Report - www.dramacool9.pw/operation-red-sea/

Report Overview

Submitted URL
www.dramacool9.pw/operation-red-sea/
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-09 05:13:48
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
onvictinitor.com	unknown	2019-11-21	2019-12-09	2023-06-08	380 B	32 kB	139.45.197.238
platform.bidgear.com	30367	2011-08-30	2016-07-27	2023-06-08	1.8 kB	5.1 kB	172.67.74.36
ww1.dramacool9.ac	unknown	2023-04-05	2023-05-20	2023-05-26	492 B	36 kB	188.114.97.1
corpulentoverdoselucius.com	unknown	2022-07-14	2022-07-14	2023-06-08	450 B	514 B	192.243.61.225
cdn.pubfuture-ad.com	unknown	2022-09-30	2022-11-16	2023-06-08	977 B	9.5 kB	104.26.0.97
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2023-06-08	461 B	4.4 kB	104.17.25.14
imp9.bidgear.com	34078	2011-08-30	2021-03-15	2023-06-08	1.5 kB	3.4 kB	172.67.74.36
ip2geo.pubfuture-ad.com	unknown	2022-09-30	2023-03-27	2023-06-08	439 B	1.2 kB	172.67.70.21
vooodkabelochkaa.com	unknown	2022-08-17	2022-09-02	2023-06-08	832 B	13 kB	188.114.96.1
ardslediana.com	unknown	2022-08-02	2022-08-02	2023-06-09	1.7 kB	143 kB	139.45.197.236
ad.a-ads.com	26970	2012-07-07	2013-04-19	2023-06-08	526 B	13 kB	78.46.33.196
static.a-ads.com	34827	2012-07-07	2013-06-01	2023-06-08	472 B	622 kB	78.46.33.196
my.rtmark.net	9054	2014-10-29	2015-02-04	2023-06-08	469 B	746 B	139.45.195.8
www.dramacool9.ac	unknown	2023-04-05	2023-04-06	2023-05-17	408 B	673 B	188.114.97.1
ww2.dramacool9.ac	unknown	2023-04-05	2023-06-01	2023-06-08	8.4 kB	321 kB	188.114.97.1
www.dramacool9.pw	unknown	2022-03-04	2023-03-31	2023-05-17	492 B	1.9 kB	188.114.96.1
rq.boyishabow.com	unknown	2023-05-01	2023-05-01	2023-05-24	407 B	1.2 kB	172.255.6.251
maibaume.com	unknown	2022-04-07	2022-07-05	2023-06-09	454 B	11 kB	139.45.197.151

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-09 05:13:29	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-06-09 05:13:29	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	ww2.dramacool9.ac/operation-red-sea/	87 B	2023-03-07	2024-04-26
Pretty URL ww2.dramacool9.ac/operation-red-sea/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06:26 Last Seen2024-04-26 15:14:15 Times Seen6014 Hash bd5f648f4fa75f28b17faffe66049687 c9c2791b295684a919a2bfd7b7e2ef5aab3c178a 1a4ba4a340b3f30596d32c1b272ddcfdbf3ccb8e89c2fa917ea60469017aeee4 Loading...

	onvictinitor.com/apu.php?zoneid=5774196	80 kB	2023-06-09	2023-06-09
Pretty URL onvictinitor.com/apu.php?zoneid=5774196 IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 07:13:50 Last Seen2023-06-09 07:13:50 Times Seen1 Hash 5e8f85c0809bdad3005174436ff0314e 0fdfb9cac87075287539d4b7923854f5bdd94898 6633a0fb0470932e086e8178805a237447a58a7aff67bfd1de9adfc27d450ace Loading...

	ww2.dramacool9.ac/js/jquery-3.1.1.min.js?ver=3.1.1	87 kB	2023-03-07	2024-04-26
Pretty URL ww2.dramacool9.ac/js/jquery-3.1.1.min.js?ver=3.1.1 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-26 14:22:14 Times Seen263941 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=3133	749 B	2023-04-13	2024-01-28
Pretty URL platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=3133 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-13 11:09:26 Last Seen2024-01-28 08:33:59 Times Seen21 Hash ea5abc8c4308d08d00bfa447692e3abd c01d4a151581f2d90256e5cb820d82b5c64f235a 7d548853bce83ec5b6da853c9ad33ae0e7ca860eee953fe06363e9bfec1a32dd Loading...

	rq.boyishabow.com/1clkn/16782	6 B	2023-03-07	2024-04-26
Pretty URL rq.boyishabow.com/1clkn/16782 IP 172.255.6.251 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:04 Last Seen2024-04-26 11:01:41 Times Seen13631 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	ww2.dramacool9.ac/operation-red-sea/	77 B	2023-05-18	2023-07-07
Pretty URL ww2.dramacool9.ac/operation-red-sea/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-18 10:12:10 Last Seen2023-07-07 18:48:53 Times Seen5 Hash 9eccab3f44e22285a5a5753fd876edba 6b77d881d616fe1a191d950174c96472fa702eca c7052f936991cd8235f6c4cb2cab2b18d3cf3d1bba0d1593d6847548122c29f5 Loading...

	ww2.dramacool9.ac/operation-red-sea/	125 B	2023-05-18	2024-02-27
Pretty URL ww2.dramacool9.ac/operation-red-sea/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-18 10:12:10 Last Seen2024-02-27 14:51:39 Times Seen18 Hash c732d1eebd62769de9c9d833946e770a ec7954776885fc2195f79c8707c048ee0768297f af8cf4eec3c44e60c3daf8dfa68ea2ce562795f6ece0fc5e39fe7575949b0a0a Loading...

	ww2.dramacool9.ac/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1681098662	11 kB	2023-03-08	2024-04-25
Pretty URL ww2.dramacool9.ac/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1681098662 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:27:25 Last Seen2024-04-25 19:45:26 Times Seen5617 Hash 94bc4228bb5941670e191e40a6bc44bd ad06418894462185e7eecc1421310f552e1e5e36 5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527 Loading...

	platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=6833	824 B	2023-06-09	2023-06-09
Pretty URL platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=6833 IP 172.67.74.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 07:13:50 Last Seen2023-06-09 07:13:50 Times Seen1 Hash 377e28044584357ee10ca2f7c1241a9c 1c6e69ec053cbc588819b308ed9e343d327e4c34 1ccdcbf93f4bb13a02b423c764d8fe2292fcbe7d142455cf235c48c394a885bc Loading...

	ww2.dramacool9.ac/operation-red-sea/	111 B	2023-03-08	2024-04-04
Pretty URL ww2.dramacool9.ac/operation-red-sea/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 00:32:11 Last Seen2024-04-04 17:05:57 Times Seen32 Hash b246841af667862d6c4182ba76536b2d e487c5954e2625250ab8800436f5a689323c6407 22bffc1915e3f3a8af11d1a04dbb0e34bbd82a9d8284cb32142d42d04cc1dace Loading...

	ardslediana.com/5/5772822	69 kB	2023-06-09	2023-06-09
Pretty URL ardslediana.com/5/5772822 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 07:13:50 Last Seen2023-06-09 07:13:50 Times Seen2 Hash 6b295f4d5a9d6e7633edf007fbd7307a f797d31d9567f5637cdb0f6ea551a971daba2435 ab6f29479d2cb76d4f1ca7cdf9a67799f8f3e52c4ea11e1179fc229c2caff7bb Loading...

	cdn.pubfuture-ad.com/v2/unit/pt.js	6.6 kB	2023-05-08	2023-07-18
Pretty URL cdn.pubfuture-ad.com/v2/unit/pt.js IP 104.26.0.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-08 18:57:55 Last Seen2023-07-18 10:00:36 Times Seen253 Hash 682292a8592cf915768cad01e4b3222d 7cac4c7f0693fe9296ced91b9ea1c60b2475600b 74075ecdd502ca9121a9d6a11e8824771cea3c7e158726e01a2964c750766e1d Loading...

	platform.bidgear.com/ads.php?zoneid=3133&domainid=2175&sizeid=2&wu=https%3A%2F%2Fww2.dramacool9.ac%2Foperation-red-sea%2F	708 B	2023-06-09	2023-06-09
Pretty URL platform.bidgear.com/ads.php?zoneid=3133&domainid=2175&sizeid=2&wu=https%3A%2F%2Fww2.dramacool9.ac%2Foperation-red-sea%2F IP 172.67.74.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 07:13:50 Last Seen2023-06-09 07:13:50 Times Seen2 Hash 587cd57930b9ae058dce2d9740a5adc4 144f935a70537edbbc35d7766d47a6667c2cd5db 735d1acbf81c80d423f034201177fe79a263cb7ef03b2922f1384467d89e732f Loading...

	platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=6833	824 B	2023-06-09	2023-06-09
Pretty URL platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=6833 IP 172.67.74.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 07:13:50 Last Seen2023-06-09 07:13:50 Times Seen1 Hash fd98c7e237888e9f6bf9ce8ed1bd36a8 179d6dde79856b2cf8e513ed14975b32b0a4c192 a5dbc3cef559c6724627400d9170a4245420948247e5c3127540cb30d76484e3 Loading...

	ww2.dramacool9.ac/wp-includes/js/comment-reply.min.js?ver=6.1.2	3.0 kB	2023-03-07	2024-04-26
Pretty URL ww2.dramacool9.ac/wp-includes/js/comment-reply.min.js?ver=6.1.2 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 13:21:22 Times Seen29336 Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2 db36a77f6aaa2063bfbec02c2c0e967438c5a245 e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Loading...

	vooodkabelochkaa.com/btag_poc.min.js	5.4 kB	2023-03-10	2024-04-24
Pretty URL vooodkabelochkaa.com/btag_poc.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 01:32:46 Last Seen2024-04-24 06:49:11 Times Seen243 Hash 4c10c15760be2c91a304486738ef7ad7 4e86dd6b350283c719bf2a7a98925ce0c88e5af7 753a421588d7e7e7beec7b6354712a7f9ed6e03a54c1c88d777979f9d736a268 Loading...

	ardslediana.com/5/5772822	69 kB	2023-06-09	2023-06-09
Pretty URL ardslediana.com/5/5772822 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 07:13:50 Last Seen2023-06-09 07:13:50 Times Seen2 Hash 5690be3d745d007f9806f65ad12805dd 55a7fc1083fc0b53e6ccf8d4349d939b8ce040e0 cc728f974d08eaf0824d8f1b18cbe0ef536e9cc5625ff77ec94b6ff06e8653ab Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js?ver=1	3.4 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js?ver=1 IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:01 Last Seen2024-04-25 19:23:04 Times Seen1642 Hash 5c01d7aff077b4ed0804b71c2e3ab4a1 56b4c94cff0d5fdfca579eac85da28a767607644 80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e Loading...

	ww2.dramacool9.ac/wp-content/themes/dramacool9/js/main.js?ver=20171003	9.5 kB	2023-05-09	2023-11-10
Pretty URL ww2.dramacool9.ac/wp-content/themes/dramacool9/js/main.js?ver=20171003 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 03:01:42 Last Seen2023-11-10 04:07:19 Times Seen16 Hash 50f1ead28141e3000bee2c22cc9b4d3f 0f2a3e5447fd52529191b2615e7480def1a4d007 4b0f26f43e0dc5613b2e602a67bcd802d8e5cbaf0ab0c2b0d1488fbfdde8315b Loading...

		Size	First Seen	Last Seen
	#1 Write - b791bbb402ce341c2391a24171781c8f	791 B	2023-06-09	2023-06-09
Pretty Observations First Seen2023-06-09 07:13:50 Last Seen2023-06-09 07:13:50 Times Seen1 Hash b791bbb402ce341c2391a24171781c8f 0e5cc57cf546665358ce287ecb7e50417a867f04 c4470a6bab179f7c11b79b7ccee5a04a90da3dc0deb1b422449d5e231540c93c Loading...

	#2 Write - ef3bf3b48a86d5a77abd4de17a1f2ed2	170 B	2023-06-09	2023-06-09
Pretty Observations First Seen2023-06-09 07:13:50 Last Seen2023-06-09 07:13:50 Times Seen1 Hash ef3bf3b48a86d5a77abd4de17a1f2ed2 c9b642eb3c9f2da62ce0c89e799aa89e0e8e20d9 70ec215bdcc793ad4d473ee383fb0ec3541c3c530608780238bd038b0d21cde9 Loading...

	#3 Write - ee74712d7aade7d332f3f6a6a1a5aec0	678 B	2023-06-09	2023-06-09
Pretty Observations First Seen2023-06-09 07:13:50 Last Seen2023-06-09 07:13:50 Times Seen1 Hash ee74712d7aade7d332f3f6a6a1a5aec0 8757bea2ac28543af891f6fde9a7490bfe86c1aa 642defd5525dc3e5b0277b8539fb2813a5e7a82987c1e5a1ee30aa5de8324945 Loading...

	#4 Write - 695e97e761a8961620b24c5e0b1b067f	791 B	2023-06-09	2023-06-09
Pretty Observations First Seen2023-06-09 07:13:50 Last Seen2023-06-09 07:13:50 Times Seen1 Hash 695e97e761a8961620b24c5e0b1b067f eac559610e0220a07d4992557643333db8226777 73a42ef82dead00eb6f1eff6d0506984b464e91096cc8e5f670f15eca969be52 Loading...

HTTP Transactions (43)

	URL	IP	Response	Size
	www.dramacool9.ac/operation-red-sea/	188.114.97.1	301 Moved Permanently	0 B
URL User Request GET HTTP/1.1 www.dramacool9.ac/operation-red-sea/ IP 188.114.97.1:80 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /operation-red-sea/ HTTP/1.1 Host: www.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 301 Moved Permanently Date: Fri, 09 Jun 2023 05:13:29 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Fri, 09 Jun 2023 06:13:29 GMT Location: https://ww1.dramacool9.ac/operation-red-sea/ Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wt3TBxoG1kFXZOLV1PaFxMs3mIqd89LmqgbSfX%2B1DjNRZCYBOMoN4KmKDd8u11J0RSb5Sio5U7S6255RxILCbfPap68HurP4JM7D2HvSaj9t8zxAh949vsvUahjEFBJdTpvlfg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d46e2b94a08b4f3-OSL alt-svc: h2=":443"; ma=60

	ww2.dramacool9.ac/wp-content/themes/dramacool9/images/logo.jpg	188.114.97.1	200 OK	5.0 kB
URL GET HTTP/3 ww2.dramacool9.ac/wp-content/themes/dramacool9/images/logo.jpg IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 970x73, components 3\012- data Size 5.0 kB (4967 bytes) Hash dfe71b61ff24c02a7e32961126f1f2b0 494a18fae5a5548b186f61c3413a8ddaed2a896f 40aa0428d1ca81211efca4d159a7734b5bfc7b480f2af6106bd7b99cba004901 HTTP Headers `GET /wp-content/themes/dramacool9/images/logo.jpg HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/operation-red-sea/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: image/jpeg content-length: 4967 last-modified: Tue, 24 Jan 2023 04:12:43 GMT etag: "63cf5abb-1367" expires: Fri, 07 Jul 2023 01:27:59 GMT cache-control: max-age=2592000 strict-transport-security: max-age=15768000 cf-cache-status: HIT age: 186331 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZ69yv5NGMFo%2Fnn%2Ft%2FytWR7Sn4qea%2BYyxGNlLd5hxF71hjYGQUqyVyBb17XOX9MssLPbejoDZfKiQRhMIjzCRg9J2q5hG9Y4pYFniDB2QuVM7n9NlKfyR6CKtmqnscLToYIbAA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d46e2bd6ba3b4f9-OSL alt-svc: h3=":443"; ma=86400

	www.dramacool9.pw/operation-red-sea/	188.114.96.1	301 Moved Permanently	1.3 kB
URL User Request GET HTTP/2 www.dramacool9.pw/operation-red-sea/ IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.pw Fingerprint11:7C:E6:5F:02:81:C1:BB:D9:84:A5:77:B9:DC:89:B9:81:AA:66:BA ValiditySun, 23 Apr 2023 01:54:25 GMT - Sat, 22 Jul 2023 01:54:24 GMT File type data Size 1.3 kB (1282 bytes) Hash 8192a479fbbeecd208050bb76d14686f cdde66a9ac03ade9f0e692ef55c2357878321685 6abad773b995a03424926bd51059b0ea675ca0631c27a1e48d84cef38279747e HTTP Headers `GET /operation-red-sea/ HTTP/1.1 Host: www.dramacool9.pw User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently date: Fri, 09 Jun 2023 05:13:29 GMT content-type: text/html location: http://www.dramacool9.ac/operation-red-sea/ cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKroz9qrcy7egdODdTDbfMfRmhgxS8KHgi%2B2MPu0SwqsG2%2FdQsxE0u%2Baf1xo7H0kyacKrvpN7PaizkCxmnYtomXkX%2BXe6drQZLVayoAJ5sPRiEuxlcTV8OQXk89Xb%2Fae%2FKW6ag%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2b88b0afabc-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ww2.dramacool9.ac/wp-content/themes/dramacool9/fonts/simple-line-icons.woff?v=2.3.3	188.114.97.1	200 OK	16 kB
URL GET HTTP/3 ww2.dramacool9.ac/wp-content/themes/dramacool9/fonts/simple-line-icons.woff?v=2.3.3 IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type Web Open Font Format, CFF, length 15472, version 1.0\012- data Size 16 kB (15472 bytes) Hash 902c481d0bfc7ba95a1725de43572979 aaf3337bb9cdbe586a1f11b57adee6d5b220667b e9759750d37fbbaa7144bd7435964e2dd94def6abbe2385265fb636873e4816b HTTP Headers GET /wp-content/themes/dramacool9/fonts/simple-line-icons.woff?v=2.3.3 HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/wp-content/themes/dramacool9/fonts/simple-line-icons.min.css?ver=2.3.3 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: font/woff content-length: 15472 last-modified: Tue, 24 Jan 2023 04:12:33 GMT etag: "63cf5ab1-3c70" strict-transport-security: max-age=15768000 cache-control: max-age=14400 cf-cache-status: HIT age: 3887 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HM9uTV4t%2FFh9Kg9qiUIys5UAkBmy4tivRdemErCSjaAeLzxJ2GktkA4s7pPhtrHN95rzdknwQv9yb%2BUGOn1UHa63OdvOo9uTAIcpO1Xf72LXOE1DqppbbP%2B%2F2EKXkCQbGo6TCQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d46e2be6d44b4f9-OSL alt-svc: h3=":443"; ma=86400

	ww2.dramacool9.ac/wp-content/themes/dramacool9/js/main.js?ver=20171003	188.114.97.1	200 OK	7.7 kB
URL GET HTTP/3 ww2.dramacool9.ac/wp-content/themes/dramacool9/js/main.js?ver=20171003 IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type ASCII text Size 7.7 kB (7706 bytes) Hash 50f1ead28141e3000bee2c22cc9b4d3f 0f2a3e5447fd52529191b2615e7480def1a4d007 4b0f26f43e0dc5613b2e602a67bcd802d8e5cbaf0ab0c2b0d1488fbfdde8315b HTTP Headers `GET /wp-content/themes/dramacool9/js/main.js?ver=20171003 HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/operation-red-sea/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: application/javascript last-modified: Wed, 19 Apr 2023 09:48:49 GMT vary: Accept-Encoding etag: W/"643fb901-24fb" expires: Wed, 14 Jun 2023 01:27:59 GMT cache-control: max-age=604800 strict-transport-security: max-age=15768000 cf-cache-status: HIT age: 186331 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vw%2FMdR8SBBaBafAu7jU7gV33hWxBpK2Nn8ylxmwGXL2%2Fu62%2BbyDSMbvMwqPe1QpjCNc8Cagi63MJwF6%2BUZjhZZxvQYhRTmazHbXpckS39jHUiYuj3dXKd1aVFiRpgBefRvRttw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2bd6bb2b4f9-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	rq.boyishabow.com/1clkn/16782	172.255.6.251	200 OK	26 B
URL GET HTTP/1.1 rq.boyishabow.com/1clkn/16782 IP 172.255.6.251:443 ASN #7979 SERVERS-COM Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerLet's Encrypt Subjectrq.boyishabow.com Fingerprint5C:1A:E1:7E:A3:74:CE:81:14:32:4C:79:2A:12:4F:DE:2D:2C:30:C4 ValidityMon, 01 May 2023 14:07:34 GMT - Sun, 30 Jul 2023 14:07:33 GMT File type ASCII text, with no line terminators Size 26 B (26 bytes) Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 HTTP Headers `GET /1clkn/16782 HTTP/1.1 Host: rq.boyishabow.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: nginx Date: Fri, 09 Jun 2023 05:13:30 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=20 Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Sat, 10-Jun-2023 05:13:30 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjMuqwjAURWuquRalsuF%2BgD9g8TlwqvN24AeEUo8SqDkhiY%2F69doK4mSzWbBWFEXiP4XQFuPtItvOs%2FUyW2zWiM%2FEEHmBccVXE1yjTHkhyJzdvWwgHZ01G4j5CqPPVxUfCYO8mP2wThoVvubpvu006Fe63RYhaf%2FH%2B3t7HYu1t0h3tX5MD1xfw7vikRgKyluiI5I9O8uuDIT0S7uGjDHUXlnHj0b2MAn6Qk82pPh08hSkQO8m4xc5rkgf; expires=Sat, 10-Jun-2023 05:13:30 GMT; Max-Age=86400; path=/; secure; SameSite=None Content-Encoding: gzip Vary: Accept-Encoding Strict-Transport-Security: max-age=1 X-Content-Type-Options: nosniff

	platform.bidgear.com/ads.php?zoneid=3133&domainid=2175&sizeid=2&wu=https%3A%2F%2Fww2.dramacool9.ac%2Foperation-red-sea%2F	172.67.74.36	200 OK	995 B
URL GET HTTP/2 platform.bidgear.com/ads.php?zoneid=3133&domainid=2175&sizeid=2&wu=https%3A%2F%2Fww2.dramacool9.ac%2Foperation-red-sea%2F IP 172.67.74.36:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT File type HTML document, ASCII text, with very long lines (708), with no line terminators Size 995 B (995 bytes) Hash 587cd57930b9ae058dce2d9740a5adc4 144f935a70537edbbc35d7766d47a6667c2cd5db 735d1acbf81c80d423f034201177fe79a263cb7ef03b2922f1384467d89e732f HTTP Headers `GET /ads.php?zoneid=3133&domainid=2175&sizeid=2&wu=https%3A%2F%2Fww2.dramacool9.ac%2Foperation-red-sea%2F HTTP/1.1 Host: platform.bidgear.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: application/javascript cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVl2gKhdNXyuQ3Ddif%2BjlHLfYwMTMlur1LoVMkD4gJqsl5yVTI0gFbUmhzkuXsuEsYzJwGei%2BMhOajniFhDSjHL3KDZkV%2FAcXwgn%2BfCyEg3PA7Sju7CMBUoTs2tmBC%2FNTQ148%2B6Y"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2bf5e34b4f1-OSL content-encoding: br X-Firefox-Spdy: h2

	ww2.dramacool9.ac/js/jquery-3.1.1.min.js?ver=3.1.1	188.114.97.1	200 OK	32 kB
URL GET HTTP/3 ww2.dramacool9.ac/js/jquery-3.1.1.min.js?ver=3.1.1 IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type ASCII text, with very long lines (32030) Size 32 kB (31503 bytes) Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf HTTP Headers `GET /js/jquery-3.1.1.min.js?ver=3.1.1 HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/operation-red-sea/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: application/javascript last-modified: Thu, 26 Jan 2023 08:09:36 GMT vary: Accept-Encoding etag: W/"63d23540-152b5" expires: Wed, 14 Jun 2023 01:27:58 GMT cache-control: max-age=604800 strict-transport-security: max-age=15768000 cf-cache-status: HIT age: 186331 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngKPazTVu6FZJmhlOC7A%2BPcPjZZtgUXP2ZFp83hXEauUXwmnKmAx8LxuE8b0bmBtHKKedyE1Avfo%2BgCC5W3aWtFEtMmUQR3ZUG%2F4V%2BcjelcKe%2BqGGY6mDhmQnFluCv1RwUMN6Q%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2bd6b98b4f9-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	ww2.dramacool9.ac/wp-content/plugins/search-filter/style.css?ver=1	188.114.97.1	200 OK	845 B
URL GET HTTP/3 ww2.dramacool9.ac/wp-content/plugins/search-filter/style.css?ver=1 IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type ASCII text Size 845 B (845 bytes) Hash 3b954135677c0387989e5fc0404c3439 7a017fbbdc742e0c6e7917a6a28e38f11dfff1e9 071ca38b8cec663d589e0f75341f534a696edc4aee2b99d6e502c98fa04ee020 HTTP Headers `GET /wp-content/plugins/search-filter/style.css?ver=1 HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/operation-red-sea/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: text/css last-modified: Thu, 26 Jan 2023 06:29:54 GMT vary: Accept-Encoding etag: W/"63d21de2-241" expires: Wed, 14 Jun 2023 01:27:59 GMT cache-control: max-age=604800 strict-transport-security: max-age=15768000 cf-cache-status: HIT age: 186331 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gj%2Boqk3uBmAre%2BLsskYDrX4mzdpSVasuVG1pnLNyYeHWyMnw2%2F%2FuNnLbBJOXZyEmaTQnfQ0N90ZTK6Hcz0TYGMMnHZq0cEj3og04IurUf7Lsw8fadm7012JpAnb%2FCJNe7cLytg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2bd4b66b4f9-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	imp9.bidgear.com/rec?t=1&z=6833&uuid=966fbabb685a4bdeba4b4954cf0bbf4b&p=58&g=NO&token=4a44335432&tbg=1686287610	172.67.74.36	200 OK	599 B
URL GET HTTP/2 imp9.bidgear.com/rec?t=1&z=6833&uuid=966fbabb685a4bdeba4b4954cf0bbf4b&p=58&g=NO&token=4a44335432&tbg=1686287610 IP 172.67.74.36:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data Size 599 B (599 bytes) Hash ca49a7e783b806a4e8576ea80346203d 6fe9d083221dae98f6c76f7121c37bc884b02d82 3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28 HTTP Headers GET /rec?t=1&z=6833&uuid=966fbabb685a4bdeba4b4954cf0bbf4b&p=58&g=NO&token=4a44335432&tbg=1686287610 HTTP/1.1 Host: imp9.bidgear.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Fri, 09 Jun 2023 05:13:31 GMT content-type: image/jpeg content-length: 599 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrD2%2Bj%2FrFKjtYUTOG9wMBF2BH0wzbwM0v0cc78Eq3uTByDjpvq8UjOQx78D%2B4nN9McIgLBANVbHdq95eeDZHeF%2BsUEMgBynn7SD61FtO68r5UoBSDOzxAtSmKb9VASPI%2BbI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2c10f6eb4f1-OSL X-Firefox-Spdy: h2

	ww2.dramacool9.ac/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1681098662	188.114.97.1	200 OK	14 kB
URL GET HTTP/3 ww2.dramacool9.ac/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1681098662 IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type ASCII text Size 14 kB (13832 bytes) Hash 94bc4228bb5941670e191e40a6bc44bd ad06418894462185e7eecc1421310f552e1e5e36 5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527 HTTP Headers `GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1681098662 HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/operation-red-sea/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: application/javascript last-modified: Mon, 10 Apr 2023 03:51:02 GMT vary: Accept-Encoding etag: W/"643387a6-29ed" expires: Wed, 14 Jun 2023 01:27:32 GMT cache-control: max-age=604800 strict-transport-security: max-age=15768000 cf-cache-status: HIT age: 186358 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqAVP8s3vvviyPlzc%2Fl60AwFfq768QmIDBHF2%2B42divS37ta%2FVXXhJMgyP6DujOfn3b98C544eFZoAQ8%2BNQ6%2FC2EaUKckKalasQ5MYR%2F%2B7HXyv7yYZq5kVc3tBzipnBChRPirg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2bd7bc2b4f9-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	maibaume.com/contents/s/66/4e/f4/7e5e57a086571a3ab30d1a2366/01631712729950.png	139.45.197.151		11 kB
URL GET maibaume.com/contents/s/66/4e/f4/7e5e57a086571a3ab30d1a2366/01631712729950.png IP 139.45.197.151:0 ASN #9002 RETN Limited Requested by https://ww2.dramacool9.ac/operation-red-sea/ File type PNG image data, 300 x 250, 8-bit colormap, non-interlaced\012- data Size 11 kB (10778 bytes) Hash 664ef47e5e57a086571a3ab30d1a2366 e0b40ea9002df5c090ca6426e73e9363fd121873 fd76a538f793b17d97c6773a83db4094e59377b0c6d431a8c7bc79c503287352 HTTP Headers `GET /contents/s/66/4e/f4/7e5e57a086571a3ab30d1a2366/01631712729950.png HTTP/1.1 Host: maibaume.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK server: nginx date: Fri, 09 Jun 2023 05:13:31 GMT content-type: image/png content-length: 10778 last-modified: Tue, 20 Sep 2022 15:57:36 GMT vary: Accept-Encoding etag: "6329e2f0-2a1a" access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS, HEAD access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range accept-ranges: bytes X-Firefox-Spdy: h2

	ww2.dramacool9.ac/wp-content/uploads/2019/03/operation-red-sea-220x320.jpg	188.114.97.1	200 OK	21 kB
URL GET HTTP/3 ww2.dramacool9.ac/wp-content/uploads/2019/03/operation-red-sea-220x320.jpg IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 220x320, components 3\012- data Size 21 kB (20738 bytes) Hash 03c0c490f06bbd36c2f3f2d735181813 24f2d6eeae9a65e8e2784c75545dc80d82552924 0d40bde9759d8fc32602653c23de19e27d877941fac71a8ec160dccb8c2aa15b HTTP Headers `GET /wp-content/uploads/2019/03/operation-red-sea-220x320.jpg HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/operation-red-sea/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:31 GMT content-type: image/jpeg content-length: 20738 last-modified: Sun, 28 Apr 2019 14:17:31 GMT etag: "5cc5b5fb-5102" expires: Sun, 09 Jul 2023 05:13:31 GMT cache-control: max-age=2592000 strict-transport-security: max-age=15768000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NM5rVrl92841FbHEyVZdn%2BKYPrxkcBaZOiFnTV%2FtzQtHNcTVvh1YyrV7%2BDxEXGAng7BDsJQxmTM03W55GcFFsY94PK1symVjITsA0jcqeHVyFJ2Gxx1IOyCG%2BtPJBGCg21Hu4Q%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d46e2c1f9c8b4f9-OSL alt-svc: h3=":443"; ma=86400

	ww2.dramacool9.ac/wp-content/uploads/2023/05/cropped-favicon-32x32.png	188.114.97.1	200 OK	2.1 kB
URL GET HTTP/3 ww2.dramacool9.ac/wp-content/uploads/2023/05/cropped-favicon-32x32.png IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size 2.1 kB (2117 bytes) Hash 77b0d1202256ecfa1eb2e891e50bb06b bd79d49cf9938876987daf985cb70261810a5495 6b5e0e7f2259f8e4825bad14ad6eb563b2aecea8c67e81036387610b5038a925 HTTP Headers `GET /wp-content/uploads/2023/05/cropped-favicon-32x32.png HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/operation-red-sea/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:31 GMT content-type: image/png content-length: 2117 last-modified: Thu, 18 May 2023 09:53:12 GMT etag: "6465f588-845" expires: Fri, 07 Jul 2023 01:28:04 GMT cache-control: max-age=2592000 strict-transport-security: max-age=15768000 cf-cache-status: HIT age: 186327 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJf4A%2FhzNmnlvNymVIS1Mg7t6ORfl%2BlYGqdR4KReDWdUa%2BpoN1woSvVkzp6dgkQ1pxmLDTH6WW3uWoQeOhqtLP9fGSHnD8UX0qU3C%2F7BJUkRrougq5DfynsMZXVZqFott2737g%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d46e2c3cc5cb4f9-OSL alt-svc: h3=":443"; ma=86400

	ww2.dramacool9.ac/wp-content/uploads/2023/05/cropped-favicon-192x192.png	188.114.97.1	200 OK	14 kB
URL GET HTTP/3 ww2.dramacool9.ac/wp-content/uploads/2023/05/cropped-favicon-192x192.png IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Size 14 kB (13587 bytes) Hash 757d39b98f1f77ca8a0c35cd7e05d98b 4c449459fe9819de585a299187e424e34ee17529 4e04f0050690cc571de40a94f8f16da412f3a78894f1d79e935050f305e2bd92 HTTP Headers `GET /wp-content/uploads/2023/05/cropped-favicon-192x192.png HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/operation-red-sea/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:31 GMT content-type: image/png content-length: 13587 last-modified: Thu, 18 May 2023 09:53:12 GMT etag: "6465f588-3513" expires: Fri, 07 Jul 2023 01:27:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=15768000 cf-cache-status: HIT age: 186362 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xQKT59WLUgrItqFSwlSLB88FRo0bej2uI%2FEyb2tenArAJildLiM0Bnlh1dG49O1HRhYcIsIxCvFKZC0CT4e%2F1aGTqx4cbBDxEf%2F%2BIsEctDad9iq2lsU4jmdkH0tgHw857Atpg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d46e2c3cc5ab4f9-OSL alt-svc: h3=":443"; ma=86400

	static.a-ads.com/a-ads-banners/407258/300x250?region=eu-central-1	78.46.33.196	200 OK	621 kB
URL GET HTTP/2 static.a-ads.com/a-ads-banners/407258/300x250?region=eu-central-1 IP 78.46.33.196:443 ASN #24940 Hetzner Online GmbH Requested by https://ad.a-ads.com/2215155?size=300x250 Certificate IssuerSectigo Limited Subject.a-ads.com Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT File type GIF image data, version 89a, 300 x 250\012- data Size 621 kB (621339 bytes) Hash c8694e7d5d3b9a928d4d57026ac2b68b 169b9f311167e19bd5061b53fc7e4f528e3ba7a9 0c23834abdcff9f74a47b37290da55f2c84c31c82ce26d9493b39a388b51ed6a HTTP Headers `GET /a-ads-banners/407258/300x250?region=eu-central-1 HTTP/1.1 Host: static.a-ads.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ad.a-ads.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK server: nginx date: Fri, 09 Jun 2023 05:13:31 GMT content-type: image/gif content-length: 621339 x-amz-id-2: wFVbJOwtcGRq9HsjCmTAEh7LtXAjaJ8lmeSAXDP3cyNeTIJ0kNzZZuIhRBaSwYvkxDnU5HEd0/g= x-amz-request-id: CCG3MHYNGS2BZQEP x-amz-replication-status: COMPLETED last-modified: Fri, 05 Aug 2022 10:27:24 GMT etag: "c8694e7d5d3b9a928d4d57026ac2b68b" cache-control: max-age=315360000 x-amz-version-id: 4Mo2D8..v2g7Hr5lFGow.NiBZmPPXN08 expires: Thu, 31 Dec 2037 23:55:55 GMT accept-ranges: bytes X-Firefox-Spdy: h2

	ip2geo.pubfuture-ad.com/detail	172.67.70.21	200 OK	33 B
URL GET HTTP/2 ip2geo.pubfuture-ad.com/detail IP 172.67.70.21:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintA4:70:A9:B9:AC:49:1E:53:23:43:41:25:CD:10:7C:01:2E:87:01:01 ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT File type JSON data\012- , ASCII text, with no line terminators Size 33 B (33 bytes) Hash 007af5ffed017e37943df31888ef8666 2877ed4c460ba9164b3625e32502a9d83a2a1d4a bfb9d45766b6f87ee2c5f55862cdffe168aa7df0ff6ed0917b0fbcb035fdcdd2 HTTP Headers `GET /detail HTTP/1.1 Host: ip2geo.pubfuture-ad.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ww2.dramacool9.ac/ Origin: https://ww2.dramacool9.ac DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 Jun 2023 05:13:31 GMT content-type: application/json; charset=utf-8 content-length: 33 content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-dns-prefetch-control: off expect-ct: max-age=0 x-frame-options: SAMEORIGIN strict-transport-security: max-age=15552000; includeSubDomains x-download-options: noopen x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: no-referrer x-xss-protection: 0 access-control-allow-origin: * etag: W/"21-KHftTEYLqRZLNiXjJQKp2DoqHUo" cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sN86vN9%2FbNtRLfFoXhbql6Uat5DGXlfrdmTMHRdJgHovc3jPYMDlQJYu4FYrdZWVBnleuneh4M%2FI3SA2%2BHczrQiDfACr%2FKrA%2BR6%2F3Uiqe03P1SZUNeHGtiYqEy8yQx25F3hmwuqlhv4"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2c199acb500-OSL X-Firefox-Spdy: h2

	ww1.dramacool9.ac/operation-red-sea/	188.114.97.1	301 Moved Permanently	36 kB
URL User Request GET HTTP/2 ww1.dramacool9.ac/operation-red-sea/ IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type data Size 36 kB (35484 bytes) Hash a3ed4f3abf1162c01252d2e970d3931c 2fe1e7726f5a07f973c83187a9ca9c34965defc7 400045147b81e2e1369dc646a2814a59564e8952f99cfa815e0607311859d64a HTTP Headers `GET /operation-red-sea/ HTTP/1.1 Host: ww1.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently date: Fri, 09 Jun 2023 05:13:29 GMT content-type: text/html location: https://ww2.dramacool9.ac/operation-red-sea/ strict-transport-security: max-age=15768000 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7qGWaOTa4x9A1LNg9bMbp9v1UvWznDJuH5UNrVVRkZGNiVHi9VIEwYNnJcffAJLnEkogOshjl5S64YPBi4gIcBFgwqTiCnMbgw5c6ntVkMW6B4CsSmNxeYksc3iVt8CFxX7eg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2b98babb4f4-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	my.rtmark.net/gid.js?userId=b0458c73f97449b1b86cd4254c69ce10	139.45.195.8	200 OK	65 B
URL GET HTTP/2 my.rtmark.net/gid.js?userId=b0458c73f97449b1b86cd4254c69ce10 IP 139.45.195.8:443 ASN #9002 RETN Limited Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerLet's Encrypt Subjectrtmark.net Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80 ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT File type JSON data\012- , ASCII text Size 65 B (65 bytes) Hash 379f2509ba235a098bbea78d1fc6ca76 1e26984084c079d8f5c4fba10c7417395caad33a 6b0a12c38c4826b1bebdba0da8d4f3c6bc16bcdb630e53e6afd23a039a1cd070 HTTP Headers `GET /gid.js?userId=b0458c73f97449b1b86cd4254c69ce10 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://ww2.dramacool9.ac DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Fri, 09 Jun 2023 05:13:31 GMT content-type: application/json; charset=utf-8 content-length: 65 access-control-allow-origin: https://ww2.dramacool9.ac access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=b0458c73f97449b1b86cd4254c69ce10; expires=Sat, 08 Jun 2024 05:13:31 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2

	onvictinitor.com/apu.php?zoneid=5774196	139.45.197.238	200 OK	31 kB
URL GET HTTP/2 onvictinitor.com/apu.php?zoneid=5774196 IP 139.45.197.238:443 ASN #9002 RETN Limited Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerLet's Encrypt Subjectonvictinitor.com FingerprintDF:F5:D9:76:24:51:41:DA:92:78:06:06:34:98:D1:98:2E:E7:88:5E ValidityFri, 26 May 2023 05:36:56 GMT - Thu, 24 Aug 2023 05:36:55 GMT File type gzip compressed data, max speed, from Unix\012- data Size 31 kB (30611 bytes) Hash 2d94ae4d75efd5c84b1c448ee1c74461 f6ce659e7f4f244a1397244406348a66896b9b4f f3561ffa97f4445f0fb7ea3d4e08a83e8d068bb0cb32cec9cb8a85abe374d5fd HTTP Headers `GET /apu.php?zoneid=5774196 HTTP/1.1 Host: onvictinitor.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Fri, 09 Jun 2023 05:13:31 GMT content-type: application/javascript x-trace-id: c5653aaf507cc49b5b967aa170b01f72 link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch" access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace access-control-max-age: 86400 pragma: no-cache cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT set-cookie: OAID=5f444174e9344b7998295c794653c08e; expires=Sat, 08 Jun 2024 05:13:31 GMT; path=/; secure; SameSite=None oaidts=1686287611; expires=Sat, 08 Jun 2024 05:13:31 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , content-encoding: gzip X-Firefox-Spdy: h2

	corpulentoverdoselucius.com/38/0d/c7/380dc7535f8c6acf3a1697ae86962028.js	192.243.61.225	403 Forbidden	0 B
URL GET HTTP/1.1 corpulentoverdoselucius.com/38/0d/c7/380dc7535f8c6acf3a1697ae86962028.js IP 192.243.61.225:443 ASN #39572 DataWeb Global Group B.V. Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerLet's Encrypt Subjectcorpulentoverdoselucius.com FingerprintD7:C8:D0:0A:76:5B:EB:66:0F:41:0B:6D:8B:43:0D:08:81:72:55:C3 ValidityThu, 11 May 2023 06:17:13 GMT - Wed, 09 Aug 2023 06:17:12 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /38/0d/c7/380dc7535f8c6acf3a1697ae86962028.js HTTP/1.1 Host: corpulentoverdoselucius.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 403 Forbidden Server: nginx/1.19.5 Date: Fri, 09 Jun 2023 05:13:32 GMT Content-Type: application/javascript Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

	vooodkabelochkaa.com/btag_poc.min.js	188.114.96.1	200 OK	5.4 kB
URL GET HTTP/2 vooodkabelochkaa.com/btag_poc.min.js IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subject.vooodkabelochkaa.com Fingerprint2E:47:51:A5:44:8B:D2:31:14:66:E5:C2:25:DB:92:1F:69:9A:D4:CE ValidityTue, 11 Apr 2023 14:19:56 GMT - Mon, 10 Jul 2023 14:19:55 GMT File type ASCII text, with very long lines (5530), with no line terminators Size 5.4 kB (5370 bytes) Hash f430e348d5b0d1acbb48bddd4dbd98f5 25fe0c8c9ee1fe609c71ad176c5ba068b996d108 08ed3bf110b788f2e83931f36d25b626140e0a69ae33b466c588ffa1c93c5d7a HTTP Headers `GET /btag_poc.min.js HTTP/1.1 Host: vooodkabelochkaa.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: application/javascript last-modified: Thu, 01 Jun 2023 18:17:49 GMT etag: W/"6478e0cd-14fa" access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS, HEAD access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control: max-age=14400 cf-cache-status: HIT age: 4967 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DP8eJsOIS1b1Ib%2BjuqQtC2vCPaDy6YPU991xfdVSxpN30a81nhrjvDB1rdYKaj%2FmorVM%2FrxzsMOmg4lfmt2temkuUe8TAUuJl5Zv86uTGcClJ6DP7UfmDKfc78cdgqGqr6Z2h2Q8EA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d46e2c0691b0b45-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdn.pubfuture-ad.com/v2/unit/pt.js	104.26.0.97	200 OK	6.6 kB
URL GET HTTP/2 cdn.pubfuture-ad.com/v2/unit/pt.js IP 104.26.0.97:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintA4:70:A9:B9:AC:49:1E:53:23:43:41:25:CD:10:7C:01:2E:87:01:01 ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT File type HTML document, ASCII text, with very long lines (6778), with no line terminators Size 6.6 kB (6612 bytes) Hash 0111fa8d579e88268584595c79ad05d8 557bd8adf0625893e0ede25162f2cee913ae702c 0e2968fc4d954021c6a483bf6195122c7934c97b6bc495e2c46e4382b2ee0ae4 HTTP Headers `GET /v2/unit/pt.js HTTP/1.1 Host: cdn.pubfuture-ad.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: application/javascript; charset=utf-8 cache-control: public, max-age=172800 cf-bgj: minify access-control-allow-origin: * content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests etag: W/"19d4-fKxMfwaT/pKWztkbnqHGCyR1YAs" expect-ct: max-age=0 referrer-policy: no-referrer strict-transport-security: max-age=15552000; includeSubDomains vary: Accept-Encoding x-content-type-options: nosniff x-dns-prefetch-control: off x-download-options: noopen x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 0 cf-cache-status: HIT age: 62573 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcdJqaV3se7kOgctF0Gew9AqYWWAzLxTzAkh7CruvSyriZAUobRL3T%2Flvc45onjGPQmXXVdPKvkqCIslk9EiQmfJ3GTQQiInwOTJIm%2FPYQ%2FymIXBh0HzwLN5uBocHAcoGo%2B0Zryy"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2bde89bb50c-OSL content-encoding: br X-Firefox-Spdy: h2

	ww2.dramacool9.ac/wp-content/themes/dramacool9/images/bg.jpg	188.114.97.1	200 OK	4.6 kB
URL GET HTTP/3 ww2.dramacool9.ac/wp-content/themes/dramacool9/images/bg.jpg IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 306x612, components 3\012- data Size 4.6 kB (4575 bytes) Hash cfe58fca64d462c7f2144067f7537644 b49b3252a5abef7f2b4d3fab5c3067984c3e4811 5537535a9a23ece6018f2e10f7f6eb80cea6bb3cd2df07f09d17e8422a014444 HTTP Headers `GET /wp-content/themes/dramacool9/images/bg.jpg HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/wp-content/themes/dramacool9/style.css?ver=6.1.2 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: image/jpeg content-length: 4575 last-modified: Tue, 24 Jan 2023 04:12:39 GMT etag: "63cf5ab7-11df" expires: Fri, 07 Jul 2023 01:27:59 GMT cache-control: max-age=2592000 strict-transport-security: max-age=15768000 cf-cache-status: HIT age: 186331 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPAQdSYMilU8HQql1AD8gChC27OlflsxLrUX4T8BMU4qvCnqwOYT2CxP9v5aFteeezeRycgSKQA4lw6zgwCANX77iLkPxc%2FHBPS6L9Oi6KNJrd8c7MFADn7Ojfqn0CnkjLU9QA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d46e2be6d41b4f9-OSL alt-svc: h3=":443"; ma=86400

	ww2.dramacool9.ac/wp-content/themes/dramacool9/style.css?ver=6.1.2	188.114.97.1	200 OK	53 kB
URL GET HTTP/3 ww2.dramacool9.ac/wp-content/themes/dramacool9/style.css?ver=6.1.2 IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type Size 53 kB (52713 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /wp-content/themes/dramacool9/style.css?ver=6.1.2 HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/operation-red-sea/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: text/css last-modified: Mon, 05 Jun 2023 18:36:51 GMT vary: Accept-Encoding etag: W/"647e2b43-cde9" expires: Wed, 14 Jun 2023 01:27:58 GMT cache-control: max-age=604800 strict-transport-security: max-age=15768000 cf-cache-status: HIT age: 186331 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmobGrtfvxKoVQ4xho0Y6Ni1rrDzucUypuOVBxL6Um7Uk%2B65IjpjQ5af6Jl%2BpUv5xkVWmZ58%2Bovr0fWMeujmYSTqzCr7TVC61%2BMRVKvBmNKrmC4t%2BQ1C9ZAjHrw3iGdgMq3wDQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2bd4b6eb4f9-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	imp9.bidgear.com/rec?t=1&z=3133&uuid=afe1e022096e42d69c1adfd62eb02f35&p=25&g=NO&token=4a44335432&tbg=1686287610	172.67.74.36	200 OK	599 B
URL GET HTTP/2 imp9.bidgear.com/rec?t=1&z=3133&uuid=afe1e022096e42d69c1adfd62eb02f35&p=25&g=NO&token=4a44335432&tbg=1686287610 IP 172.67.74.36:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data Size 599 B (599 bytes) Hash ca49a7e783b806a4e8576ea80346203d 6fe9d083221dae98f6c76f7121c37bc884b02d82 3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28 HTTP Headers `GET /rec?t=1&z=3133&uuid=afe1e022096e42d69c1adfd62eb02f35&p=25&g=NO&token=4a44335432&tbg=1686287610 HTTP/1.1 Host: imp9.bidgear.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 Jun 2023 05:13:31 GMT content-type: image/jpeg content-length: 599 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmVvq2rM77W4fbgz6%2F4%2FbGQ89rE0kYA1zEduqYWeYLCmdmK1lUVKKdPOExSruFR%2BvFaXmgBm6vI5Fz65U2qANmFddluVkFYCfnMYBIEAL3E4sgL6yYVePHzAEqnhob8X1gA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2c04eddb4f1-OSL X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js?ver=1	104.17.25.14	200 OK	3.4 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js?ver=1 IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT File type ASCII text, with very long lines (3454), with no line terminators Size 3.4 kB (3381 bytes) Hash 60d2900c5bd77480d72c87a0757e53a4 a14ab5f1d902491ad7d9e0be7f7df2d2047a587f d86dbcd6ce632288c61916f31f7df15a4570d569cfb3d2017bec1193d86c2a5f HTTP Headers `GET /ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js?ver=1 HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: application/javascript; charset=utf-8 content-length: 1120 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03ec4-d35" last-modified: Mon, 04 May 2020 16:11:48 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 9347 expires: Wed, 29 May 2024 05:13:30 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMPoiYYwqqsy5U8GF6IJedpP%2FlfGm7DHm7raxxStld2RSJqc1BJOrYj268VIL2zgmw1om%2FGPx2iEzn1VGBuTh5%2FDsqnDUiDtjqYjmw65dIFyqTPk%2FGkGc9J1i%2Fu1v3pj23bb8jLK"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 7d46e2bd8f110b51-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ww2.dramacool9.ac/wp-content/plugins/very-simple-contact-form/css/vscf-style.min.css?ver=6.1.2	188.114.97.1	200 OK	1.3 kB
URL GET HTTP/3 ww2.dramacool9.ac/wp-content/plugins/very-simple-contact-form/css/vscf-style.min.css?ver=6.1.2 IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type ASCII text, with very long lines (1274), with no line terminators Size 1.3 kB (1268 bytes) Hash e7020dc2bc93a807f191f04b5c8211dd e690ca6250ff9ba7f497b374dd0a82818bd9c896 6e718cab9d9ddeb0c2ac264f77dbec675c88aba64e20b0cfb7600ce74a4678f1 HTTP Headers `GET /wp-content/plugins/very-simple-contact-form/css/vscf-style.min.css?ver=6.1.2 HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/operation-red-sea/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: text/css last-modified: Thu, 06 Apr 2023 15:24:22 GMT vary: Accept-Encoding etag: W/"642ee426-4f4" expires: Wed, 14 Jun 2023 01:27:58 GMT cache-control: max-age=604800 strict-transport-security: max-age=15768000 cf-cache-status: HIT age: 186331 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OxrDRbxnwbfCcJTIjYfA%2FC3IptSFgB9fON2wp9Nhr9ZfZiDrLhyjR%2Fb%2FqH2rQ7TWBQRpHBPhA45eUo9FvMZvX1gf0WxTo7dnNmUOJKA59Ae9Tjnss3hFzd8RbPHExuhSLw41A%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2bd4b69b4f9-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	imp9.bidgear.com/rec?t=1&z=6833&uuid=a3a7d1a0ce9f48568e07a600ad68b476&p=58&g=NO&token=4a44335432&tbg=1686287610	172.67.74.36	200 OK	599 B
URL GET HTTP/2 imp9.bidgear.com/rec?t=1&z=6833&uuid=a3a7d1a0ce9f48568e07a600ad68b476&p=58&g=NO&token=4a44335432&tbg=1686287610 IP 172.67.74.36:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data Size 599 B (599 bytes) Hash ca49a7e783b806a4e8576ea80346203d 6fe9d083221dae98f6c76f7121c37bc884b02d82 3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28 HTTP Headers `GET /rec?t=1&z=6833&uuid=a3a7d1a0ce9f48568e07a600ad68b476&p=58&g=NO&token=4a44335432&tbg=1686287610 HTTP/1.1 Host: imp9.bidgear.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 Jun 2023 05:13:31 GMT content-type: image/jpeg content-length: 599 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcwBAJrUwZSkb7HgF%2F2xw8kaHW4OaJEVPwwqvlG7lpY957q6G99EhwPj7Wid%2FqxUmQI%2BINQe%2FJfz7V37j7PKZRTZiyDJoo2HJPOERT042G1iCrBk8QX9EPBOVDVH4I8eB14%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2c04edeb4f1-OSL X-Firefox-Spdy: h2

	vooodkabelochkaa.com/btag_poc.min.js	188.114.96.1	200 OK	5.4 kB
URL GET HTTP/3 vooodkabelochkaa.com/btag_poc.min.js IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subject.vooodkabelochkaa.com Fingerprint2E:47:51:A5:44:8B:D2:31:14:66:E5:C2:25:DB:92:1F:69:9A:D4:CE ValidityTue, 11 Apr 2023 14:19:56 GMT - Mon, 10 Jul 2023 14:19:55 GMT File type ASCII text, with very long lines (5530), with no line terminators Size 5.4 kB (5370 bytes) Hash f430e348d5b0d1acbb48bddd4dbd98f5 25fe0c8c9ee1fe609c71ad176c5ba068b996d108 08ed3bf110b788f2e83931f36d25b626140e0a69ae33b466c588ffa1c93c5d7a HTTP Headers `GET /btag_poc.min.js HTTP/1.1 Host: vooodkabelochkaa.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:31 GMT content-type: application/javascript last-modified: Thu, 01 Jun 2023 18:17:49 GMT etag: W/"6478e0cd-14fa" access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS, HEAD access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control: max-age=14400 cf-cache-status: HIT age: 4968 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RjJa3FARoksM2fIT8ZMVTkZ2ONLoEGSKJvI7CQJKK3CTBzTWxNegQIUn3bTWwPKXLVQikl4JE%2F%2F%2FDhSRNcUL5%2FWWM6B7rh%2FmxONUKtfL6IpmvDZna5SOxAXW28tAUg%2FD5iwlYbLCw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d46e2c10fc21c0e-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	ww2.dramacool9.ac/wp-includes/css/classic-themes.min.css?ver=1	188.114.97.1	200 OK	217 B
URL GET HTTP/3 ww2.dramacool9.ac/wp-includes/css/classic-themes.min.css?ver=1 IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type ASCII text, with no line terminators Size 217 B (217 bytes) Hash 723bbab25ceea9dadba405ab02269a2d ca26599ff3d31e01e2215965e790ec4f270c0343 18aa9922624232656ab2f2239fa490a6b75e3e99bbdfff63f95a4b7ec376834d HTTP Headers `GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/operation-red-sea/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: text/css last-modified: Tue, 25 Oct 2022 13:45:16 GMT etag: W/"6357e86c-d9" expires: Wed, 14 Jun 2023 01:27:58 GMT cache-control: max-age=604800 strict-transport-security: max-age=15768000 cf-cache-status: HIT age: 186332 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKOncQ7Jo2inHk%2BQqB6h2gCI1peMe6Ncbk5Lf9wdyuwz3Nhw%2B2Kl5aHfR2jfryNTrh%2FHGjBqK66tQtm0qmZLqoLWMvt033DN2cgtHZWSEf7h%2FyC%2FL6SAAKtdTjZUNpr40O7ORA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d46e2bd4b64b4f9-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	ardslediana.com/?rb=4fjEBZg-ysdbGax9U0SieUxMg_-X2A3rJEgymAlN7MzeK0RQkwqxFNgqnVf2rqRncOARN_4oAgIMSdvH0qPnRBLaa02qgYCEVBsjwkyGPQ2ysdm6dEzDINKJ-VRUjJqPh_R_FSVJICkQLmTfWC9zlItbqTXDS21I4_eBOTOdiALyufryfLjjnL-TMk4%3D&request_ab2=0&zoneid=5772822&js_build=iclick-v1.555.1&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wih=150&wiw=300&wfc=3&pl=about%3Ablank&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.555.1&bs=a2f7c68a-4cfa-4cf5-ae54-4cae85b047de&userId=b0458c73f97449b1b86cd4254c69ce10&m=link	139.45.197.236	200 OK	2.1 kB
URL GET HTTP/2 ardslediana.com/?rb=4fjEBZg-ysdbGax9U0SieUxMg_-X2A3rJEgymAlN7MzeK0RQkwqxFNgqnVf2rqRncOARN_4oAgIMSdvH0qPnRBLaa02qgYCEVBsjwkyGPQ2ysdm6dEzDINKJ-VRUjJqPh_R_FSVJICkQLmTfWC9zlItbqTXDS21I4_eBOTOdiALyufryfLjjnL-TMk4%3D&request_ab2=0&zoneid=5772822&js_build=iclick-v1.555.1&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wih=150&wiw=300&wfc=3&pl=about%3Ablank&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.555.1&bs=a2f7c68a-4cfa-4cf5-ae54-4cae85b047de&userId=b0458c73f97449b1b86cd4254c69ce10&m=link IP 139.45.197.236:443 ASN #9002 RETN Limited Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerLet's Encrypt Subjectardslediana.com Fingerprint9B:23:8F:F3:25:9D:CF:D5:05:23:67:19:60:C9:0D:08:8C:3E:DF:BE ValidityThu, 30 Mar 2023 05:14:36 GMT - Wed, 28 Jun 2023 05:14:35 GMT File type troff or preprocessor input, ASCII text, with very long lines (2091), with no line terminators Size 2.1 kB (2061 bytes) Hash 79cff5dd0261367e73094d22fd94a3b7 9e48026851f20ddbe6f3752763527d7505cd9a99 0bbacc19aa3c6e0cfcfa60035aaab801a474c36ba2212bf393c441b17390768b HTTP Headers GET /?rb=4fjEBZg-ysdbGax9U0SieUxMg_-X2A3rJEgymAlN7MzeK0RQkwqxFNgqnVf2rqRncOARN_4oAgIMSdvH0qPnRBLaa02qgYCEVBsjwkyGPQ2ysdm6dEzDINKJ-VRUjJqPh_R_FSVJICkQLmTfWC9zlItbqTXDS21I4_eBOTOdiALyufryfLjjnL-TMk4%3D&request_ab2=0&zoneid=5772822&js_build=iclick-v1.555.1&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wih=150&wiw=300&wfc=3&pl=about%3Ablank&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.555.1&bs=a2f7c68a-4cfa-4cf5-ae54-4cae85b047de&userId=b0458c73f97449b1b86cd4254c69ce10&m=link HTTP/1.1 Host: ardslediana.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ww2.dramacool9.ac/ Origin: https://ww2.dramacool9.ac DNT: 1 Connection: keep-alive Cookie: OAID=33f60526a8504100be90f6731cdf847c; oaidts=1686287611 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx date: Fri, 09 Jun 2023 05:13:31 GMT content-type: application/json x-trace-id: ff51d3d45b425c34e4f3a8d815d78de8 access-control-allow-origin: https://ww2.dramacool9.ac access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace access-control-max-age: 86400 pragma: no-cache cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT set-cookie: OAID=b0458c73f97449b1b86cd4254c69ce10; expires=Sat, 08 Jun 2024 05:13:31 GMT; path=/; secure; SameSite=None oaidts=1686287611; expires=Sat, 08 Jun 2024 05:13:31 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Fri, 16 Jun 2023 05:13:31 GMT; path=/; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , content-encoding: gzip X-Firefox-Spdy: h2

	ww2.dramacool9.ac/wp-includes/css/dist/block-library/style.min.css?ver=6.1.2	188.114.97.1	200 OK	95 kB
URL GET HTTP/3 ww2.dramacool9.ac/wp-includes/css/dist/block-library/style.min.css?ver=6.1.2 IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type Size 95 kB (94889 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.2 HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/operation-red-sea/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: text/css last-modified: Fri, 11 Nov 2022 14:56:45 GMT vary: Accept-Encoding etag: W/"636e62ad-172a9" expires: Wed, 14 Jun 2023 01:27:58 GMT cache-control: max-age=604800 strict-transport-security: max-age=15768000 cf-cache-status: HIT age: 186331 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HActNClzxd40q189aXe%2FyXr0%2BEzBYQ9ww2U%2FjBT2WyXj3aAbjX%2BFAM6ROi8v9gSwoGWMo6kkW89MXOSG1tmCTrCuW1VEyIg%2FgEM13p3hMIMwE0Y0fP%2BbAGtRjzd9yP5NURubZg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2bd4b62b4f9-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=3133	0.0.0.0		0 B
URL GET platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=3133 IP 0.0.0.0:0 ASN #0 Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /ads.php?domainid=2175&sizeid=2&zoneid=3133 HTTP/1.1 Host: platform.bidgear.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: text/plain; charset=utf-8 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VF%2FtPx89kpgdyW%2FNsaRhTNJhjBzA49h%2FlcI35DybH71MgFVV24wKBzsfH8P8YzMKn%2BK4IsVDe%2BYDPAPcmDUBPrXE6zstv1ly07PsZ%2FXsgws6ny2F%2Bwmd8ukbWnPwV6CMlhZv0sGs"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2bdecd7b4f1-OSL content-encoding: br X-Firefox-Spdy: h2

	platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=6833	172.67.74.36	200 OK	824 B
URL GET HTTP/2 platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=6833 IP 172.67.74.36:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT File type HTML document text\012- HTML document, ASCII text, with very long lines (868), with no line terminators Size 824 B (824 bytes) Hash 6071547c71f37ad34b12f1b6c86525d8 1f9a0b81bfe3ec0bd6a8174703e3bc8de9877f15 5b4bf631baee61fd54489dd7d91bf7cdbe7a0c8dc554a92424c35aef8b705454 HTTP Headers `GET /ads.php?domainid=2175&sizeid=2&zoneid=6833 HTTP/1.1 Host: platform.bidgear.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: application/javascript cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGQc4oJMR9Ukpd%2Bq%2B%2F45T8qIUl3V2ewFdfl72pUe6ZHRoQm1a1vyw8D7OLEXWSqC%2BV9XCDgYF%2FMLGpAH5ILJ3Cy2wf8TDvPRUa0csvVD9FKiHYcQmggxxiw5xpt3KOyD74I7UgQp"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2bdecd4b4f1-OSL content-encoding: br X-Firefox-Spdy: h2

	ardslediana.com/5/5772822	139.45.197.236	200 OK	69 kB
URL GET HTTP/2 ardslediana.com/5/5772822 IP 139.45.197.236:443 ASN #9002 RETN Limited Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerLet's Encrypt Subjectardslediana.com Fingerprint9B:23:8F:F3:25:9D:CF:D5:05:23:67:19:60:C9:0D:08:8C:3E:DF:BE ValidityThu, 30 Mar 2023 05:14:36 GMT - Wed, 28 Jun 2023 05:14:35 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 69 kB (68957 bytes) Hash 5690be3d745d007f9806f65ad12805dd 55a7fc1083fc0b53e6ccf8d4349d939b8ce040e0 cc728f974d08eaf0824d8f1b18cbe0ef536e9cc5625ff77ec94b6ff06e8653ab HTTP Headers `GET /5/5772822 HTTP/1.1 Host: ardslediana.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Fri, 09 Jun 2023 05:13:31 GMT content-type: application/javascript x-trace-id: ce8e90a23ced824d34c98efa2c3cc499 link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch" access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace access-control-max-age: 86400 timing-allow-origin: * set-cookie: OAID=b0458c73f97449b1b86cd4254c69ce10; expires=Sat, 08 Jun 2024 05:13:31 GMT; path=/; secure; SameSite=None oaidts=1686287611; expires=Sat, 08 Jun 2024 05:13:31 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT pragma: no-cache, no-cache cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT content-encoding: gzip X-Firefox-Spdy: h2

	ww2.dramacool9.ac/wp-content/themes/dramacool9/fonts/simple-line-icons.min.css?ver=2.3.3	188.114.97.1	200 OK	4.0 kB
URL GET HTTP/3 ww2.dramacool9.ac/wp-content/themes/dramacool9/fonts/simple-line-icons.min.css?ver=2.3.3 IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type ASCII text, with very long lines (4319), with no line terminators Size 4.0 kB (4011 bytes) Hash 1646956a8ee4f574c5dd2e7bd74e41ff 1bf3f837134a250b01f4a072a05d73af38047ee2 e0ebd64c7a0f7a41c6134bb3f65a0cfc6ee521ab0b8d57fb3a115a159ae0b94e HTTP Headers `GET /wp-content/themes/dramacool9/fonts/simple-line-icons.min.css?ver=2.3.3 HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/operation-red-sea/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: text/css last-modified: Tue, 24 Jan 2023 04:12:31 GMT vary: Accept-Encoding etag: W/"63cf5aaf-fab" expires: Wed, 14 Jun 2023 01:27:59 GMT cache-control: max-age=604800 strict-transport-security: max-age=15768000 cf-cache-status: HIT age: 186331 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shyM%2FSuwdQIXsJdFB0f4ZCD3gsjeYBN9ex16K1kz6ny1p1lvTvcRxZxiYr5E98oIhkCuUFar0kIiVifMRtx9NoTLpSz3lVekzkxpCqp3mN%2B0xSF82aQL3jwgaZ%2BMP7BYoVGMeQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2bd4b6bb4f9-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	ardslediana.com/5/5772822	139.45.197.236	200 OK	69 kB
URL GET HTTP/2 ardslediana.com/5/5772822 IP 139.45.197.236:443 ASN #9002 RETN Limited Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerLet's Encrypt Subjectardslediana.com Fingerprint9B:23:8F:F3:25:9D:CF:D5:05:23:67:19:60:C9:0D:08:8C:3E:DF:BE ValidityThu, 30 Mar 2023 05:14:36 GMT - Wed, 28 Jun 2023 05:14:35 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 69 kB (68956 bytes) Hash 6b295f4d5a9d6e7633edf007fbd7307a f797d31d9567f5637cdb0f6ea551a971daba2435 ab6f29479d2cb76d4f1ca7cdf9a67799f8f3e52c4ea11e1179fc229c2caff7bb HTTP Headers `GET /5/5772822 HTTP/1.1 Host: ardslediana.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Fri, 09 Jun 2023 05:13:31 GMT content-type: application/javascript x-trace-id: 8131d7b998e4f9c200df4b9c76006ba7 link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch" access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace access-control-max-age: 86400 timing-allow-origin: * set-cookie: OAID=33f60526a8504100be90f6731cdf847c; expires=Sat, 08 Jun 2024 05:13:31 GMT; path=/; secure; SameSite=None oaidts=1686287611; expires=Sat, 08 Jun 2024 05:13:31 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT pragma: no-cache, no-cache cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT content-encoding: gzip X-Firefox-Spdy: h2

	platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=6833	172.67.74.36	200 OK	824 B
URL GET HTTP/2 platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=6833 IP 172.67.74.36:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT File type HTML document text\012- HTML document, ASCII text, with very long lines (868), with no line terminators Size 824 B (824 bytes) Hash 8f07f67701dad949b7d4fd5752983c4a 413d4ed242b3f69318a075503751640a08c94cbd 0782ee9eb7888d985eacc0ec6244a6e785f8f0f704e9f8f5e6eac3699b18f778 HTTP Headers `GET /ads.php?domainid=2175&sizeid=2&zoneid=6833 HTTP/1.1 Host: platform.bidgear.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 Jun 2023 05:13:31 GMT content-type: application/javascript cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXOFsr%2Fy5nPhy0iSOeE05Ckpgd6aUdJYB%2BT00nHGQP32Q6zgYdHZRI%2FwhkDCPfEr4oMhU%2B244yHQQEnZujH%2FVh%2FVynQvGJFqGyw2lr7wI4kdNKVShiPhBP7ZcpvUd7k8aMXvUG2k"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2c02ec3b4f1-OSL content-encoding: br X-Firefox-Spdy: h2

	ad.a-ads.com/2215155?size=300x250	78.46.33.196	200 OK	12 kB
URL GET HTTP/2 ad.a-ads.com/2215155?size=300x250 IP 78.46.33.196:443 ASN #24940 Hetzner Online GmbH Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerSectigo Limited Subject.a-ads.com Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11122) Size 12 kB (12396 bytes) Hash 185b87bad12479e3ffa78433a52d1320 bd7e9ad0feda23d08431d7b9b3f15abdc3f262fc ebe2ab2980676abd9fa6a009fce885f13bfc79c03e6144e87f5d38d8b65193f1 HTTP Headers GET /2215155?size=300x250 HTTP/1.1 Host: ad.a-ads.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 09 Jun 2023 05:13:31 GMT content-type: text/html;charset=utf-8 vary: Accept-Encoding, Accept-Encoding status: 200 OK x-xss-protection: 1; mode=block x-content-type-options: nosniff x-powered-by: Phusion Passenger(R) x-original-referer: https://ww2.dramacool9.ac/ x-robots-tag: noindex, nofollow, nosnippet, noarchive content-encoding: gzip X-Firefox-Spdy: h2`

	ww2.dramacool9.ac/operation-red-sea/	188.114.97.1	200 OK	37 kB
URL User Request GET HTTP/2 ww2.dramacool9.ac/operation-red-sea/ IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type Size 37 kB (36842 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /operation-red-sea/ HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding x-pingback: https://ww2.dramacool9.ac/xmlrpc.php link: <https://ww2.dramacool9.ac/wp-json/>; rel="https://api.w.org/", <https://ww2.dramacool9.ac/wp-json/wp/v2/posts/62337>; rel="alternate"; type="application/json", <https://ww2.dramacool9.ac/?p=62337>; rel=shortlink strict-transport-security: max-age=15768000 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKoB%2FES6qF5U4gw65AgAWohx5wpzM2aAnoyCIADePVViIBEg9rk57dzAFNgJVPmBOXzevWIUgW7jHeO7Qd8Rl9w7utGnHx%2FNCs%2F%2Bfo%2BhLOtl4lyz72MwI6w7MLIi%2B%2Bg%2FSxtHlw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2ba6c49b4f4-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdn.pubfuture-ad.com/v2/config/642ff67f7b6e39003d2ab51f?v=6&d=b3RoZXJz&ip=OTEuOTAuNDIuMTU0&c=&cc=Tk8=&s=d3cyLmRyYW1hY29vbDkuYWMvb3BlcmF0aW9uLXJlZC1zZWEv	172.67.70.21	200 OK	328 B
URL GET HTTP/2 cdn.pubfuture-ad.com/v2/config/642ff67f7b6e39003d2ab51f?v=6&d=b3RoZXJz&ip=OTEuOTAuNDIuMTU0&c=&cc=Tk8=&s=d3cyLmRyYW1hY29vbDkuYWMvb3BlcmF0aW9uLXJlZC1zZWEv IP 172.67.70.21:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintA4:70:A9:B9:AC:49:1E:53:23:43:41:25:CD:10:7C:01:2E:87:01:01 ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT File type HTML document text\012- troff or preprocessor input, ASCII text, with very long lines (360), with no line terminators Size 328 B (328 bytes) Hash f475d6f8f716d31f52820241b2ccb1f9 048a34f640fe2cfa6f428a4a1d948bcf0059475a 188854af4898dfef9fccb9fb2acce7100302c2b4a4bc5d1e87daf15c2090fe10 HTTP Headers GET /v2/config/642ff67f7b6e39003d2ab51f?v=6&d=b3RoZXJz&ip=OTEuOTAuNDIuMTU0&c=&cc=Tk8=&s=d3cyLmRyYW1hY29vbDkuYWMvb3BlcmF0aW9uLXJlZC1zZWEv HTTP/1.1 Host: cdn.pubfuture-ad.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ww2.dramacool9.ac/ Origin: https://ww2.dramacool9.ac DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 09 Jun 2023 05:13:31 GMT content-type: application/json; charset=utf-8 content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-dns-prefetch-control: off expect-ct: max-age=0 x-frame-options: SAMEORIGIN strict-transport-security: max-age=15552000; includeSubDomains x-download-options: noopen x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: no-referrer x-xss-protection: 0 access-control-allow-origin: * etag: W/"148-fOxs4lx8qP4cMAHhv6hFpq1aRIs" vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FIigso%2Bprjnfw8xuOsNqW8mIfhk51DNnqu1%2FYM30YEuH%2BOabrIUscK87zfnu7lGWwAmCkieBpSodN56EQLBEHYW16AXzfUiM%2FJL9u6t%2BRc1Yj6HUGjlT4Zua9YKHlG3BgfStEne"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2c45cd1b500-OSL content-encoding: br X-Firefox-Spdy: h2

	ww2.dramacool9.ac/wp-includes/js/comment-reply.min.js?ver=6.1.2	188.114.97.1	200 OK	3.0 kB
URL GET HTTP/3 ww2.dramacool9.ac/wp-includes/js/comment-reply.min.js?ver=6.1.2 IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://ww2.dramacool9.ac/operation-red-sea/ Certificate IssuerGoogle Trust Services LLC Subjectdramacool9.ac FingerprintDB:5B:4C:59:2C:77:2F:91:40:E2:69:46:77:A4:68:C4:E4:E1:29:62 ValidityMon, 01 May 2023 02:10:07 GMT - Sun, 30 Jul 2023 02:10:06 GMT File type ASCII text, with very long lines (3056), with no line terminators Size 3.0 kB (2981 bytes) Hash dc7f90d513295c29acc441fe114a2cab ca9e5069d9afc4aa13ab2e152313dfb476e842ef f87915c58d8c25473c726646b58d2fe0ba9a136987571e6c810aba3c67b4f74c HTTP Headers `GET /wp-includes/js/comment-reply.min.js?ver=6.1.2 HTTP/1.1 Host: ww2.dramacool9.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ww2.dramacool9.ac/operation-red-sea/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 Jun 2023 05:13:30 GMT content-type: application/javascript last-modified: Fri, 08 Apr 2022 20:07:18 GMT vary: Accept-Encoding etag: W/"625095f6-ba5" expires: Wed, 14 Jun 2023 01:27:31 GMT cache-control: max-age=604800 strict-transport-security: max-age=15768000 cf-cache-status: HIT age: 186359 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5XtbwkE0hPDUG71DQmHHdO1c0goc8UwyuyXyRO9sdTsY%2BBg%2B91vr3SON1AcD6qK4%2BgG619%2BHfGpx9dxeid%2BeSSyBx466IoN9KPaPCX5qb0CY0XB%2BgdeObrf2%2FeYao%2Beh9w%2Fdg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d46e2bd7bc5b4f9-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML