5HE8RCbLOCeUQS7vRDFDoNZHMlFTQp%2B6Nes8VcLnVOGm4Ze8LAOjYkJ9EyBH75IwrOi9eHcOwOVibxgnkul6QahGqhStjaze04XThCEBhN2vbDet"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751de006debdb4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (818), with no line terminators
Size:   952
Md5:    bfa0a1b00b8f1d23e477738652505b19
Sha1:   3cdcbe4c1db83bcdd4eb3835497419be64dd41f3
Sha256: f72f7122dcecdb7da1017a0fae7fafceed226a2f3d5635c1c2aaa3935af6d099
                                        
                                            GET /g/12578182/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF81NTIseV80MDEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0L2YyNmQxY2I4YjhlNDk0MjExZDhmZmFkMmU1ZTM0ZDNkLmpwZWc.webp?v=1664382748-LVwJ7yeRdv8YYDyIE7q9nI8rBpjywwVYoyds9LDjsgE HTTP/1.1 
Host: s-img.adskeeper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.5.42
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 28 Sep 2022 16:32:28 GMT
content-length: 22044
x-mg-request-uuid: 448ed043-0c04-4110-a49f-8f2dd08f14d2
access-control-allow-origin: *
last-modified: Tue, 29 Mar 2022 06:54:30 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 867517
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751de0117c13b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   22044
Md5:    d4efba6a970e494980315568d48ba1d3
Sha1:   2f15c89e513af8434117bfa5f1ccce7a6576bc35
Sha256: 70404e1ef36bed8361ccfbbe69fa00a7b25e9a53c0e88b41c31ac2d7c1cca7fa
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2842
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 16:32:28 GMT
Last-Modified: Wed, 28 Sep 2022 15:45:06 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2867
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 16:32:28 GMT
Last-Modified: Wed, 28 Sep 2022 15:44:41 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: y3DefdcXJyoDHpJXwz460gfWcv2JUboOFExNQmTFgy30B4mn54Xvuw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:30 GMT
age: 67678
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12016
Md5:    4b794c6812cb546de0295e087ebe66a7
Sha1:   a54803cca7d3c509c195f65961e1110c8ec56f55
Sha256: 6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
                                        
                                            GET /g/3860766/492x328/0x13x750x500/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzcyZjhjOWRkYTZlN2ExZWU2MGFjYTU3N2YwNjBmMDFjLmpwZWc.webp?v=1664382748-EdiZvTmx5F0VqSp-jw-EOGynQB7dTgn_ftXdWYRDnic HTTP/1.1 
Host: s-img.adskeeper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.5.42
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 28 Sep 2022 16:32:28 GMT
content-length: 13676
x-mg-request-uuid: 4efe8512-cf23-4965-8465-ec2cdb4f1432
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 18:24:46 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 1396
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751de0117c11b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   13676
Md5:    840b85af38f94dbed63fac4d4298c6a1
Sha1:   0273b198023783804b395cc5ce4227d019738bec
Sha256: 5e13dc963b711f028a50e278586be43241bf6f43280fb1d1f0c097f3d373a4a1
                                        
                                            GET /g/3805661/492x328/0x0x695x463/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9kZDA0YWYzZjNlNDc1YTk5OTM3MjRlYjhkOTYyZWRiYi5qcGVn.webp?v=1664382748-cDMeoNtlIW8ARmThj4D3xQa2Q-zQdsDAfs-Uk_MjjiE HTTP/1.1 
Host: s-img.adskeeper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.5.42
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 28 Sep 2022 16:32:28 GMT
content-length: 45620
x-mg-request-uuid: 7181beeb-989a-45fb-8e81-a9acee9aa49d
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 18:53:35 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 867367
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751de0117c17b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   45620
Md5:    6917f4a4a29412d8ab3bcfe7f56130ea
Sha1:   d053b7f910290e8ef5ec622bf07a1a9cf3ac990f
Sha256: f7cf78d485bd63bf041aa7f40c4417f0aa36ed41f3b3375804b4b5dde6ae1092
                                        
                                            GET /AdServer/js/pwt/161673/7165/pwt.js HTTP/1.1 
Host: ads.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.201
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 23 Sep 2022 12:15:31 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 73257
cache-control: max-age=36393
expires: Thu, 29 Sep 2022 02:39:01 GMT
date: Wed, 28 Sep 2022 16:32:28 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   73257
Md5:    06cd2eddf805cce44a8cb5178e00d7de
Sha1:   4450e085f121f57255512d5f7c8d4bcffbf77bc5
Sha256: 8c41037c0b242f0fe65640486379d7f6cd91c55f8edd998ea285d8f994ec48f7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Di1kDUlYEc1rv31fHM-OquU_W_LggEzDCTVME5iFJ5KffZcQyN6i2A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:31:39 GMT
age: 32449
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7455
Md5:    ea3890e460356d6ecc3ba4e405ac2e9e
Sha1:   b383135e2ebc23fe80eb0d594b198cb8c89327a5
Sha256: 8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
                                        
                                            OPTIONS /9?z=5305455&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.dramacool9.co%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=6114ea5387af46238db9380443348743 HTTP/1.1 
Host: cdn.uponelectabuzzor.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Wed, 28 Sep 2022 16:32:28 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /9?z=5305455&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.dramacool9.co%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=6114ea5387af46238db9380443348743 HTTP/1.1 
Host: cdn.uponelectabuzzor.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 237
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: scm=1; OAID=0e891b7d69ed44be9861ce0b3cee0a0b; oaidts=1664382747
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 28 Sep 2022 16:32:28 GMT
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 08ba77e67fcf25be19b70d40e844bf2f
access-control-expose-headers: X-Sc
set-cookie: OAID=6114ea5387af46238db9380443348743; expires=Thu, 28 Sep 2023 16:32:28 GMT; secure; SameSite=None oaidts=1664382747; expires=Thu, 28 Sep 2023 16:32:28 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    a97eb6fbe6f13b601d5d48c0eba8baae
Sha1:   736efb938caf3d0edec406932ada889f1a4f2268
Sha256: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
                                        
                                            OPTIONS /fp?tag_id=20140 HTTP/1.1 
Host: fp.metricswpsh.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         157.90.84.244
HTTP/1.1 204 No Content
                                        
Server: nginx/1.20.1
Date: Wed, 28 Sep 2022 16:32:28 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.dramacool9.co
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

                                        
                                            OPTIONS /500/5287605?excludes=&oaid=6114ea5387af46238db9380443348743&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: goomaphy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 28 Sep 2022 16:32:28 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /tags?tag_id=20140&timezone_olson=UTC&version_name=b HTTP/1.1 
Host: notification.tubecup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.236.216
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.18.0
date: Wed, 28 Sep 2022 16:32:28 GMT
content-length: 6699
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (6699), with no line terminators
Size:   6699
Md5:    bf4a0994869c7ddf1e55bafa5ef16a79
Sha1:   471c1d3889b7a8a4831756b788ba6c40eabc6291
Sha256: 67135a98e0832917a1a72ce6ba9d5088fbce859690bfb9ea8a96464c9b1fad10
                                        
                                            POST /fp?tag_id=20140 HTTP/1.1 
Host: fp.metricswpsh.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22267
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         157.90.84.244
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                        
Server: nginx/1.20.1
Date: Wed, 28 Sep 2022 16:32:28 GMT
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
Set-Cookie: id=6530934031899181792; Expires=Thu, 28 Sep 2023 16:32:28 GMT; Secure; SameSite=None
Vary: Origin


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   28
Md5:    d8ded99ae3089c609f0f3dfd190a3299
Sha1:   aa378c43d5b8dc4887db4f93f86a319f75731b6f
Sha256: f5526ab1e5df71c978b3db3ada96990b256be308611834bea29d342b88338000
                                        
                                            GET /500/5287605?excludes=&oaid=6114ea5387af46238db9380443348743&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: goomaphy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: OAID=c0a6ece1bb1b419d8c16b7f9362d6ebe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 28 Sep 2022 16:32:28 GMT
x-trace-id: a57d62bd4c73ac17208b080355595b69
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www.dramacool9.co
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=6114ea5387af46238db9380443348743; expires=Thu, 28 Sep 2023 16:32:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   97822
Md5:    ec7d8057cd7e5fbfb4921710b1751d48
Sha1:   bb38fdc1d82ffb68ed8c277ceb61e7abaa0b2bf9
Sha256: 732ba7ed1b421b960dc432b843eff1576c60a38908d84721b141a3651b7ef248

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "97B1C014241FDC0F9F5A6356F9E0DFFEFD94ED62B8D63F22DDAB2F8FD2ED03F7"
Last-Modified: Tue, 27 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2179
Expires: Wed, 28 Sep 2022 17:08:47 GMT
Date: Wed, 28 Sep 2022 16:32:28 GMT
Connection: keep-alive

                                        
                                            GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjU3MTQyODU0OTA1NDk2NDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEwLjAiLCJ0YWdfaWQiOjIwMTQwLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuNzQsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IkRyYW1hY29vbCUyQ0FzaWFuJTJDRHJhbWElMkNNb3ZpZXMlMkNhbmQlMkNLU2hvdyUyQ0VuZ2xpc2glMkNTdWIlMkNpbiUyQ0hEJTJDKDIwMjIpJTJDV2F0Y2glMkNhbmQlMkNkb3dubG9hZCUyQ0tvcmVhbiUyQ2RyYW1hJTJDbW92aWVzJTJDS3Nob3clMkNhbmQlMkNvdGhlciUyQ0FzaWFuJTJDZHJhbWFzJTJDd2l0aCUyQ2VuZ2xpc2glMkNzdWJ0aXRsZXMlMkNvbmxpbmUlMkNmcmVlJTJDRHJhbWFjb29sJTJDZm9yJTJDZXZlcnlvbmUhJTIwIn0= HTTP/1.1 
Host: 192d42a802.20e2b2c425.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.25
HTTP/2 200 OK
                                        
date: Wed, 28 Sep 2022 16:32:28 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7F1A6E7C8629FC7B8A10BA968B56D3863FE2BF162EE14FF5054080D417C3FECF"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13593
Expires: Wed, 28 Sep 2022 20:19:02 GMT
Date: Wed, 28 Sep 2022 16:32:29 GMT
Connection: keep-alive

                                        
                                            GET /pagead/gen_204?id=pp_iris_failure&pvsid=1287167071226422&fnc=21673142571&vrg=2022092201&nw_id=21673142571&nslots=1&eid=31068929&pub_url=https%3A%2F%2Fwww.dramacool9.co%2F HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.98
HTTP/2 204 No Content
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 16:32:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-131447009-1&cid=561511950.1664382745&jid=2123442435&gjid=1728078329&_gid=2056514456.1664382745&_u=YEBAAUAAAAAAAC~&z=1637355707 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         64.233.165.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.dramacool9.co
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 16:32:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5F3F3A4D7E385F7D5D9B833BC48807AD7DB8A9D70DA689B460503BA173E577F2"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3818
Expires: Wed, 28 Sep 2022 17:36:07 GMT
Date: Wed, 28 Sep 2022 16:32:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5F3F3A4D7E385F7D5D9B833BC48807AD7DB8A9D70DA689B460503BA173E577F2"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3818
Expires: Wed, 28 Sep 2022 17:36:07 GMT
Date: Wed, 28 Sep 2022 16:32:29 GMT
Connection: keep-alive

                                        
                                            GET /lb/v1 HTTP/1.1 
Host: lb.eu-1-id5-sync.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         141.95.98.66
HTTP/1.1 200
content-type: application/json;charset=UTF-8
                                        
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.dramacool9.co
transfer-encoding: chunked
date: Wed, 28 Sep 2022 16:32:28 GMT


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   33
Md5:    45095a7e707767f991f10d5df6e6cad3
Sha1:   307df59bc332a8993a8dd81d1b85a1f7aec2b3d6
Sha256: ff80d4574460d80d6ccc744f527ab85bcccd35e63b7e7885c0502792663b99f1
                                        
                                            GET /lb/v1 HTTP/1.1 
Host: lb.eu-1-id5-sync.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         141.95.98.66
HTTP/1.1 200
content-type: application/json;charset=UTF-8
                                        
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.dramacool9.co
transfer-encoding: chunked
date: Wed, 28 Sep 2022 16:32:28 GMT


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   33
Md5:    326b9b76635da443f15f51054c4d9138
Sha1:   222b8a5675f934b5c90ac4bba5db15dd4d97438c
Sha256: aa37511900b445fc6133840ea28eaa36f75a1ef57d4e58ef545546ffa4bad90f
                                        
                                            GET /lb/v1 HTTP/1.1 
Host: lb.eu-1-id5-sync.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         141.95.98.66
HTTP/1.1 200
content-type: application/json;charset=UTF-8
                                        
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.dramacool9.co
transfer-encoding: chunked
date: Wed, 28 Sep 2022 16:32:28 GMT


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   33
Md5:    c87a8523732d04d3b8c11f28539c8fb8
Sha1:   1fcbf56db9455e29571b674db4fb7de8f10601d5
Sha256: 011ad656a6c4613d026a42dcb1e709fc57228295cebcdebdaad55235d6246f9c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "195135066025E34EB86EBFDB626743667181419395BACBF4D44F124CC775A7C3"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3453
Expires: Wed, 28 Sep 2022 17:30:02 GMT
Date: Wed, 28 Sep 2022 16:32:29 GMT
Connection: keep-alive

                                        
                                            POST /g/v2/231.json HTTP/1.1 
Host: id5-sync.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 309
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.19.138.82
HTTP/1.1 200
content-type: application/json;charset=UTF-8
                                        
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
transfer-encoding: chunked
date: Wed, 28 Sep 2022 16:32:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   216
Md5:    5dd0d7b51f3cc520c819347a4ee2a9a6
Sha1:   f3080c20cb2032a873bd8cc77dfc94d30ef72a31
Sha256: f2f0ce7dc5db3b583239b31386e93f396f344abd3026ee1a9c939915404311b5
                                        
                                            GET /impression/iHt_u0z13w0Xh4svDSuTdMnvZLhj1hN-N7aZzWUfaLZYHYmAdgJeqZvxU62woUKBgY6FiEjH9ORjm9HfKB4hJIX-GEXyeECWAqE2TE-BdYD_bwCJC4uy8FJAvuQBph2rs4MqavhgFMfR-sMXZejdNrTgMNzHZfqySWYiFGrEpfH8emAT_Pftcki3UmlDKmmvz5IancyE5yKHAkzLy8Tf-23T6x021iqfWqU2suWNakSrDCqFor9U5cznnrwuFNFDMoTkmmlw8wid7VSLc-fuUyyVtVITTAN0bUy_r_X_4y88j-YUorCnnMR0ICxgDSTmWiNfk35QRtJMMJxxBXDbZxO5dyOCWfjRAfOvn51vTuOwkpROaGDeh44vqdtzo6CH3A1ayeGzj2X2ALhHv7oqdwQyOJ7RYraPwT8fbuAuhM53-vU6ImVu6pDHTZHgnshaDwuK3yvh8b4XRMZA8bpXWBSLTGxrKEXWgBVQeeYNhHYbqWHYuo_XzoWO2wn6sxqgpPRjmazC5UOfjdieW0JWgUPOvJWfaAdfdeNDUk7AVIHCYd-zHJ5F5Fx6MVDx4sGKFN2OoKTjOnIAGIF5Hql7v9F8iICsv3aQgp0Tqg==?_z=5287605&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: goomaphy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: OAID=6114ea5387af46238db9380443348743
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Wed, 28 Sep 2022 16:32:29 GMT
content-length: 43
x-trace-id: 7a3bf4044357d41ebeacf68e33a6e7be
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 16:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 16:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 16:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 16:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 16:32:29 GMT
date: Wed, 28 Sep 2022 16:32:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16620
Md5:    49dcb3f23a58f998f11d8c2ca1b90a68
Sha1:   0aee92fad52d2f03484a134901a90260af43e913
Sha256: 92223ea8fd1122967d4b3adaec6c401be4ab899e973ed13fb3fb90520cdefcfa
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 593901
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 16:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D01727520812C38EC361173E7B2790DBC572BDF378CDC12BC11CAEE749DC6541"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9862
Expires: Wed, 28 Sep 2022 19:16:54 GMT
Date: Wed, 28 Sep 2022 16:32:32 GMT
Connection: keep-alive

                                        
                                            GET /health/ HTTP/1.1 
Host: eced49d8e5.20e2b2c425.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.55.139.130
HTTP/2 200 OK
                                        
server: nginx/1.16.0
date: Wed, 28 Sep 2022 16:32:32 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

                                        
                                            POST /g/v2/231.json HTTP/1.1 
Host: id5-sync.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 309
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.19.138.82
HTTP/1.1 200
content-type: application/json;charset=UTF-8
                                        
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
transfer-encoding: chunked
date: Wed, 28 Sep 2022 16:32:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   216
Md5:    4f5f56e0a6788452262b6cf5a906f040
Sha1:   4c13acf010aabbbebf5cb056922bb1f219d61d3b
Sha256: c787bcae37d6575a80c498b4b493ea71ae7f01867c5deb0a1bb96c9b8a1fb558
                                        
                                            POST /g/v2/231.json HTTP/1.1 
Host: id5-sync.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 309
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.19.138.82
HTTP/1.1 200
content-type: application/json;charset=UTF-8
                                        
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
transfer-encoding: chunked
date: Wed, 28 Sep 2022 16:32:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   216
Md5:    b74844e65c2b611869e876e75b63d440
Sha1:   6e8e1acc2486f71cda02be69b0ecc10df7a607cd
Sha256: 74fea023b9bb73406df3ffcb1b8981e17deeed4044c00136996583d5975bd108
                                        
                                            GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkRyYW1hY29vbCUyQ0FzaWFuJTJDRHJhbWElMkNNb3ZpZXMlMkNhbmQlMkNLU2hvdyUyQ0VuZ2xpc2glMkNTdWIlMkNpbiUyQ0hEJTJDKDIwMjIpJTJDV2F0Y2glMkNhbmQlMkNkb3dubG9hZCUyQ0tvcmVhbiUyQ2RyYW1hJTJDbW92aWVzJTJDS3Nob3clMkNhbmQlMkNvdGhlciUyQ0FzaWFuJTJDZHJhbWFzJTJDd2l0aCUyQ2VuZ2xpc2glMkNzdWJ0aXRsZXMlMkNvbmxpbmUlMkNmcmVlJTJDRHJhbWFjb29sJTJDZm9yJTJDZXZlcnlvbmUhJTIwIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTUyNDQ4NDQ5IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MzMxOTIsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6MH0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMzMxOTIiLCJjYXQiOlsiSUFCMSJdLCJwYWdlIjoiaHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjY0MzgyNzQ5ODQ1fX0= HTTP/1.1 
Host: eced49d8e5.20e2b2c425.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         162.55.139.130
HTTP/2 302 Found
                                        
server: nginx/1.16.0
date: Wed, 28 Sep 2022 16:32:32 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://rtbrennab.com/banner/in/show/?mid=323433926&pid=0&site=33192&sc=NO&usage_type=DCH&subid=152448449&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=www.dramacool9.co&hostname=auc-banner-hz-9&site_id=0&spot_id=33192&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB1&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=90&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB1&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D33192%26source%3D152448449%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D33192%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DDramacool%252CAsian%252CDrama%252CMovies%252Cand%252CKShow%252CEnglish%252CSub%252Cin%252CHD%252C%282022%29%252CWatch%252Cand%252Cdownload%252CKorean%252Cdrama%252Cmovies%252CKshow%252Cand%252Cother%252CAsian%252Cdramas%252Cwith%252Cenglish%252Csubtitles%252Conline%252Cfree%252CDramacool%252Cfor%252Ceveryone%21%2520%26spot_id%3D33192%26p%3Dhttps%253A%252F%252Fwww.dramacool9.co%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D90&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&stratagem=&ssp=3758
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E3DB2C78C49E6F71AC4652CFBE92D9145732EFCFC5DAB5D1C48851D0E2BE766"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9341
Expires: Wed, 28 Sep 2022 19:08:13 GMT
Date: Wed, 28 Sep 2022 16:32:32 GMT
Connection: keep-alive

                                        
                                            GET /banner/in/show/?mid=323433926&pid=0&site=33192&sc=NO&usage_type=DCH&subid=152448449&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=www.dramacool9.co&hostname=auc-banner-hz-9&site_id=0&spot_id=33192&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB1&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=90&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB1&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D33192%26source%3D152448449%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D33192%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DDramacool%252CAsian%252CDrama%252CMovies%252Cand%252CKShow%252CEnglish%252CSub%252Cin%252CHD%252C%282022%29%252CWatch%252Cand%252Cdownload%252CKorean%252Cdrama%252Cmovies%252CKshow%252Cand%252Cother%252CAsian%252Cdramas%252Cwith%252Cenglish%252Csubtitles%252Conline%252Cfree%252CDramacool%252Cfor%252Ceveryone%21%2520%26spot_id%3D33192%26p%3Dhttps%253A%252F%252Fwww.dramacool9.co%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D90&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&stratagem=&ssp=3758 HTTP/1.1 
Host: rtbrennab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         159.69.163.6
HTTP/2 302 Found
                                        
server: nginx/1.18.0
date: Wed, 28 Sep 2022 16:32:32 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=33192&source=152448449&idzone=0&w=1&h=1&mo=&ve=&site_id=33192&utm1=&utm2=&utm3=&utm4=&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&spot_id=33192&p=https%3A%2F%2Fwww.dramacool9.co%2F&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=90
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7EE743BE82DBADE36026C3431DCEC8FCDE599055A763F6EEDA49666DA883AF57"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7541
Expires: Wed, 28 Sep 2022 18:38:13 GMT
Date: Wed, 28 Sep 2022 16:32:32 GMT
Connection: keep-alive

                                        
                                            GET /in/912/?sid=33192&source=152448449&idzone=0&w=1&h=1&mo=&ve=&site_id=33192&utm1=&utm2=&utm3=&utm4=&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&spot_id=33192&p=https%3A%2F%2Fwww.dramacool9.co%2F&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=90 HTTP/1.1 
Host: btds.zog.link
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         109.206.163.112
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.20.1
date: Wed, 28 Sep 2022 16:32:32 GMT
content-length: 0
location: https://cdn.1vag.com/1x1.png
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 912.0=1; expires=Thu, 29 Sep 2022 16:32:32 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EE8FD7481E41DFF1E09B7D299BEE60B3FCEE2D5A3447476B0B25D8539BD81E08"
Last-Modified: Tue, 27 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2679
Expires: Wed, 28 Sep 2022 17:17:11 GMT
Date: Wed, 28 Sep 2022 16:32:32 GMT
Connection: keep-alive

                                        
                                            GET /1x1.png HTTP/1.1 
Host: cdn.1vag.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.25
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 28 Sep 2022 16:32:32 GMT
content-length: 68
server: nginx/1.20.1
last-modified: Wed, 15 Apr 2020 13:30:15 GMT
etag: "5e970c67-44"
cache-control: max-age=3600
x-request-id: 28eea0836f6cd5562d41ccabe8fa4a5b
expires: Wed, 28 Sep 2022 17:32:32 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size:   68
Md5:    91e42db1c66c0b276abf6234dc50b2eb
Sha1:   c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
Sha256: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
                                        
                                            GET /static/adManager.m.js HTTP/1.1 
Host: js.wpadmngr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.24
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 16:32:26 GMT
server: nginx/1.18.0
last-modified: Wed, 28 Sep 2022 15:58:25 GMT
etag: W/"63346f21-15ab5"
content-encoding: gzip
expires: Wed, 28 Sep 2022 16:37:26 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /banner-admanager/build.m.js HTTP/1.1 
Host: js.cabnnr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.25
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 16:32:29 GMT
server: nginx/1.18.0
last-modified: Tue, 13 Sep 2022 14:00:41 GMT
etag: W/"63208d09-b395"
content-encoding: gzip
expires: Wed, 28 Sep 2022 16:37:29 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /counter/counter.js HTTP/1.1 
Host: www.statcounter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.20.229.67
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 16:32:27 GMT
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 09:41:24 GMT
etag: W/"632d7f44-aa70"
expires: Wed, 28 Sep 2022 22:45:30 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 20817
server: cloudflare
cf-ray: 751de00e7cc7b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?rb=si-8CRDppT46QHfn9Kj5pOGaHVmH7QNiulG97AOE2F1FuM7aA1xbFxOfuunFA4lobHRkc1WLmBmbmnyMnN-gKmUr3P8UW1pDPz-6jI1hyUyk0x49R8iTJct1rFPOp28w_3Rk5fFopFnTL2z3ikq1ISiyaQ03N811B9bvVDtjHsmnGcheq7FUCR3D4abreH_3TrNApbwpNZrX4XkTsn6UlYs6uMmywYwY&request_ab2=0&zoneid=5290228&js_build=iclick-v1.431.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.431.0&bs=7ba0643c-a660-4fe7-a20f-807d3ec459a7&userId=6114ea5387af46238db9380443348743&m=link HTTP/1.1 
Host: cdn.itskiddoan.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Cookie: OAID=6114ea5387af46238db9380443348743; oaidts=1664382747
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 28 Sep 2022 16:32:28 GMT
x-trace-id: 55cd64f00d88760816dd9c1e95c69cf3
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=6114ea5387af46238db9380443348743; expires=Thu, 28 Sep 2023 16:32:28 GMT; path=/; secure; SameSite=None oaidts=1664382748; expires=Thu, 28 Sep 2023 16:32:28 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Wed, 05 Oct 2022 16:32:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.194.45
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 16:32:27 GMT
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2528
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S79gGnMY7uUX5t%2FQOTvxXERZqYlKKEQ3xC11FGyN8XLrdkw7GJAZy9dQIpDShV0vg3KYAtXZQgBEmXVSGbH9ak6pOXDcw7AGzGXD9u4hpw%2F8h%2BXwcuPwqVo8AqUPfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751de00c7c6b1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /401/5287605 HTTP/1.1 
Host: goomaphy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 28 Sep 2022 16:32:27 GMT
x-trace-id: 1d8b1fb4ec74336c9ab29510559c1fce
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c0a6ece1bb1b419d8c16b7f9362d6ebe; expires=Thu, 28 Sep 2023 16:32:27 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed