dramago.pilotproxy.com Open in urlscan Pro
2606:4700:3037::6815:4697 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dramago.pilotproxy.com/
Submission: On April 15 via api (April 15th 2024, 11:57:02 am UTC) from US — Scanned from DE

Summary HTTP 164 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 16 domains to perform 164 HTTP transactions. The main IP is 2606:4700:3037::6815:4697, located in United States and belongs to CLOUDFLARENET, US. The main domain is dramago.pilotproxy.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 27th 2023. Valid for: a year.

This is the only time dramago.pilotproxy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
61	2606:4700:303... 2606:4700:3037::6815:4697	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
5	162.19.58.159 162.19.58.159	16276 (OVH) (OVH)
1	146.75.120.193 146.75.120.193	54113 (FASTLY) (FASTLY)
5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.240.108.68 172.240.108.68	7979 (SERVERS-COM) (SERVERS-COM)
10	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5 25	178.162.215.162 178.162.215.162	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
9 30	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
164	12

61 2606:4700:3037::6815:4697 (United States)

ASN13335 (CLOUDFLARENET, US)

dramago.pilotproxy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

metrica-yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
matomo.hellohi.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.19.58.159 (France)

ASN16276 (OVH, FR)
PTR: ns3096667.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

theusualsuspectz.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.240.108.68 (United States)

ASN7979 (SERVERS-COM, US)

heartilyscales.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

demiseskill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 178.162.215.162 (Germany) 5 redirects

ASN28753 (LEASEWEB-DE-FRA-10, DE)

vmuid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
origunix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pupspu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a02:6b8::1:119 (Moscow, Russian Federation) 9 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	pilotproxy.com dramago.pilotproxy.com	502 KB
23	yandex.com 8 redirects mc.yandex.com — Cisco Umbrella Rank: 9597	18 KB
15	hellohi.me matomo.hellohi.me	22 KB
10	pupspu.com pupspu.com — Cisco Umbrella Rank: 34141	288 KB
10	vmuid.com vmuid.com — Cisco Umbrella Rank: 861741	54 KB
10	demiseskill.com demiseskill.com — Cisco Umbrella Rank: 857837
7	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4409	74 KB
5	gstatic.com fonts.gstatic.com	16 KB
5	origunix.com 5 redirects origunix.com — Cisco Umbrella Rank: 835724	2 KB
5	heartilyscales.com heartilyscales.com
5	theusualsuspectz.biz theusualsuspectz.biz	17 KB
5	ibb.co i.ibb.co — Cisco Umbrella Rank: 11531	6 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1017 B
5	metrica-yandex.com metrica-yandex.com	19 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 7972	17 KB
0	sidebyz.com Failed ecma.sidebyz.com Failed
164	16

	Domain	Requested by
61	dramago.pilotproxy.com	dramago.pilotproxy.com
23	mc.yandex.com	8 redirects dramago.pilotproxy.com mc.yandex.ru
15	matomo.hellohi.me	dramago.pilotproxy.com matomo.hellohi.me
10	pupspu.com	dramago.pilotproxy.com origunix.com
10	vmuid.com	dramago.pilotproxy.com vmuid.com
10	demiseskill.com	dramago.pilotproxy.com
7	mc.yandex.ru	1 redirects dramago.pilotproxy.com
5	fonts.gstatic.com	fonts.googleapis.com
5	origunix.com	5 redirects
5	heartilyscales.com	dramago.pilotproxy.com
5	theusualsuspectz.biz	dramago.pilotproxy.com
5	i.ibb.co	dramago.pilotproxy.com
5	fonts.googleapis.com	dramago.pilotproxy.com
5	metrica-yandex.com	dramago.pilotproxy.com
1	i.imgur.com	dramago.pilotproxy.com
0	ecma.sidebyz.com Failed	theusualsuspectz.biz
164	16

This site contains no links.

Subject Issuer	Validity	Valid
pilotproxy.com Cloudflare Inc ECC CA-3	`2023-12-27` - `2024-12-26`	a year	crt.sh
metrica-yandex.com GTS CA 1P5	`2024-03-12` - `2024-06-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
ibb.co R3	`2024-02-07` - `2024-05-07`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
theusualsuspectz.biz GTS CA 1P5	`2024-03-15` - `2024-06-13`	3 months	crt.sh
heartilyscales.com R3	`2024-04-10` - `2024-07-09`	3 months	crt.sh
demiseskill.com R3	`2024-03-05` - `2024-06-03`	3 months	crt.sh
vmuid.com R3	`2024-03-27` - `2024-06-25`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
hellohi.me GTS CA 1P5	`2024-03-29` - `2024-06-27`	3 months	crt.sh
pupspu.com R3	`2024-03-27` - `2024-06-25`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://dramago.pilotproxy.com/
Frame ID: A29B4AB360E507DBEAFD3A17E85C6238
Requests: 55 HTTP requests in this frame

Frame: https://dramago.pilotproxy.com/ads/header_1.html
Frame ID: 2B8D9F12CE00B5FD2FDB95EACA0EE8D0
Requests: 27 HTTP requests in this frame

Frame: https://dramago.pilotproxy.com/ads/eps_block_1.html
Frame ID: 80C6FDE01BC6DA34C804C80D267271C7
Requests: 28 HTTP requests in this frame

Frame: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Frame ID: BA4F1857647B2E93E2FAA378385A7F7D
Requests: 27 HTTP requests in this frame

Frame: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Frame ID: 63592E7C6A663E785E239A0FF23E17EA
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Korean Drama | Korean Movies | Popular Drama | Watch Drama Online - DramaGo.com

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

164
Requests

89 %
HTTPS

55 %
IPv6

16
Domains

16
Subdomains

12
IPs

4
Countries

1021 kB
Transfer

3516 kB
Size

34
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP 302
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8

Request Chain 62

https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP 302
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8

Request Chain 84

https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP 302
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8

Request Chain 106

https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP 302
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8

Request Chain 113

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10340.p6QU2f_OXWRsyOtZNdz8uLf7lKtvtxhpPXUAcK7sJMc_TY3S7ij25DeXDsZQ9XKO._NilRsKNA1iVqixzC3v7HRJxizw%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10340.weED0J2tqfGXgoP9lr0hQfNgKrjtPfIccSrL_9ogG9yDrC24tHTYy-Nz9tzch9DsXpEsxhzFjIgF4jgekZBzXtjhoFjPHk0gOQUpIM9w7gA4daLAtjiTJc4olCJUpVrJu16eZ12t38352n_ndxgyDoc7KUvSJoo8sH3jjSTr5mlDpnUazY0OY9kjdE8wG_SqBFt-crTL0XTcplli-iPoafvCm0bq7ANxg_IBU40pj4Q%2C.DRsQEKHXkC0pj4yTQxRREXj0Ixs%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10340.mo7kU7ZZsOPxlliv-RlDcIout-wgexQA7dCavByui7XINGGh6Yy6RmPlBRxx2XRgoyrLyHBbg-wqKaMyRsKMbI1j8oeAIqkxzP0abPlSrzyd-Dj1Ecg7wrUdOlyx_BGh2Q6Km38byAgj5HJ5hthfaYLuS7D-Az7TxHnhs4GTPYpDWJS6u_xjK_Xb3wimdhz6IQ1SXM4cMF3ArGD8GvKoQA%2C%2C.Bbyrlbp4Q_HBflTgPfK7sThTLy4%2C

Request Chain 114

https://mc.yandex.com/watch/71463988?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fheader_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A519641415344%3Ahid%3A358016597%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A490853693%3Arqn%3A1%3Au%3A171318221815536274%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A359%3Awv%3A2%3Ads%3A0%2C0%2C311%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217904%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21037568)aw(1)rcm(0)cdl(na)ti(1) HTTP 302
https://mc.yandex.com/watch/71463988/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fheader_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A519641415344%3Ahid%3A358016597%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A490853693%3Arqn%3A1%3Au%3A171318221815536274%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A359%3Awv%3A2%3Ads%3A0%2C0%2C311%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217904%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1

Request Chain 115

https://mc.yandex.com/watch/90922181?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fheader_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A1256352543431%3Ahid%3A358016597%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A320902692%3Arqn%3A1%3Au%3A171318221815536274%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A359%3Awv%3A2%3Ads%3A0%2C0%2C311%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217904%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21037568)aw(1)rcm(0)cdl(na)ti(1) HTTP 302
https://mc.yandex.com/watch/90922181/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fheader_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A1256352543431%3Ahid%3A358016597%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A320902692%3Arqn%3A1%3Au%3A171318221815536274%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A359%3Awv%3A2%3Ads%3A0%2C0%2C311%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217904%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1

Request Chain 117

https://mc.yandex.com/watch/71463988?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Feps_block_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A519641415344%3Ahid%3A436874538%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A293292221%3Arqn%3A3%3Au%3A171318221815536274%3Aw%3A468x60%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A260%3Awv%3A2%3Ads%3A0%2C0%2C182%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217905%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21037568)aw(1)rcm(0)cdl(na)ti(1) HTTP 302
https://mc.yandex.com/watch/71463988/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Feps_block_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A519641415344%3Ahid%3A436874538%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A293292221%3Arqn%3A3%3Au%3A171318221815536274%3Aw%3A468x60%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A260%3Awv%3A2%3Ads%3A0%2C0%2C182%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217905%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1

Request Chain 118

https://mc.yandex.com/watch/90922181?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Feps_block_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A1256352543431%3Ahid%3A436874538%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A417276647%3Arqn%3A3%3Au%3A171318221815536274%3Aw%3A468x60%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A260%3Awv%3A2%3Ads%3A0%2C0%2C182%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217905%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21037568)aw(1)rcm(0)cdl(na)ti(1) HTTP 302
https://mc.yandex.com/watch/90922181/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Feps_block_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A1256352543431%3Ahid%3A436874538%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A417276647%3Arqn%3A3%3Au%3A171318221815536274%3Aw%3A468x60%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A260%3Awv%3A2%3Ads%3A0%2C0%2C182%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217905%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1

Request Chain 119

https://mc.yandex.com/watch/71463988?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1-2.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A519641415344%3Ahid%3A702282938%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A932901675%3Arqn%3A4%3Au%3A171318221815536274%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A423%3Awv%3A2%3Ads%3A0%2C0%2C374%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217907%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21037568)aw(1)rcm(0)cdl(na)ti(1) HTTP 302
https://mc.yandex.com/watch/71463988/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1-2.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A519641415344%3Ahid%3A702282938%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A932901675%3Arqn%3A4%3Au%3A171318221815536274%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A423%3Awv%3A2%3Ads%3A0%2C0%2C374%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217907%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1

Request Chain 120

https://mc.yandex.com/watch/90922181?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1-2.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A1256352543431%3Ahid%3A702282938%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A817985891%3Arqn%3A4%3Au%3A171318221815536274%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A423%3Awv%3A2%3Ads%3A0%2C0%2C374%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217907%3Anp%3AV2luMzI%3D%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21037568)aw(1)rcm(0)cdl(na)ti(1) HTTP 302
https://mc.yandex.com/watch/90922181/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1-2.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A1256352543431%3Ahid%3A702282938%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A817985891%3Arqn%3A4%3Au%3A171318221815536274%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A423%3Awv%3A2%3Ads%3A0%2C0%2C374%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217907%3Anp%3AV2luMzI%3D%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1

Request Chain 137

https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP 302
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8

164 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
dramago.pilotproxy.com/ 46 KB
7 KB 235ms
196ms Document
text/html 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b78035f2b14cfd6874f12c9ea2de0d9d7b2887cc2987e7e0baedcbbeddde7b3f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 874bc15bf9553807-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Mon, 15 Apr 2024 11:56:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ehfnPXpmmpQ6JckGUrnPMLK8AQFNm1UJJq0ykGQurD1v5ka%2FVlLoA23Tvqtg3mr55glwpIFAoC9Z4z5JMbZ0L0E4xdWrA7ittll2uUWPgLna8gs4QkkBB%2BLoSLJcisw07HJBxxOQaCnnPPvpvLth6YS0QzA%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 tag.js Show response
metrica-yandex.com/metrika/ 59 KB
19 KB 92ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrica-yandex.com/metrika/tag.js?1001
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e31460a6eacabdc5895ad2ad898a4a570ac88f2794c61ddce6b0beee304eb11

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 23:00:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2051131
etag: W/"61564186-eb6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzKODiRtKJLcqHOBKb7A8lkC4emJjoGTtkiK8z23XnhPWatK6WrLMiiTnHG5bQRliz1JOp6NYX9Ll9Z3JiEezWvs7wgAFKmtvAUkrPqNmzHdrwvy%2FLWaSyKKKXECUwdhJ7pCAI1jmh9rWF2MVy4WKbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 874bc15d997671b9-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 reset.css
dramago.pilotproxy.com/styles/ 858 B
1021 B 143ms
142ms Stylesheet
text/css 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/styles/reset.css
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec3a5f9cc57ff0c9fa0b45e2bfea8b85d92b41543def7dc96084d3661d6f0033

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fYpD%2BMM7S%2BFfHivRwDO8rg6hUgYIwSBjYsb8n%2Fel1E1VjzRfGalHFSrarShptFDcX8wTEgszfiEyKdHP6wTuDN7rkAihsJ2nGLvJn9%2FZVsxQbHnOmuBrDO%2BhdHrqB%2FL99dSsI7T39HnTep7yKCj6nB8LRrOQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15d3ad03807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 main.css
dramago.pilotproxy.com/styles/front/ 28 KB
6 KB 131ms
130ms Stylesheet
text/css 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/styles/front/main.css
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b31261d20d04c64b9bd5a51834124105e4c52fb1327db4f349858d98e2103755

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fVehFjDm16yw1bWMdYopXP7MRjVrHTt4IJYvOUInfmyaptUqpQrLy%2BFHEKRlN8Kravy77pfe7A8DjpJ0kr1yl3S7Jp2o5Qu7%2B1%2B4YMdRXxq0PblyJI88%2BWcYlmJ5JeiYWjkYvAgpXiI3A9HazbwvhYV2sQh7"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15d3ad23807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1017 B 82ms
35ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap

Requested by

Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 11:39:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Apr 2024 11:56:57 GMT

GET
H2 200 alert-xxl.png
i.ibb.co/pyC2VvJ/ 5 KB
6 KB 89ms
29ms Image
image/png 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/pyC2VvJ/alert-xxl.png
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: baac89456a2d4dfdcdc14244fbe50a04ade7a401c82de605938a92e16f35c1af

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
last-modified: Mon, 07 Aug 2023 04:09:39 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5554
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo.png
dramago.pilotproxy.com/images/site/front/ 6 KB
7 KB 145ms
145ms Image
image/png 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/site/front/logo.png
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8c270a222d4ea5060f459455fa1ed841f5d2914088ab70376dca4818fb077c3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:57 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=999zRE8wBYv6KTFEe6X%2B8t0rPmrqH7mdMsyAedEunBH2Y5vKHXN14d%2BohZHV8BDqqo6JEUOVxmc8Vdi%2BJ0CNKnXykeMt4lzKMLYT4UG%2BRORr3DLWZLNoO1xulRG9CakiY%2BRRyhiXvlyCGHsFIrxeitiX8JHa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15d3ad33807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 Wx3cOET.png
i.imgur.com/ 16 KB
17 KB 85ms
26ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Wx3cOET.png

Requested by

Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

1a5287507000969e7faf619fe980370feaa72c4095a96d95b92a45c2e77e64fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 823685
x-amz-cf-pop: MIA3-P1
x-cache: Miss from cloudfront, HIT, HIT
content-length: 16632
x-served-by: cache-iad-kjyo7100108-IAD, cache-fra-etou8220078-FRA
last-modified: Tue, 31 Mar 2015 07:30:51 GMT
server: cat factory 1.0
x-timer: S1713182218.863248,VS0,VE1
etag: "645bb022553e7dc56b7956f301dac112"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: JR3Z5yVh6DiKXm0lHCUvDWwZDnNC_VMEJYow3u34EyRm83GlEt3QYw==
x-cache-hits: 2, 0

GET
H3 200 55.jpg
dramago.pilotproxy.com/images/series/small/ 27 KB
27 KB 105ms
105ms Image
image/jpeg 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/series/small/55.jpg
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 226f8eb683f887e8399cf714272101347c4ee6687580bac233ee47c3138c13ce

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:57 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zRsrMU8QKrxsQPmege4EaucDYxx9SEsXvHQrH1m8hZd5Oct6ECUotfjJawc3S9bnL4h3VoLra%2B2q23%2BXjFtPdJ6vBZVpM3phxAV6fO0DbEyIZsEGyczS0Z9H18VYJJLi9cABadxd%2F%2FZ2u%2Bn4EPdlcEJ3gOEF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dcb6f3807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 3235.jpg
dramago.pilotproxy.com/images/series/small/ 22 KB
23 KB 231ms
230ms Image
image/jpeg 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/series/small/3235.jpg
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ace53155e9e3393b23a06b0f109fe00b0a0e7a7da4241346d20738df326eac

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=naeC6SuX6JcHrADG8OiDaXEjEGkjGoeS9LWdWuV1CAqE%2Bklc3uvuJ0z83PxKFB6rD%2BUWkabaqshLu6sXQl6y%2FLTtgRIyI%2FdX21D%2FvpmAFVaNeDSFn%2B6pWJpM2Cx6JDR38L5kk%2FGkUr5ZN41KQkq%2BPv9uQqFU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfba13807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 3337.jpg
dramago.pilotproxy.com/images/series/small/ 22 KB
23 KB 118ms
116ms Image
image/jpeg 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/series/small/3337.jpg
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e2372c618a75bbeb38749ca44f1c123b46a53207825626276a2fe65b5196f48

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AQ8KhuxT8rG%2Fl1Z7kP9DhQhjtg%2FbluEts8tgLISLKQ1jIDGCOaYX75PAqvTd5s93jdit2lmdigMIa%2BWljajwweyprVwpH0B7iHNq6FKMnSijSam4idMDBmGVHQsEysu9Sn1l35j5%2BndN6PcbzZy178Ex3v8p"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfba23807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 2856.jpg
dramago.pilotproxy.com/images/series/small/ 22 KB
23 KB 757ms
755ms Image
image/jpeg 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/series/small/2856.jpg
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caca7fd4f75d35a1ad0aa48123255ff6bad837d18d248222eab972c2c49cd1dc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4KF%2B%2BVFFZhoOqvSqzBtnEUCQcPiGSMskU4SQ6wl5J5YzKIfHzZjYDJUL0shwF2s86B215HB3WH40HiwWGCmce7v9NL%2Ft8lsVbsh7e20dPEGYOMjroh8bJKvh3bPojtaSWNfk8YgMXuR%2F1wxGlbFzCXn%2Fvz3o"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfbaa3807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 kr.png
dramago.pilotproxy.com/images/site/front/ 3 KB
4 KB 415ms
413ms Image
image/png 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/site/front/kr.png
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f75959684dcee6ba752435f7bb6499618130e6dc586289587ea0f248a31013ce

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RHAclm%2FExQmsfb3%2FtBT9%2Brlkb2KtjzyR6Qj7s7nHy%2BurFHwaDbT%2FKr4InkD2m04EH%2B%2FLDZXQN%2BE6T4DvSInSkfeLoxFAtSe6A7k6tHJcS8oZ9NA60NoafUJmm7datuiezbjBioMuUOMUQrS5f8PgaWG4W2aK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfbac3807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 new_tag.png
dramago.pilotproxy.com/images/site/front/ 3 KB
3 KB 773ms
771ms Image
image/png 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/site/front/new_tag.png
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cba98d6ccdb9a6762990630a8473861b2c46c7e49f1b89e5e9e18a3bceffff3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IOJ7%2Bxr3nIZSS1VxDat5iIZIegiVCf9y1m5sN7ITux1craukOkKsfJLVm0p8Xp69WXJG3usRNroHWSRJcyN6bNlgYj5SK8bzn9Q%2FyNnbjzhRb07DaZRZEuJHvG%2F2SHfGskIhXAHslCCXffDVeeBLUEwW%2BZBC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfbad3807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 jp.png
dramago.pilotproxy.com/images/site/front/ 3 KB
4 KB 240ms
238ms Image
image/png 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/site/front/jp.png
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87acadcfb1e24f6c7907e0537654259c54033e9d5e577e382f5961576a0611d7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zmI6C0lkxLzGFHX2eeYIURUL6GZV0jAnQWckyg7AZBa7GuXi%2Fj1CPthhuACaBi0JeJXImTD5gr12fWd0tLjxhob%2Ff6i3hAQqXP%2BxhTveGZKDVhoNs67rTBBuESD0N%2FXsqCvBIvDK6CJ%2FFA7ZKBFbpHIUHpBO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfbae3807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 3419.jpg
dramago.pilotproxy.com/images/series/small/ 29 KB
30 KB 127ms
125ms Image
image/jpeg 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/series/small/3419.jpg
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 189c3219f73d0b18f5f3ccf27eae3118142618596ef0987acd290837c6e83472

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2eFnz9vBsLVG8Ui2TK%2Bq49sztXgB0PC0Wp7rxJYwx5oNGu6AkOjMVRiLLUpPBUK5CJlY6%2BfUAaezkQ6fWHeZP0XTDaYPTuoM%2F%2BgyReHXhXsmyftliwb7NZa2liScRXzUHNZ4AVsuKS6tNPPReLJus1rlvELI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfbaf3807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 3799.jpg
dramago.pilotproxy.com/images/series/small/ 19 KB
19 KB 246ms
244ms Image
image/jpeg 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/series/small/3799.jpg
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aa0d9201b513578164a2155c3f60f325f72aa52e647fa56fa4f94d96b3b30f0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtVV5T0dpFhl9OXziuFVPBHdF30wG56fZr8DHbMpnahu%2FT4QaeRQMOBXXMA8ZSimuDGlVaiChkZLN9HUadhVGBrEO2BJHbAvmSQ9c8uJcYjTB%2FBFtUus10lR6UvN5onECMMCR9WgipGeeVeIJtuEHgVp32P%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfbb03807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 3493.jpg
dramago.pilotproxy.com/images/series/small/ 22 KB
22 KB 139ms
137ms Image
image/jpeg 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/series/small/3493.jpg
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 001096083bc96396831a031b3cbd4859df5aea200bd1a07769fa1423e9dd6f3d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y6jU1DXKoD3Eu7O1phlz%2FXvXG4knz%2B58zPWFsSrmXXA5b3oNzJeMkfhY8Mu4%2Bsh4OTEzLCzklaWq2BdZjf%2FcrLp0EMhL%2Fx2fXxwWiZqs2%2F6n7xTrkI7qSExTuHe%2FbhJaTVXRdDScCmT5pQVDOslvg%2FjgHQK5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfbb13807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 7868.jpg
dramago.pilotproxy.com/images/series/small/ 24 KB
24 KB 640ms
638ms Image
image/jpeg 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/series/small/7868.jpg
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 374abd65d5b3f5b923a83b547dba6e82dcf8b23ebdc3c5d27b0c1e515ec4d528

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HTNfqbbdzuGuZKTNy1ACaFKeNFZX0ObXujVXPoQKpBN6zYTC7u%2BsHfyus4%2FioXSrIdn4VROtnDAKRARotfPbD9gNsR3rtt0zp892WR02pno32JHknlWm7AWI5EmJ%2Bd%2Fmm5iPcCwYpgeOCvBcb3LMjHnC%2Bmqn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfbb23807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 series_small_default.jpg
dramago.pilotproxy.com/images/site/front/ 4 KB
5 KB 120ms
119ms Image
image/jpeg 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/site/front/series_small_default.jpg
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b79a67ca98f24be20d74738bf31f2d1132840637f7f510e966d05b75a99ebece

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qmegGqJXGAm6OkCmf%2BEqgE9Et%2FNa1t%2BqUeGynEjY2%2BG4r%2Fs3q73ZFKhHRI7renCmst1SUrqsqLfyYDQKlTBFxm%2BlDVWwZk6KBfHs9K8h1vPsQTgF5lCkVMMG831ocU6Fu%2BrSD2TrvV9S%2F627UrNxLMcZPwGS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfbb43807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 7816.jpg
dramago.pilotproxy.com/images/series/small/ 28 KB
29 KB 655ms
653ms Image
image/jpeg 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/series/small/7816.jpg
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee94a69cc088936558fb23efd85a3a729518568319dc2c788a405a4744c6fca3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TSMqBFOKj3RTHh7vzRSyNR54NlffTNM1bAiTIy4YFvAZfO7hNtyeCEx9sQWL5LUcXXPbMKsfRZyV5jZImvCnlVAc99jsLm3Cx98BqrNYY7zcIA5wlKSrfM4D3rDYBYayIGP%2F3hU8HD0NXLIaAq1Gf6eERdqV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfbb73807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 7842.jpg
dramago.pilotproxy.com/images/series/small/ 22 KB
22 KB 445ms
443ms Image
image/jpeg 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/series/small/7842.jpg
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d27d4e5bb71037fe5d3ea3db4997eb1a94f8f4228ce667b9c7018e5ca4bacd27

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zb5Smseo%2FBVpQ6JQ8AZJW3mAZTrCvF%2BFO%2Bm0JJL%2BsoYhe4R%2FOhrX3tnW%2BBl0Y%2BBMMb3hBJUlAPvJEbZHBErXi8fGUvkDf1rqXrcwYKBaa40ORmVohLpn8B89zU1tWe0sqjWljccki4Ww1Q2VIowaSc60H1Jw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfbb93807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 7023.jpg
dramago.pilotproxy.com/images/series/small/ 25 KB
26 KB 696ms
694ms Image
image/jpeg 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/series/small/7023.jpg
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f161c3671a7321469787b2bd63b869c5b51cbfd3a5ab15c1cfe298b774f81016

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FPrtofOQoGmrKY4%2BO12xH2kUM5SCf6zzJVLO7oi%2FMeClmOd52GJ38TCdf1mI0Efbi5GKTleajomTvsJWUGQpxueWjoIToogakb27COOMEMpeZx57QkLdAOuvjxqakA4yOPc0pzGwWVP3evcgO1jJQUcK30TM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfbbb3807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 7253.jpg
dramago.pilotproxy.com/images/series/small/ 18 KB
18 KB 397ms
395ms Image
image/jpeg 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/series/small/7253.jpg
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c718f4e0a1bfa42263e50c127cb4854449a6e3c27b1839085e4e5ffa146be70

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UTtR%2F5O6KREYgrns9EwTGHdRNalNKnmyaww41Vgni9kuXjx0KirBb5aqwqkmXM4VIq7mR0lpMKvSb%2BZnWjvxhc16hDCXwWI%2FlW0AqS%2BDUTV2fl2WWOcOvlZEC0PuM5lNE1jXay4U5UpdrtsM8swgHvZVT6RU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfbbd3807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 7840.jpg
dramago.pilotproxy.com/images/series/small/ 19 KB
19 KB 240ms
238ms Image
image/jpeg 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/series/small/7840.jpg
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1423d1ffc6c23f65d0d37fbb4b3bf365c9f0b77919895342f3b2bc04b31c12c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iGF9FirsuH6T5EWFfmcPbz0NlbgixaioYbbYYpG%2BIBh%2FB6rJIFF01qX2A0nfkCN8Wu0RPmeqJd1o2Y7RE55SycDrXij24qipeYR3izMnw5%2BZLfjx6qS7LljPDjbWJyyBU4%2BXnAviYCoA91D6Xc4d5hjekEIy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfbbe3807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 7838.jpg
dramago.pilotproxy.com/images/series/small/ 20 KB
21 KB 738ms
736ms Image
image/jpeg 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/series/small/7838.jpg
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b37363969f2018529313207e21f4202f349a62a6d474a22d83d770b88bef2d3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zEqqzWDc%2BjU2glfS5PImxDt8u8OTXezF1auEn0toArcNxpyXzikqcFbNi0yda85NJve2Kq58LO2e3K7elF1zhpe49yDM0abEEMLwOWN6ISyGpT61hzcJPkPNK9haCwEpjrzVjL%2FhDoLMXT%2FBPi2JaqRwx9r3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfbbf3807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 7822.jpg
dramago.pilotproxy.com/images/series/small/ 12 KB
12 KB 259ms
257ms Image
image/jpeg 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/series/small/7822.jpg
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd0c0fcb49f34754511e1779a55e7b6d7a9b54d438140b36968f72008c597503

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jK1bhNLgu2o4LwZg%2BRhUti2MEwiPJs0fvTi2Y9sPHeAeplph81u8%2Fn2%2BYpvQPTcRhZbCtWeu63HQ6YP%2Bbmw%2BuQ5FbTicCbtIlqL1PpLuvp5%2FxUmggl6b9xcg4x4a9r%2Fg5CYBRlhqJSlDDGgRYUrlpPi53LU3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15dfbc13807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 apx19.js Show response
dramago.pilotproxy.com/app/ 9 KB
3 KB 81ms
79ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/app/apx19.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Sep 2020 18:46:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f610c23-23df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eX%2BpuPS4SfGzhkmP2F69d88upDEyR%2FhWfT%2FRhBiFWEJYaylbRfxYT6V8KW9ATh%2F5kcrtB5ZRWY9RCglMLdrZJHKW2D%2FJo0hC10j%2FgmdGrQG070DSZ2nGkYbuIx%2Bdlw%2FRXypGORZMkejxdho1vJ4HoZW7rgsj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba33807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 hy.js Show response
dramago.pilotproxy.com/ 55 KB
18 KB 104ms
101ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/hy.js?q22q2q2
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f240ce7fa62cd81d92f29081815f2cd2376ea6867887d17d5625009ebdf355b1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 Mar 2021 05:54:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"603dd31b-db43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9liNEMWzOQjNUdHpxpsaQZ%2FGF9XRkjn5nKKZB3FYCEZwB2%2Bxa4sneieu68e7lyXv90JTutEaw7SE6mRrgJ%2ByI6546Q9VBNaApINCf4Ih40lt%2FzmOx4FpinJUO%2FqpgkPqB32RN9XFkYK5tr81syblWnnMDYh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba53807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 zpp4.js Show response
dramago.pilotproxy.com/zpp/ 38 KB
15 KB 102ms
99ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/zpp/zpp4.js?q22q2q2
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a18b1964d1d209c46d754459b9ef98d4a9a85065e245f8311be727ffee3f960

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 Mar 2021 05:54:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"603dd31e-9853"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DrddvSBGBPk8OKFqaInuEad0pmqOhwaUC1EsdyJ9l%2BCgrCKaBTCYtdp1%2BMmpmDmAD0QqqzAT2dAtHV67SXsB%2BmdeF8%2Bzsl5HgJ6iHvk%2F9PoVOzYS1QtH%2FYuiDC160mufpRbyBe6tMqZGFw%2BXJsLtoQIRdeAM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba73807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 apx14.js Show response
dramago.pilotproxy.com/app/ 7 KB
3 KB 121ms
118ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/app/apx14.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc03bc8b63938916a73dd976e186d05559ddc61da2725e1063b7936fa9f0fc33

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Sep 2020 18:26:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f61074b-1def"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YjscUX4%2F5OYmDHWGJUjzf51Zz9JtiEtx4AHyqa%2F%2BVxm3%2BdaSSOw8AbMwxxOeLVynOWahWr4GScyymloOEPzFc1%2BzlTYjCJwGrKdGGS01oe6%2FLykCSquT6fH4Gz1CKy3AifU547sDihv2%2BZTIARoVds5guHj8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba83807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 x12.js Show response
dramago.pilotproxy.com/app/ 11 KB
4 KB 120ms
119ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/app/x12.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c753f7ffcb584d2ed43470ec9bdd30a4cd4723f368d83de6163413d5555102

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Sep 2020 18:26:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f61074a-2bac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sUihCFVJapJvMXTwKl%2BnbWNwcyOFnu23geK%2Fpb86HiKA3nqvHMCyCiY4LdL9fjfMt7W7202h%2FZszHIJOLG5xZ%2BG9yX9ecFEh%2BLYjqQkc5gNd4oV3eu2Ts%2FW458DiDBBp4uzyqXvzp2wAE0Ntz5lxzEeIkhnH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfbc23807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 qqqq.js Show response
theusualsuspectz.biz/j/m/ 47 KB
17 KB 151ms
51ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theusualsuspectz.biz/j/m/qqqq.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff391f38fc73325f58d0626b9415ac121f1461407d74e86ebddefd8180050d76

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Mar 2021 03:16:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3000064
etag: W/"603dadf6-bcdf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wyu48vPJwyV2%2Fq1vvQPOrpNSygTWVsAq0RoIxxjCANJZrhV11uTd2wY26qGlg5ARZHB5Gmd3cXtOtIA9NkxdwcD4Rt5NVb9LKZJebSBGUxS7vwi2lPTh8z8X6xE42REVGqaqhZQYIHro5i3GFhC5DuayqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 874bc15e98fb2a7d-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 403
Forbidden a286902791a7f4c98bcb1e812322cd78.js
heartilyscales.com/a2/86/90/ 0
0 325ms
107ms Script
application/javascript 172.240.108.68
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden 2200540f09f939738419313a1a090c32.js
demiseskill.com/22/00/54/ 0
0 362ms
118ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://demiseskill.com/22/00/54/2200540f09f939738419313a1a090c32.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden a032b4d33c8aea68a4f9b84235614bff.js
demiseskill.com/a0/32/b4/ 0
0 345ms
114ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://demiseskill.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK script.js Show response
vmuid.com/ 10 KB
10 KB 95ms
30ms Script
text/javascript 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:57 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Content-Type: text/javascript
Cache-Control: no-store, max-age=0
Connection: keep-alive
Content-Length: 10178

GET
H/1.1

200
OK

sdk.js Show response
pupspu.com/
Redirect Chain

https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8

57 KB
57 KB

119ms
54ms

Script
text/javascript

178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: HTTP/1.1
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 53a9118d2d944ade9a8ddcdf359508f9ab4dd8112ec3e19f87685eae48ca6338

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dramago.pilotproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 58330

Redirect headers

Date: Mon, 15 Apr 2024 11:56:57 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Access-Control-Allow-Origin: *
Location: https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H3 200 header_1.html Show response
dramago.pilotproxy.com/ads/ Frame 2B8D 10 KB
3 KB 312ms
310ms Document
text/html 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/ads/header_1.html
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bdc428cab691a7161217635bdbc1e4afa222c2cdca806bd62d79aadea6c2341

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dramago.pilotproxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 874bc15dfbbc3807-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Mon, 15 Apr 2024 11:56:58 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R1Gi%2Bz1XJOEUKWG9VAlyFn2MOk1kjhAQARjiCtRYEiqoUb51DO%2BulIhPCrECGWRFadtvHcRZJyIYrfnxXiG7zfG8VP3UnJDAYxHx3LrphyJXHTtI1z433BKG7eioORITvqN84K4T73zhcbN4MuLdbzfzixgx"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 eps_block_1.html Show response
dramago.pilotproxy.com/ads/ Frame 80C6 10 KB
3 KB 183ms
182ms Document
text/html 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4511e3140fed0adcd2b3f6c33431b2ef2f4830d112dc95e0d1e6c9eaac0da7fb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dramago.pilotproxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 874bc15dfbc43807-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Mon, 15 Apr 2024 11:56:58 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wQsGE2UEbGtFzL2h0VAYxzhadCpKHX6XA0ywMlROGmtRqVjKoneGQ5wegBoqOn4QSzS1eLSyPPHrF3LXugt%2FFt03w7fGEdcLARj1%2BB2cpZck666vZ%2F2VsQIL5Oy9TKOxDKJNB0WByVtMw5joJ41pYP1NGjLt"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 home_sidebar_1.html Show response
dramago.pilotproxy.com/ads/ Frame BA4F 10 KB
3 KB 514ms
513ms Document
text/html 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74a4aba23c4c141b26489e8d9c95acd2e8d4523b91448cacb072dd8d0701db19

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dramago.pilotproxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 874bc15dfbc63807-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Mon, 15 Apr 2024 11:56:58 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qq18E5FSH51eWFxR9uhbvwMD7u0wcoLm%2FxySmdQFdjxfHR5MUCZ0l0UtFOn2EelzexMLf2dtdhyZEQoh1f8DvE%2F0iBUFmbam7VKMebdGySq%2BQHfnWUasRKo6HvmKUwHueQynteW1uEuof4oBkdWzxuK7p0en"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 home_sidebar_1-2.html Show response
dramago.pilotproxy.com/ads/ Frame 6359 10 KB
3 KB 374ms
374ms Document
text/html 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5823c5ea88cd75e604d96948c31d38b1e227bdde70576cb1831301069e71fea4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dramago.pilotproxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 874bc15dfbc83807-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Mon, 15 Apr 2024 11:56:58 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTfuZhTirh%2BWnebShXRzmeMlmk7KARG3ibwGAFoVzOJEXSCRCre8GAUS85U3yCWvHgwlPRsEebqKMobms5rx5A5W23xmvmZBpbDaoHWhWV3LUoDHGMXVQX8pIAsnyTj31qiFSjOLyEYmIjblWWR2R7ygpB4h"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 210 KB
73 KB 312ms
184ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

54d1044a8258c14fd67d80b24fb8c98970aa37663a24c23426b012f121119fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Apr 2024 11:01:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6617c30c-1213b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 74043
expires: Mon, 15 Apr 2024 12:56:58 GMT

GET
H3 200 background_stripes.gif
dramago.pilotproxy.com/images/site/front/ 60 B
595 B 252ms
252ms Image
image/gif 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/site/front/background_stripes.gif
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/styles/front/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89c0230864a948d80b61c0123a93767351178639a417dabb72e688bb1c024b3f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/styles/front/main.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3aA%2BIfOLaqnKZQNnlFRZEFaeABOTzSqCHEnmQ45gld8RqqCuGPYunOG%2BdPXmJG13J5QSV8mOmVeKwnW6uu9woY%2BkSSrHaN24GVckZTY7NG6xcAt%2FEZldwOhZxMfUHW3GWBcy0%2BVvHQIqQUyGdHCKHWFL%2FSV4"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15e2be63807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 2945669509-sprites.png
dramago.pilotproxy.com/images/site/front/ 63 KB
63 KB 412ms
412ms Image
image/png 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramago.pilotproxy.com/images/site/front/2945669509-sprites.png
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/styles/front/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 737d477b4da559bb6d0f1ad3677592ad9681b04d3c093643a5ce8448d6fc24e6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/styles/front/main.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rHUVaYMi7Vjwvc08jZW7XIrIJR%2FALeQ9PQ5b2PH99p1Be2%2BKGV0KABQ4YCj6V7POUqQ239nBJS5aMCP8rAi2V%2Fq8tod%2FAdpPAH%2BiRPdhGJrthiOADxLcT9ekky3Lts6I6%2FcqgfO1ytnpjo3LKCirJdygXIQ0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 874bc15e2be93807-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 75ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://dramago.pilotproxy.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:50:46 GMT
x-content-type-options: nosniff
age: 201972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 03:50:46 GMT

POST
H3 200 user.php Show response
dramago.pilotproxy.com/ 0
423 B 155ms
155ms XHR
text/html 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/user.php
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://dramago.pilotproxy.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kv7AT8OU6DMd2IoO2XvsZzg7ZI0jC33GX4NHO1oEAh4iKfsFXKEEDXQc9NJ0ZCqYRFAOhzw7Op1WMr3v%2BsW6vFIw7JBLwQlJP266SwdPEITz8f7H0frazLeTzAbZBNhGIILqQL%2BUSn1ypo4BdxWZ05%2Bb5kAs"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 874bc15e3c0d3807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 matomo.js Show response
matomo.hellohi.me/ 64 KB
22 KB 88ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.hellohi.me/matomo.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1815
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Thu, 19 Oct 2023 04:58:52 GMT
server: cloudflare
etag: W/"6530b78c-10132"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Reykp%2FCE0gA7ibO4rr1J0Dqr%2FGx17o%2FiQzJeLp1ooZtDhxi1i0exu4huGo2I8i2yresJIV8IsQhpmSk3r7dievrt%2FmWU9qWFJmeltQ19c3IDTlp8HCLuRzlmLDxQyiowm2TU2MjaL7FdJ%2F3xso4SIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 874bc15e9b453a85-FRA
expires: Mon, 15 Apr 2024 12:26:43 GMT

GET
H3 200 / Show response
dramago.pilotproxy.com/helper-js/ 3 KB
1 KB 85ms
85ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/helper-js/
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/app/apx14.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b79104384bf691418e5d6a020e11e32c8014f3f53f4f9ad9b262fe8d10178230

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WG7cHBsm9yYLnWVzfnCIdYHXXj5utRbLp%2B1%2Bk6tcVdo8w0BHjT0eANnaQYW9qiUIRZk6r%2B9YdqAuDPXTi8cs7Jzs%2FxUNsgf3e%2Ft3VIAoFshhqsc7oAotgpnJqaDHY7l4lkR8TKJ3rTrlo2kyGepuR0B0kq9V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: s-maxage=0, max-age=0 no-cache, no-store, must-revalidate
cf-ray: 874bc15ecc893807-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

POST
H3 204 matomo.php
matomo.hellohi.me/ 0
0 129ms
128ms Ping
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.hellohi.me/matomo.php?action_name=Korean%20Drama%20%7C%20Korean%20Movies%20%7C%20Popular%20Drama%20%7C%20Watch%20Drama%20Online%20-%20DramaGo.com&idsite=1&rec=1&r=225329&h=13&m=56&s=58&url=https%3A%2F%2Fdramago.pilotproxy.com%2F&_id=b0aedee520526b2b&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=6aNTtG&pf_net=40&pf_srv=196&pf_tfr=24&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123.0.6312.122%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123.0.6312.122%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by: Host: matomo.hellohi.me
URL: https://matomo.hellohi.me/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

GET
H3 200 tag.js Show response
metrica-yandex.com/metrika/ Frame 80C6 59 KB
0 92ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrica-yandex.com/metrika/tag.js?1001
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e31460a6eacabdc5895ad2ad898a4a570ac88f2794c61ddce6b0beee304eb11

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 23:00:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2051131
etag: W/"61564186-eb6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzKODiRtKJLcqHOBKb7A8lkC4emJjoGTtkiK8z23XnhPWatK6WrLMiiTnHG5bQRliz1JOp6NYX9Ll9Z3JiEezWvs7wgAFKmtvAUkrPqNmzHdrwvy%2FLWaSyKKKXECUwdhJ7pCAI1jmh9rWF2MVy4WKbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 874bc15d997671b9-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 80C6 2 KB
0 82ms
35ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap

Requested by

Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 11:39:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Apr 2024 11:56:57 GMT

GET
H2 200 alert-xxl.png
i.ibb.co/pyC2VvJ/ Frame 80C6 5 KB
0 89ms
29ms Image
image/png 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/pyC2VvJ/alert-xxl.png
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: baac89456a2d4dfdcdc14244fbe50a04ade7a401c82de605938a92e16f35c1af

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
last-modified: Mon, 07 Aug 2023 04:09:39 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5554
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 apx19.js Show response
dramago.pilotproxy.com/app/ Frame 80C6 9 KB
0 81ms
79ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/app/apx19.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/eps_block_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Sep 2020 18:46:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f610c23-23df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eX%2BpuPS4SfGzhkmP2F69d88upDEyR%2FhWfT%2FRhBiFWEJYaylbRfxYT6V8KW9ATh%2F5kcrtB5ZRWY9RCglMLdrZJHKW2D%2FJo0hC10j%2FgmdGrQG070DSZ2nGkYbuIx%2Bdlw%2FRXypGORZMkejxdho1vJ4HoZW7rgsj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba33807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 hy.js Show response
dramago.pilotproxy.com/ Frame 80C6 55 KB
0 104ms
101ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/hy.js?q22q2q2
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f240ce7fa62cd81d92f29081815f2cd2376ea6867887d17d5625009ebdf355b1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/eps_block_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 Mar 2021 05:54:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"603dd31b-db43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9liNEMWzOQjNUdHpxpsaQZ%2FGF9XRkjn5nKKZB3FYCEZwB2%2Bxa4sneieu68e7lyXv90JTutEaw7SE6mRrgJ%2ByI6546Q9VBNaApINCf4Ih40lt%2FzmOx4FpinJUO%2FqpgkPqB32RN9XFkYK5tr81syblWnnMDYh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba53807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 zpp4.js Show response
dramago.pilotproxy.com/zpp/ Frame 80C6 38 KB
0 102ms
99ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/zpp/zpp4.js?q22q2q2
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a18b1964d1d209c46d754459b9ef98d4a9a85065e245f8311be727ffee3f960

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/eps_block_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 Mar 2021 05:54:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"603dd31e-9853"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DrddvSBGBPk8OKFqaInuEad0pmqOhwaUC1EsdyJ9l%2BCgrCKaBTCYtdp1%2BMmpmDmAD0QqqzAT2dAtHV67SXsB%2BmdeF8%2Bzsl5HgJ6iHvk%2F9PoVOzYS1QtH%2FYuiDC160mufpRbyBe6tMqZGFw%2BXJsLtoQIRdeAM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba73807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 apx14.js Show response
dramago.pilotproxy.com/app/ Frame 80C6 7 KB
0 121ms
118ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/app/apx14.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc03bc8b63938916a73dd976e186d05559ddc61da2725e1063b7936fa9f0fc33

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/eps_block_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Sep 2020 18:26:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f61074b-1def"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YjscUX4%2F5OYmDHWGJUjzf51Zz9JtiEtx4AHyqa%2F%2BVxm3%2BdaSSOw8AbMwxxOeLVynOWahWr4GScyymloOEPzFc1%2BzlTYjCJwGrKdGGS01oe6%2FLykCSquT6fH4Gz1CKy3AifU547sDihv2%2BZTIARoVds5guHj8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba83807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 x12.js Show response
dramago.pilotproxy.com/app/ Frame 80C6 11 KB
0 120ms
119ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/app/x12.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c753f7ffcb584d2ed43470ec9bdd30a4cd4723f368d83de6163413d5555102

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/eps_block_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Sep 2020 18:26:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f61074a-2bac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sUihCFVJapJvMXTwKl%2BnbWNwcyOFnu23geK%2Fpb86HiKA3nqvHMCyCiY4LdL9fjfMt7W7202h%2FZszHIJOLG5xZ%2BG9yX9ecFEh%2BLYjqQkc5gNd4oV3eu2Ts%2FW458DiDBBp4uzyqXvzp2wAE0Ntz5lxzEeIkhnH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfbc23807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 qqqq.js Show response
theusualsuspectz.biz/j/m/ Frame 80C6 47 KB
0 0ms
0ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theusualsuspectz.biz/j/m/qqqq.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff391f38fc73325f58d0626b9415ac121f1461407d74e86ebddefd8180050d76

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Mar 2021 03:16:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3000064
etag: W/"603dadf6-bcdf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wyu48vPJwyV2%2Fq1vvQPOrpNSygTWVsAq0RoIxxjCANJZrhV11uTd2wY26qGlg5ARZHB5Gmd3cXtOtIA9NkxdwcD4Rt5NVb9LKZJebSBGUxS7vwi2lPTh8z8X6xE42REVGqaqhZQYIHro5i3GFhC5DuayqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 874bc15e98fb2a7d-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 403
Forbidden a286902791a7f4c98bcb1e812322cd78.js
heartilyscales.com/a2/86/90/ Frame 80C6 0
0 237ms
107ms Script
application/javascript 172.240.108.68
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden 2200540f09f939738419313a1a090c32.js
demiseskill.com/22/00/54/ Frame 80C6 0
0 263ms
117ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://demiseskill.com/22/00/54/2200540f09f939738419313a1a090c32.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden a032b4d33c8aea68a4f9b84235614bff.js
demiseskill.com/a0/32/b4/ Frame 80C6 0
0 244ms
112ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://demiseskill.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK script.js Show response
vmuid.com/ Frame 80C6 10 KB
10 KB 34ms
34ms Script
text/javascript 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Content-Type: text/javascript
Cache-Control: no-store, max-age=0
Connection: keep-alive
Content-Length: 10178

GET
H/1.1

200
OK

sdk.js Show response
pupspu.com/ Frame 80C6
Redirect Chain

https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8

57 KB
57 KB

33ms
33ms

Script
text/javascript

178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Protocol: HTTP/1.1
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 53a9118d2d944ade9a8ddcdf359508f9ab4dd8112ec3e19f87685eae48ca6338

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dramago.pilotproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 58330

Redirect headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Access-Control-Allow-Origin: *
Location: https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET w2.js.php
ecma.sidebyz.com/j/m/ 0
0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 80C6 210 KB
0 124ms
124ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://mc.yandex.ru/metrika/tag.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 54d1044a8258c14fd67d80b24fb8c98970aa37663a24c23426b012f121119fa1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
last-modified: Thu, 11 Apr 2024 11:01:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6617c30c-1213b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 74043
expires: Mon, 15 Apr 2024 12:56:58 GMT

POST
H3 200 user.php Show response
dramago.pilotproxy.com/ Frame 80C6 0
420 B 117ms
117ms XHR
text/html 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/user.php
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://dramago.pilotproxy.com/ads/eps_block_1.html
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mwf2a0yea8WVP5Lt679R4RposFqvilGMhAToGKiUfxJ2bMvD3JmVaCFfxOOvL%2Bs6Ue7g8%2FOK8erTESOCrB2f9Hq9oAm5eEgqAo2R21WCT%2Fra3Pq2gKzcAqHBgYXKco4Y8QU6ZvM2My%2FNgFZsex8kc8Kn2ahp"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 874bc15f5d2b3807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 matomo.js Show response
matomo.hellohi.me/ Frame 80C6 64 KB
0 88ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.hellohi.me/matomo.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1815
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Thu, 19 Oct 2023 04:58:52 GMT
server: cloudflare
etag: W/"6530b78c-10132"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Reykp%2FCE0gA7ibO4rr1J0Dqr%2FGx17o%2FiQzJeLp1ooZtDhxi1i0exu4huGo2I8i2yresJIV8IsQhpmSk3r7dievrt%2FmWU9qWFJmeltQ19c3IDTlp8HCLuRzlmLDxQyiowm2TU2MjaL7FdJ%2F3xso4SIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 874bc15e9b453a85-FRA
expires: Mon, 15 Apr 2024 12:26:43 GMT

GET
H3 200 / Show response
dramago.pilotproxy.com/helper-js/ Frame 80C6 3 KB
1 KB 88ms
88ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/helper-js/
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/app/apx14.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22f95fc2a155317de43dc378b3a215b8b0275a00ca181d0b3b14f5335138974e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/eps_block_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njGGn5bxQ7mQSDQyzLHz6r%2Fjei4lCRasHXlZMD9rHN4WSM1UP99vadCtMYZwcjTkKbd4DqvfYb5aDStrGZqjSNnnBDBis9KaV8FwWKTmN6hCHDI7Zt7TQrwnYkEFFNMtFgLEvlDCHBQjK%2Bs6kUwV6%2FsGFnt%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: s-maxage=0, max-age=0 no-cache, no-store, must-revalidate
cf-ray: 874bc15f6d3c3807-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 80C6 15 KB
0 75ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

date: Sat, 13 Apr 2024 03:50:46 GMT
x-content-type-options: nosniff
age: 201972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 03:50:46 GMT

GET w2.js.php
ecma.sidebyz.com/j/m/ Frame 80C6 0
0

POST
H3 204 matomo.php
matomo.hellohi.me/ Frame 80C6 0
0 142ms
141ms Ping
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.hellohi.me/matomo.php?action_name=&idsite=1&rec=1&r=377808&h=13&m=56&s=58&url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Feps_block_1.html&urlref=https%3A%2F%2Fdramago.pilotproxy.com%2F&_id=b0aedee520526b2b&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=omWUdG&pf_net=0&pf_srv=181&pf_tfr=1&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123.0.6312.122%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123.0.6312.122%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by: Host: matomo.hellohi.me
URL: https://matomo.hellohi.me/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

GET
H3 200 tag.js Show response
metrica-yandex.com/metrika/ Frame 2B8D 59 KB
0 92ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrica-yandex.com/metrika/tag.js?1001
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e31460a6eacabdc5895ad2ad898a4a570ac88f2794c61ddce6b0beee304eb11

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 23:00:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2051131
etag: W/"61564186-eb6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzKODiRtKJLcqHOBKb7A8lkC4emJjoGTtkiK8z23XnhPWatK6WrLMiiTnHG5bQRliz1JOp6NYX9Ll9Z3JiEezWvs7wgAFKmtvAUkrPqNmzHdrwvy%2FLWaSyKKKXECUwdhJ7pCAI1jmh9rWF2MVy4WKbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 874bc15d997671b9-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2B8D 2 KB
0 82ms
35ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap

Requested by

Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 11:39:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Apr 2024 11:56:57 GMT

GET
H2 200 alert-xxl.png
i.ibb.co/pyC2VvJ/ Frame 2B8D 5 KB
0 89ms
29ms Image
image/png 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/pyC2VvJ/alert-xxl.png
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: baac89456a2d4dfdcdc14244fbe50a04ade7a401c82de605938a92e16f35c1af

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
last-modified: Mon, 07 Aug 2023 04:09:39 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5554
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 apx19.js Show response
dramago.pilotproxy.com/app/ Frame 2B8D 9 KB
0 81ms
79ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/app/apx19.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/header_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Sep 2020 18:46:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f610c23-23df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eX%2BpuPS4SfGzhkmP2F69d88upDEyR%2FhWfT%2FRhBiFWEJYaylbRfxYT6V8KW9ATh%2F5kcrtB5ZRWY9RCglMLdrZJHKW2D%2FJo0hC10j%2FgmdGrQG070DSZ2nGkYbuIx%2Bdlw%2FRXypGORZMkejxdho1vJ4HoZW7rgsj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba33807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 hy.js Show response
dramago.pilotproxy.com/ Frame 2B8D 55 KB
0 104ms
101ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/hy.js?q22q2q2
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f240ce7fa62cd81d92f29081815f2cd2376ea6867887d17d5625009ebdf355b1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/header_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 Mar 2021 05:54:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"603dd31b-db43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9liNEMWzOQjNUdHpxpsaQZ%2FGF9XRkjn5nKKZB3FYCEZwB2%2Bxa4sneieu68e7lyXv90JTutEaw7SE6mRrgJ%2ByI6546Q9VBNaApINCf4Ih40lt%2FzmOx4FpinJUO%2FqpgkPqB32RN9XFkYK5tr81syblWnnMDYh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba53807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 zpp4.js Show response
dramago.pilotproxy.com/zpp/ Frame 2B8D 38 KB
0 102ms
99ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/zpp/zpp4.js?q22q2q2
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a18b1964d1d209c46d754459b9ef98d4a9a85065e245f8311be727ffee3f960

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/header_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 Mar 2021 05:54:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"603dd31e-9853"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DrddvSBGBPk8OKFqaInuEad0pmqOhwaUC1EsdyJ9l%2BCgrCKaBTCYtdp1%2BMmpmDmAD0QqqzAT2dAtHV67SXsB%2BmdeF8%2Bzsl5HgJ6iHvk%2F9PoVOzYS1QtH%2FYuiDC160mufpRbyBe6tMqZGFw%2BXJsLtoQIRdeAM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba73807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 apx14.js Show response
dramago.pilotproxy.com/app/ Frame 2B8D 7 KB
0 121ms
118ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/app/apx14.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc03bc8b63938916a73dd976e186d05559ddc61da2725e1063b7936fa9f0fc33

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/header_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Sep 2020 18:26:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f61074b-1def"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YjscUX4%2F5OYmDHWGJUjzf51Zz9JtiEtx4AHyqa%2F%2BVxm3%2BdaSSOw8AbMwxxOeLVynOWahWr4GScyymloOEPzFc1%2BzlTYjCJwGrKdGGS01oe6%2FLykCSquT6fH4Gz1CKy3AifU547sDihv2%2BZTIARoVds5guHj8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba83807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 x12.js Show response
dramago.pilotproxy.com/app/ Frame 2B8D 11 KB
0 120ms
119ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/app/x12.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c753f7ffcb584d2ed43470ec9bdd30a4cd4723f368d83de6163413d5555102

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/header_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Sep 2020 18:26:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f61074a-2bac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sUihCFVJapJvMXTwKl%2BnbWNwcyOFnu23geK%2Fpb86HiKA3nqvHMCyCiY4LdL9fjfMt7W7202h%2FZszHIJOLG5xZ%2BG9yX9ecFEh%2BLYjqQkc5gNd4oV3eu2Ts%2FW458DiDBBp4uzyqXvzp2wAE0Ntz5lxzEeIkhnH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfbc23807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 qqqq.js Show response
theusualsuspectz.biz/j/m/ Frame 2B8D 47 KB
0 0ms
0ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theusualsuspectz.biz/j/m/qqqq.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff391f38fc73325f58d0626b9415ac121f1461407d74e86ebddefd8180050d76

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Mar 2021 03:16:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3000064
etag: W/"603dadf6-bcdf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wyu48vPJwyV2%2Fq1vvQPOrpNSygTWVsAq0RoIxxjCANJZrhV11uTd2wY26qGlg5ARZHB5Gmd3cXtOtIA9NkxdwcD4Rt5NVb9LKZJebSBGUxS7vwi2lPTh8z8X6xE42REVGqaqhZQYIHro5i3GFhC5DuayqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 874bc15e98fb2a7d-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 403
Forbidden a286902791a7f4c98bcb1e812322cd78.js
heartilyscales.com/a2/86/90/ Frame 2B8D 0
0 216ms
106ms Script
application/javascript 172.240.108.68
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden 2200540f09f939738419313a1a090c32.js
demiseskill.com/22/00/54/ Frame 2B8D 0
0 275ms
117ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://demiseskill.com/22/00/54/2200540f09f939738419313a1a090c32.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden a032b4d33c8aea68a4f9b84235614bff.js
demiseskill.com/a0/32/b4/ Frame 2B8D 0
0 249ms
112ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://demiseskill.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK script.js Show response
vmuid.com/ Frame 2B8D 10 KB
10 KB 42ms
41ms Script
text/javascript 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Content-Type: text/javascript
Cache-Control: no-store, max-age=0
Connection: keep-alive
Content-Length: 10178

GET
H/1.1

200
OK

sdk.js Show response
pupspu.com/ Frame 2B8D
Redirect Chain

https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8

57 KB
57 KB

28ms
28ms

Script
text/javascript

178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html
Protocol: HTTP/1.1
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 53a9118d2d944ade9a8ddcdf359508f9ab4dd8112ec3e19f87685eae48ca6338

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dramago.pilotproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 58330

Redirect headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Access-Control-Allow-Origin: *
Location: https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 2B8D 210 KB
0 18ms
18ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://mc.yandex.ru/metrika/tag.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 54d1044a8258c14fd67d80b24fb8c98970aa37663a24c23426b012f121119fa1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
last-modified: Thu, 11 Apr 2024 11:01:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6617c30c-1213b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 74043
expires: Mon, 15 Apr 2024 12:56:58 GMT

GET
H3 200 matomo.js Show response
matomo.hellohi.me/ Frame 2B8D 64 KB
0 88ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.hellohi.me/matomo.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1815
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Thu, 19 Oct 2023 04:58:52 GMT
server: cloudflare
etag: W/"6530b78c-10132"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Reykp%2FCE0gA7ibO4rr1J0Dqr%2FGx17o%2FiQzJeLp1ooZtDhxi1i0exu4huGo2I8i2yresJIV8IsQhpmSk3r7dievrt%2FmWU9qWFJmeltQ19c3IDTlp8HCLuRzlmLDxQyiowm2TU2MjaL7FdJ%2F3xso4SIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 874bc15e9b453a85-FRA
expires: Mon, 15 Apr 2024 12:26:43 GMT

GET
H3 200 / Show response
dramago.pilotproxy.com/helper-js/ Frame 2B8D 3 KB
1 KB 82ms
82ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/helper-js/
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/app/apx14.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 860c0d4e1babd3450e92c5819ccf15e23a679e671cdf213a9042ec0bdd4b8204

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/header_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5k0jTzAnsAwZY8pMS1ZE%2FlHlu1vGiwY%2FARFcSJPMngCaqRBG0DZKN3JXJ3mv7pk6SYL5ScF3XLh%2B5Oc6jE5Moc%2B4kGSDHmusdEFAxnzDZHeTt21Yko%2Fs2RgGIQgq3GjvbpUPkUY5B2QUg38TZM9%2BdVyywWK5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: s-maxage=0, max-age=0 no-cache, no-store, must-revalidate
cf-ray: 874bc1600e153807-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2B8D 15 KB
0 75ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

date: Sat, 13 Apr 2024 03:50:46 GMT
x-content-type-options: nosniff
age: 201972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 03:50:46 GMT

GET w2.js.php
ecma.sidebyz.com/j/m/ Frame 2B8D 0
0

POST
H3 204 matomo.php
matomo.hellohi.me/ Frame 2B8D 0
0 149ms
148ms Ping
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.hellohi.me/matomo.php?action_name=&idsite=1&rec=1&r=099010&h=13&m=56&s=58&url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fheader_1.html&urlref=https%3A%2F%2Fdramago.pilotproxy.com%2F&_id=b0aedee520526b2b&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=zLrf23&pf_net=0&pf_srv=310&pf_tfr=1&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123.0.6312.122%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123.0.6312.122%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by: Host: matomo.hellohi.me
URL: https://matomo.hellohi.me/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

POST
H/1.1 200
OK send Show response
vmuid.com/uid/ 65 B
702 B 29ms
29ms Fetch
application/json 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://vmuid.com/uid/send
Requested by: Host: vmuid.com
URL: https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8b1796bb293df2b7e2305ddd95e6fc0ad7413ce877276f61833ab0432ac405d1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryMBjCIqt0hXhXqm1H
Accept: application/json
Referer: https://dramago.pilotproxy.com/
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
Content-Type: application/json
Access-Control-Allow-Origin: https://dramago.pilotproxy.com
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie
Content-Length: 65

POST
H/1.1 200
OK hit
pupspu.com/ 2 B
391 B 65ms
35ms Ping
text/plain 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://pupspu.com/hit
Requested by: Host: origunix.com
URL: https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryqASwP6H6RAdvhplz

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

GET
H3 200 tag.js Show response
metrica-yandex.com/metrika/ Frame 6359 59 KB
0 92ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrica-yandex.com/metrika/tag.js?1001
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e31460a6eacabdc5895ad2ad898a4a570ac88f2794c61ddce6b0beee304eb11

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 23:00:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2051131
etag: W/"61564186-eb6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzKODiRtKJLcqHOBKb7A8lkC4emJjoGTtkiK8z23XnhPWatK6WrLMiiTnHG5bQRliz1JOp6NYX9Ll9Z3JiEezWvs7wgAFKmtvAUkrPqNmzHdrwvy%2FLWaSyKKKXECUwdhJ7pCAI1jmh9rWF2MVy4WKbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 874bc15d997671b9-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 6359 2 KB
0 82ms
35ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap

Requested by

Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 11:39:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Apr 2024 11:56:57 GMT

GET
H2 200 alert-xxl.png
i.ibb.co/pyC2VvJ/ Frame 6359 5 KB
0 89ms
29ms Image
image/png 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/pyC2VvJ/alert-xxl.png
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: baac89456a2d4dfdcdc14244fbe50a04ade7a401c82de605938a92e16f35c1af

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
last-modified: Mon, 07 Aug 2023 04:09:39 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5554
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 apx19.js Show response
dramago.pilotproxy.com/app/ Frame 6359 9 KB
0 81ms
79ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/app/apx19.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Sep 2020 18:46:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f610c23-23df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eX%2BpuPS4SfGzhkmP2F69d88upDEyR%2FhWfT%2FRhBiFWEJYaylbRfxYT6V8KW9ATh%2F5kcrtB5ZRWY9RCglMLdrZJHKW2D%2FJo0hC10j%2FgmdGrQG070DSZ2nGkYbuIx%2Bdlw%2FRXypGORZMkejxdho1vJ4HoZW7rgsj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba33807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 hy.js Show response
dramago.pilotproxy.com/ Frame 6359 55 KB
0 104ms
101ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/hy.js?q22q2q2
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f240ce7fa62cd81d92f29081815f2cd2376ea6867887d17d5625009ebdf355b1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 Mar 2021 05:54:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"603dd31b-db43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9liNEMWzOQjNUdHpxpsaQZ%2FGF9XRkjn5nKKZB3FYCEZwB2%2Bxa4sneieu68e7lyXv90JTutEaw7SE6mRrgJ%2ByI6546Q9VBNaApINCf4Ih40lt%2FzmOx4FpinJUO%2FqpgkPqB32RN9XFkYK5tr81syblWnnMDYh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba53807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 zpp4.js Show response
dramago.pilotproxy.com/zpp/ Frame 6359 38 KB
0 102ms
99ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/zpp/zpp4.js?q22q2q2
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a18b1964d1d209c46d754459b9ef98d4a9a85065e245f8311be727ffee3f960

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 Mar 2021 05:54:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"603dd31e-9853"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DrddvSBGBPk8OKFqaInuEad0pmqOhwaUC1EsdyJ9l%2BCgrCKaBTCYtdp1%2BMmpmDmAD0QqqzAT2dAtHV67SXsB%2BmdeF8%2Bzsl5HgJ6iHvk%2F9PoVOzYS1QtH%2FYuiDC160mufpRbyBe6tMqZGFw%2BXJsLtoQIRdeAM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba73807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 apx14.js Show response
dramago.pilotproxy.com/app/ Frame 6359 7 KB
0 121ms
118ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/app/apx14.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc03bc8b63938916a73dd976e186d05559ddc61da2725e1063b7936fa9f0fc33

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Sep 2020 18:26:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f61074b-1def"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YjscUX4%2F5OYmDHWGJUjzf51Zz9JtiEtx4AHyqa%2F%2BVxm3%2BdaSSOw8AbMwxxOeLVynOWahWr4GScyymloOEPzFc1%2BzlTYjCJwGrKdGGS01oe6%2FLykCSquT6fH4Gz1CKy3AifU547sDihv2%2BZTIARoVds5guHj8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba83807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 x12.js Show response
dramago.pilotproxy.com/app/ Frame 6359 11 KB
0 120ms
119ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/app/x12.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c753f7ffcb584d2ed43470ec9bdd30a4cd4723f368d83de6163413d5555102

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Sep 2020 18:26:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f61074a-2bac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sUihCFVJapJvMXTwKl%2BnbWNwcyOFnu23geK%2Fpb86HiKA3nqvHMCyCiY4LdL9fjfMt7W7202h%2FZszHIJOLG5xZ%2BG9yX9ecFEh%2BLYjqQkc5gNd4oV3eu2Ts%2FW458DiDBBp4uzyqXvzp2wAE0Ntz5lxzEeIkhnH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfbc23807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 qqqq.js Show response
theusualsuspectz.biz/j/m/ Frame 6359 47 KB
0 0ms
0ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theusualsuspectz.biz/j/m/qqqq.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff391f38fc73325f58d0626b9415ac121f1461407d74e86ebddefd8180050d76

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Mar 2021 03:16:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3000064
etag: W/"603dadf6-bcdf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wyu48vPJwyV2%2Fq1vvQPOrpNSygTWVsAq0RoIxxjCANJZrhV11uTd2wY26qGlg5ARZHB5Gmd3cXtOtIA9NkxdwcD4Rt5NVb9LKZJebSBGUxS7vwi2lPTh8z8X6xE42REVGqaqhZQYIHro5i3GFhC5DuayqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 874bc15e98fb2a7d-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 403
Forbidden a286902791a7f4c98bcb1e812322cd78.js
heartilyscales.com/a2/86/90/ Frame 6359 0
0 252ms
107ms Script
application/javascript 172.240.108.68
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden 2200540f09f939738419313a1a090c32.js
demiseskill.com/22/00/54/ Frame 6359 0
0 322ms
119ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://demiseskill.com/22/00/54/2200540f09f939738419313a1a090c32.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden a032b4d33c8aea68a4f9b84235614bff.js
demiseskill.com/a0/32/b4/ Frame 6359 0
0 288ms
112ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://demiseskill.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK script.js Show response
vmuid.com/ Frame 6359 10 KB
10 KB 40ms
34ms Script
text/javascript 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Content-Type: text/javascript
Cache-Control: no-store, max-age=0
Connection: keep-alive
Content-Length: 10178

GET
H/1.1

200
OK

sdk.js Show response
pupspu.com/ Frame 6359
Redirect Chain

https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8

57 KB
57 KB

30ms
29ms

Script
text/javascript

178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Protocol: HTTP/1.1
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 53a9118d2d944ade9a8ddcdf359508f9ab4dd8112ec3e19f87685eae48ca6338

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dramago.pilotproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 58330

Redirect headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Access-Control-Allow-Origin: *
Location: https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 6359 210 KB
0 2ms
2ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://mc.yandex.ru/metrika/tag.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 54d1044a8258c14fd67d80b24fb8c98970aa37663a24c23426b012f121119fa1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
last-modified: Thu, 11 Apr 2024 11:01:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6617c30c-1213b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 74043
expires: Mon, 15 Apr 2024 12:56:58 GMT

GET
H3 200 matomo.js Show response
matomo.hellohi.me/ Frame 6359 64 KB
0 88ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.hellohi.me/matomo.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1815
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Thu, 19 Oct 2023 04:58:52 GMT
server: cloudflare
etag: W/"6530b78c-10132"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Reykp%2FCE0gA7ibO4rr1J0Dqr%2FGx17o%2FiQzJeLp1ooZtDhxi1i0exu4huGo2I8i2yresJIV8IsQhpmSk3r7dievrt%2FmWU9qWFJmeltQ19c3IDTlp8HCLuRzlmLDxQyiowm2TU2MjaL7FdJ%2F3xso4SIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 874bc15e9b453a85-FRA
expires: Mon, 15 Apr 2024 12:26:43 GMT

GET
H3 200 / Show response
dramago.pilotproxy.com/helper-js/ Frame 6359 3 KB
1 KB 91ms
82ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/helper-js/
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/app/apx14.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deef969a908734bae992276dbc56de9b9b8d91d175f441e479134528de02ef01

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v1ejX3smCzZNBaBgQarynKCOCNKWYy63i8fq9U2RnkXzWIlAaTAjjQOkhKStgeBK2Ro%2BvdtLWZnsuhdW86OnBegKm2Zb68if%2FhgJv9MewSSfwJbb%2BeW5tNfDDp3NuExrcVGG82W%2FhwrKRO4PKrCQlyvjOqoJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: s-maxage=0, max-age=0 no-cache, no-store, must-revalidate
cf-ray: 874bc1609eb53807-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6359 15 KB
0 75ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

date: Sat, 13 Apr 2024 03:50:46 GMT
x-content-type-options: nosniff
age: 201972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 03:50:46 GMT

GET w2.js.php
ecma.sidebyz.com/j/m/ Frame 6359 0
0

POST
H3 204 matomo.php
matomo.hellohi.me/ Frame 6359 0
0 126ms
126ms Ping
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.hellohi.me/matomo.php?action_name=&idsite=1&rec=1&r=398950&h=13&m=56&s=58&url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1-2.html&urlref=https%3A%2F%2Fdramago.pilotproxy.com%2F&_id=b0aedee520526b2b&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=zTxACZ&pf_net=0&pf_srv=374&pf_tfr=2&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123.0.6312.122%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123.0.6312.122%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by: Host: matomo.hellohi.me
URL: https://matomo.hellohi.me/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10340.p6QU2f_OXWRsyOtZNdz8uLf7lKtvtxhpPXUAcK7sJMc_TY3S7ij25DeXDsZQ9XKO._NilRsKNA1iVqixzC3v7HRJxizw%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10340.weED0J2tqfGXgoP9lr0hQfNgKrjtPfIccSrL_9ogG9yDrC24tHTYy-Nz9tzch9DsXpEsxhzFjIgF4jgekZBzXtjhoFjPHk0gOQUpIM9w7gA4daLAtjiTJc4olCJUpVrJu16eZ12t38...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10340.mo7kU7ZZsOPxlliv-RlDcIout-wgexQA7dCavByui7XINGGh6Yy6RmPlBRxx2XRgoyrLyHBbg-wqKaMyRsKMbI1j8oeAIqkxzP0abPlSrzyd-...

43 B
598 B

62ms
62ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10340.mo7kU7ZZsOPxlliv-RlDcIout-wgexQA7dCavByui7XINGGh6Yy6RmPlBRxx2XRgoyrLyHBbg-wqKaMyRsKMbI1j8oeAIqkxzP0abPlSrzyd-Dj1Ecg7wrUdOlyx_BGh2Q6Km38byAgj5HJ5hthfaYLuS7D-Az7TxHnhs4GTPYpDWJS6u_xjK_Xb3wimdhz6IQ1SXM4cMF3ArGD8GvKoQA%2C%2C.Bbyrlbp4Q_HBflTgPfK7sThTLy4%2C

Requested by

Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dramago.pilotproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10340.mo7kU7ZZsOPxlliv-RlDcIout-wgexQA7dCavByui7XINGGh6Yy6RmPlBRxx2XRgoyrLyHBbg-wqKaMyRsKMbI1j8oeAIqkxzP0abPlSrzyd-Dj1Ecg7wrUdOlyx_BGh2Q6Km38byAgj5HJ5hthfaYLuS7D-Az7TxHnhs4GTPYpDWJS6u_xjK_Xb3wimdhz6IQ1SXM4cMF3ArGD8GvKoQA%2C%2C.Bbyrlbp4Q_HBflTgPfK7sThTLy4%2C
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

1 Show response
mc.yandex.com/watch/71463988/ Frame 2B8D
Redirect Chain

https://mc.yandex.com/watch/71463988?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fheader_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%2...
https://mc.yandex.com/watch/71463988/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fheader_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google...

448 B
484 B

72ms
71ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71463988/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fheader_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A519641415344%3Ahid%3A358016597%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A490853693%3Arqn%3A1%3Au%3A171318221815536274%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A359%3Awv%3A2%3Ads%3A0%2C0%2C311%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217904%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1

Requested by

Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

132e3cea5faccdbb5e6bb8a3550e587dc98e355b1485cb9b792cc1778446dc76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dramago.pilotproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 15-Apr-2024 11:56:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dramago.pilotproxy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 448
x-xss-protection: 1; mode=block
expires: Mon, 15-Apr-2024 11:56:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 15-Apr-2024 11:56:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/71463988/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fheader_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A519641415344%3Ahid%3A358016597%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A490853693%3Arqn%3A1%3Au%3A171318221815536274%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A359%3Awv%3A2%3Ads%3A0%2C0%2C311%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217904%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1
access-control-allow-origin: https://dramago.pilotproxy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 15-Apr-2024 11:56:58 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/90922181/ Frame 2B8D
Redirect Chain

https://mc.yandex.com/watch/90922181?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fheader_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%2...
https://mc.yandex.com/watch/90922181/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fheader_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google...

455 B
491 B

69ms
69ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90922181/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fheader_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A1256352543431%3Ahid%3A358016597%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A320902692%3Arqn%3A1%3Au%3A171318221815536274%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A359%3Awv%3A2%3Ads%3A0%2C0%2C311%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217904%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1

Requested by

Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/header_1.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

5cfbceb2165ffd52efd1d80d9a6e7edfcc0053d827fcfae0fb18a5f6e785b8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dramago.pilotproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 15-Apr-2024 11:56:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dramago.pilotproxy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 455
x-xss-protection: 1; mode=block
expires: Mon, 15-Apr-2024 11:56:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 15-Apr-2024 11:56:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/90922181/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fheader_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A1256352543431%3Ahid%3A358016597%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A320902692%3Arqn%3A1%3Au%3A171318221815536274%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A359%3Awv%3A2%3Ads%3A0%2C0%2C311%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217904%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1
access-control-allow-origin: https://dramago.pilotproxy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 15-Apr-2024 11:56:58 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
688 B 76ms
76ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Apr 2024 11:01:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6617c30c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 15 Apr 2024 12:56:58 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/71463988/ Frame 80C6
Redirect Chain

https://mc.yandex.com/watch/71463988?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Feps_block_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Googl...
https://mc.yandex.com/watch/71463988/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Feps_block_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Goo...

448 B
480 B

74ms
74ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71463988/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Feps_block_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A519641415344%3Ahid%3A436874538%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A293292221%3Arqn%3A3%3Au%3A171318221815536274%3Aw%3A468x60%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A260%3Awv%3A2%3Ads%3A0%2C0%2C182%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217905%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1

Requested by

Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

465d3291c162a9c40a15b420eaf81c103b27176103791e280fd2d2796bb844a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dramago.pilotproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 15-Apr-2024 11:56:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dramago.pilotproxy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 448
x-xss-protection: 1; mode=block
expires: Mon, 15-Apr-2024 11:56:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 15-Apr-2024 11:56:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/71463988/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Feps_block_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A519641415344%3Ahid%3A436874538%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A293292221%3Arqn%3A3%3Au%3A171318221815536274%3Aw%3A468x60%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A260%3Awv%3A2%3Ads%3A0%2C0%2C182%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217905%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1
access-control-allow-origin: https://dramago.pilotproxy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 15-Apr-2024 11:56:58 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/90922181/ Frame 80C6
Redirect Chain

https://mc.yandex.com/watch/90922181?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Feps_block_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Googl...
https://mc.yandex.com/watch/90922181/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Feps_block_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Goo...

455 B
487 B

64ms
63ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90922181/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Feps_block_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A1256352543431%3Ahid%3A436874538%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A417276647%3Arqn%3A3%3Au%3A171318221815536274%3Aw%3A468x60%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A260%3Awv%3A2%3Ads%3A0%2C0%2C182%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217905%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1

Requested by

Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/eps_block_1.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

4ba6a19065a2ccc630967186867119e22216595d5fa5e99ddd916053ea51fd41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dramago.pilotproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 15-Apr-2024 11:56:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dramago.pilotproxy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 455
x-xss-protection: 1; mode=block
expires: Mon, 15-Apr-2024 11:56:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 15-Apr-2024 11:56:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/90922181/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Feps_block_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A1256352543431%3Ahid%3A436874538%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A417276647%3Arqn%3A3%3Au%3A171318221815536274%3Aw%3A468x60%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A260%3Awv%3A2%3Ads%3A0%2C0%2C182%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217905%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1
access-control-allow-origin: https://dramago.pilotproxy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 15-Apr-2024 11:56:58 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/71463988/ Frame 6359
Redirect Chain

https://mc.yandex.com/watch/71463988?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1-2.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22...
https://mc.yandex.com/watch/71463988/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1-2.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%...

448 B
480 B

67ms
67ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71463988/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1-2.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A519641415344%3Ahid%3A702282938%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A932901675%3Arqn%3A4%3Au%3A171318221815536274%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A423%3Awv%3A2%3Ads%3A0%2C0%2C374%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217907%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1

Requested by

Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e78c64b27c4a622eec55ff412b66b92f664f234e486ff42d400219a074a5b277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dramago.pilotproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 15-Apr-2024 11:56:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dramago.pilotproxy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 448
x-xss-protection: 1; mode=block
expires: Mon, 15-Apr-2024 11:56:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 15-Apr-2024 11:56:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/71463988/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1-2.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A519641415344%3Ahid%3A702282938%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A932901675%3Arqn%3A4%3Au%3A171318221815536274%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A423%3Awv%3A2%3Ads%3A0%2C0%2C374%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217907%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1
access-control-allow-origin: https://dramago.pilotproxy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 15-Apr-2024 11:56:58 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/90922181/ Frame 6359
Redirect Chain

https://mc.yandex.com/watch/90922181?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1-2.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22...
https://mc.yandex.com/watch/90922181/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1-2.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%...

455 B
487 B

68ms
68ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90922181/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1-2.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A1256352543431%3Ahid%3A702282938%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A817985891%3Arqn%3A4%3Au%3A171318221815536274%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A423%3Awv%3A2%3Ads%3A0%2C0%2C374%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217907%3Anp%3AV2luMzI%3D%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1

Requested by

Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1-2.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0ce7564024fbff9e074515583e3bbc946982d42b3e9f7420347f2f75aa32ed0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dramago.pilotproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 15-Apr-2024 11:56:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dramago.pilotproxy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 455
x-xss-protection: 1; mode=block
expires: Mon, 15-Apr-2024 11:56:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 15-Apr-2024 11:56:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/90922181/1?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1-2.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A1256352543431%3Ahid%3A702282938%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A817985891%3Arqn%3A4%3Au%3A171318221815536274%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A423%3Awv%3A2%3Ads%3A0%2C0%2C374%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217907%3Anp%3AV2luMzI%3D%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037568%29aw%281%29rcm%280%29cdl%28na%29ti%281%29&redirnss=1
access-control-allow-origin: https://dramago.pilotproxy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 15-Apr-2024 11:56:58 GMT

POST
H/1.1 200
OK send Show response
vmuid.com/uid/ Frame 80C6 65 B
702 B 27ms
27ms Fetch
application/json 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://vmuid.com/uid/send
Requested by: Host: vmuid.com
URL: https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8b1796bb293df2b7e2305ddd95e6fc0ad7413ce877276f61833ab0432ac405d1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryZrB8bs0Fyp9unrG0
Accept: application/json
Referer: https://dramago.pilotproxy.com/
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
Content-Type: application/json
Access-Control-Allow-Origin: https://dramago.pilotproxy.com
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie
Content-Length: 65

POST
H/1.1 200
OK hit
pupspu.com/ Frame 80C6 2 B
391 B 37ms
37ms Ping
text/plain 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://pupspu.com/hit
Requested by: Host: origunix.com
URL: https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryQ4dGZ887ayefLjfY

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 80C6 43 B
0 67ms
67ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.com/metrika/advert.gif
Requested by: Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
last-modified: Thu, 11 Apr 2024 11:01:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6617c30c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 15 Apr 2024 12:56:58 GMT

GET
H3 200 tag.js Show response
metrica-yandex.com/metrika/ Frame BA4F 59 KB
0 92ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrica-yandex.com/metrika/tag.js?1001
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e31460a6eacabdc5895ad2ad898a4a570ac88f2794c61ddce6b0beee304eb11

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 23:00:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2051131
etag: W/"61564186-eb6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzKODiRtKJLcqHOBKb7A8lkC4emJjoGTtkiK8z23XnhPWatK6WrLMiiTnHG5bQRliz1JOp6NYX9Ll9Z3JiEezWvs7wgAFKmtvAUkrPqNmzHdrwvy%2FLWaSyKKKXECUwdhJ7pCAI1jmh9rWF2MVy4WKbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 874bc15d997671b9-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame BA4F 2 KB
0 82ms
35ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap

Requested by

Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 11:39:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Apr 2024 11:56:57 GMT

GET
H2 200 alert-xxl.png
i.ibb.co/pyC2VvJ/ Frame BA4F 5 KB
0 89ms
29ms Image
image/png 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/pyC2VvJ/alert-xxl.png
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: baac89456a2d4dfdcdc14244fbe50a04ade7a401c82de605938a92e16f35c1af

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
last-modified: Mon, 07 Aug 2023 04:09:39 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5554
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 apx19.js Show response
dramago.pilotproxy.com/app/ Frame BA4F 9 KB
0 81ms
79ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/app/apx19.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Sep 2020 18:46:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f610c23-23df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eX%2BpuPS4SfGzhkmP2F69d88upDEyR%2FhWfT%2FRhBiFWEJYaylbRfxYT6V8KW9ATh%2F5kcrtB5ZRWY9RCglMLdrZJHKW2D%2FJo0hC10j%2FgmdGrQG070DSZ2nGkYbuIx%2Bdlw%2FRXypGORZMkejxdho1vJ4HoZW7rgsj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba33807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 hy.js Show response
dramago.pilotproxy.com/ Frame BA4F 55 KB
0 104ms
101ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/hy.js?q22q2q2
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f240ce7fa62cd81d92f29081815f2cd2376ea6867887d17d5625009ebdf355b1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 Mar 2021 05:54:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"603dd31b-db43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9liNEMWzOQjNUdHpxpsaQZ%2FGF9XRkjn5nKKZB3FYCEZwB2%2Bxa4sneieu68e7lyXv90JTutEaw7SE6mRrgJ%2ByI6546Q9VBNaApINCf4Ih40lt%2FzmOx4FpinJUO%2FqpgkPqB32RN9XFkYK5tr81syblWnnMDYh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba53807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 zpp4.js Show response
dramago.pilotproxy.com/zpp/ Frame BA4F 38 KB
0 102ms
99ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/zpp/zpp4.js?q22q2q2
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a18b1964d1d209c46d754459b9ef98d4a9a85065e245f8311be727ffee3f960

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 Mar 2021 05:54:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"603dd31e-9853"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DrddvSBGBPk8OKFqaInuEad0pmqOhwaUC1EsdyJ9l%2BCgrCKaBTCYtdp1%2BMmpmDmAD0QqqzAT2dAtHV67SXsB%2BmdeF8%2Bzsl5HgJ6iHvk%2F9PoVOzYS1QtH%2FYuiDC160mufpRbyBe6tMqZGFw%2BXJsLtoQIRdeAM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba73807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 apx14.js Show response
dramago.pilotproxy.com/app/ Frame BA4F 7 KB
0 121ms
118ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/app/apx14.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc03bc8b63938916a73dd976e186d05559ddc61da2725e1063b7936fa9f0fc33

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Sep 2020 18:26:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f61074b-1def"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YjscUX4%2F5OYmDHWGJUjzf51Zz9JtiEtx4AHyqa%2F%2BVxm3%2BdaSSOw8AbMwxxOeLVynOWahWr4GScyymloOEPzFc1%2BzlTYjCJwGrKdGGS01oe6%2FLykCSquT6fH4Gz1CKy3AifU547sDihv2%2BZTIARoVds5guHj8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfba83807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 x12.js Show response
dramago.pilotproxy.com/app/ Frame BA4F 11 KB
0 120ms
119ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/app/x12.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c753f7ffcb584d2ed43470ec9bdd30a4cd4723f368d83de6163413d5555102

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Sep 2020 18:26:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f61074a-2bac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sUihCFVJapJvMXTwKl%2BnbWNwcyOFnu23geK%2Fpb86HiKA3nqvHMCyCiY4LdL9fjfMt7W7202h%2FZszHIJOLG5xZ%2BG9yX9ecFEh%2BLYjqQkc5gNd4oV3eu2Ts%2FW458DiDBBp4uzyqXvzp2wAE0Ntz5lxzEeIkhnH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 874bc15dfbc23807-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 qqqq.js Show response
theusualsuspectz.biz/j/m/ Frame BA4F 47 KB
0 0ms
0ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theusualsuspectz.biz/j/m/qqqq.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff391f38fc73325f58d0626b9415ac121f1461407d74e86ebddefd8180050d76

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Mar 2021 03:16:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3000064
etag: W/"603dadf6-bcdf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wyu48vPJwyV2%2Fq1vvQPOrpNSygTWVsAq0RoIxxjCANJZrhV11uTd2wY26qGlg5ARZHB5Gmd3cXtOtIA9NkxdwcD4Rt5NVb9LKZJebSBGUxS7vwi2lPTh8z8X6xE42REVGqaqhZQYIHro5i3GFhC5DuayqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 874bc15e98fb2a7d-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 403
Forbidden a286902791a7f4c98bcb1e812322cd78.js
heartilyscales.com/a2/86/90/ Frame BA4F 0
0 232ms
105ms Script
application/javascript 172.240.108.68
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden 2200540f09f939738419313a1a090c32.js
demiseskill.com/22/00/54/ Frame BA4F 0
0 317ms
121ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://demiseskill.com/22/00/54/2200540f09f939738419313a1a090c32.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden a032b4d33c8aea68a4f9b84235614bff.js
demiseskill.com/a0/32/b4/ Frame BA4F 0
0 278ms
114ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://demiseskill.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK script.js Show response
vmuid.com/ Frame BA4F 10 KB
10 KB 31ms
30ms Script
text/javascript 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Content-Type: text/javascript
Cache-Control: no-store, max-age=0
Connection: keep-alive
Content-Length: 10178

GET
H/1.1

200
OK

sdk.js Show response
pupspu.com/ Frame BA4F
Redirect Chain

https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8

57 KB
57 KB

27ms
27ms

Script
text/javascript

178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Protocol: HTTP/1.1
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 53a9118d2d944ade9a8ddcdf359508f9ab4dd8112ec3e19f87685eae48ca6338

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dramago.pilotproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 58330

Redirect headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: MISS
Access-Control-Allow-Origin: *
Location: https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame BA4F 210 KB
0 2ms
2ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://mc.yandex.ru/metrika/tag.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 54d1044a8258c14fd67d80b24fb8c98970aa37663a24c23426b012f121119fa1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
last-modified: Thu, 11 Apr 2024 11:01:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6617c30c-1213b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 74043
expires: Mon, 15 Apr 2024 12:56:58 GMT

GET
H3 200 matomo.js Show response
matomo.hellohi.me/ Frame BA4F 64 KB
0 88ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.hellohi.me/matomo.js
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1815
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Thu, 19 Oct 2023 04:58:52 GMT
server: cloudflare
etag: W/"6530b78c-10132"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Reykp%2FCE0gA7ibO4rr1J0Dqr%2FGx17o%2FiQzJeLp1ooZtDhxi1i0exu4huGo2I8i2yresJIV8IsQhpmSk3r7dievrt%2FmWU9qWFJmeltQ19c3IDTlp8HCLuRzlmLDxQyiowm2TU2MjaL7FdJ%2F3xso4SIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 874bc15e9b453a85-FRA
expires: Mon, 15 Apr 2024 12:26:43 GMT

GET
H3 200 / Show response
dramago.pilotproxy.com/helper-js/ Frame BA4F 3 KB
1 KB 80ms
79ms Script
application/javascript 2606:4700:3037::6815:4697
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramago.pilotproxy.com/helper-js/
Requested by: Host: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/app/apx14.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 974ac71cf9dd93b7dc1eedfc3b83b6eb4cbe666e472e8c1a668e80bd99f763d2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/ads/home_sidebar_1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IrxYjmG4n%2BPGENc9%2F6qeo%2BwBiajvO9Oa4PEmwrrFyXWwRYQSZ%2BHrPZ%2BTEDLXej3MKN%2F9q48Z940FmeGyINaGTkpfkIWzdSeH%2BN4Cbf4DM3tPfqjFbNqBuHI1TrFMDxkvwQNubNNcsHq30oNPSbBYvozH2%2B3X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: s-maxage=0, max-age=0 no-cache, no-store, must-revalidate
cf-ray: 874bc1614fb83807-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA4F 15 KB
0 75ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

date: Sat, 13 Apr 2024 03:50:46 GMT
x-content-type-options: nosniff
age: 201972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 03:50:46 GMT

GET w2.js.php
ecma.sidebyz.com/j/m/ Frame BA4F 0
0

GET
H2 200 71463988 Show response
mc.yandex.com/watch/ Frame BA4F 440 B
534 B 67ms
67ms Fetch
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71463988?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A519641415344%3Ahid%3A75501957%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A31054213%3Arqn%3A5%3Au%3A171318221815536274%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C513%2C2%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217906%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21037568)aw(1)rcm(0)cdl(na)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

baaf3e4fb1945720bc1d18997850dd0560dc925753bc7d1705dcdff400b0078c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 15-Apr-2024 11:56:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dramago.pilotproxy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 440
x-xss-protection: 1; mode=block
expires: Mon, 15-Apr-2024 11:56:58 GMT

GET
H2 200 90922181 Show response
mc.yandex.com/watch/ Frame BA4F 447 B
485 B 68ms
68ms Fetch
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90922181?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1.html&page-ref=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A1256352543431%3Ahid%3A75501957%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A339351203%3Arqn%3A5%3Au%3A171318221815536274%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C513%2C2%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217906%3Arqnl%3A1%3Ast%3A1713182218%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21037568)aw(1)rcm(0)cdl(na)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0b1316729f4cff625c54f01fb8fbadcd92f025e9d6a44fdf0151d38737748e36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 15-Apr-2024 11:56:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dramago.pilotproxy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Mon, 15-Apr-2024 11:56:58 GMT

POST
H3 204 matomo.php
matomo.hellohi.me/ Frame BA4F 0
0 158ms
158ms Ping
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.hellohi.me/matomo.php?action_name=&idsite=1&rec=1&r=143285&h=13&m=56&s=58&url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1.html&urlref=https%3A%2F%2Fdramago.pilotproxy.com%2F&_id=b0aedee520526b2b&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=VUiYZw&pf_net=0&pf_srv=513&pf_tfr=1&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123.0.6312.122%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123.0.6312.122%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by: Host: matomo.hellohi.me
URL: https://matomo.hellohi.me/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

POST
H/1.1 200
OK send Show response
vmuid.com/uid/ Frame 2B8D 65 B
702 B 27ms
27ms Fetch
application/json 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://vmuid.com/uid/send
Requested by: Host: vmuid.com
URL: https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8b1796bb293df2b7e2305ddd95e6fc0ad7413ce877276f61833ab0432ac405d1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryFxgolO9Rrj446VMm
Accept: application/json
Referer: https://dramago.pilotproxy.com/
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
Content-Type: application/json
Access-Control-Allow-Origin: https://dramago.pilotproxy.com
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie
Content-Length: 65

POST
H/1.1 200
OK hit
pupspu.com/ Frame 2B8D 2 B
391 B 34ms
33ms Ping
text/plain 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://pupspu.com/hit
Requested by: Host: origunix.com
URL: https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryOL1kmSMJNVqdGtyc

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 2B8D 43 B
0 67ms
67ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.com/metrika/advert.gif
Requested by: Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
last-modified: Thu, 11 Apr 2024 11:01:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6617c30c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 15 Apr 2024 12:56:58 GMT

POST
H/1.1 200
OK send Show response
vmuid.com/uid/ Frame 6359 65 B
702 B 29ms
29ms Fetch
application/json 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://vmuid.com/uid/send
Requested by: Host: vmuid.com
URL: https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8b1796bb293df2b7e2305ddd95e6fc0ad7413ce877276f61833ab0432ac405d1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryMmC8ThCGFMUofs9B
Accept: application/json
Referer: https://dramago.pilotproxy.com/
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
Content-Type: application/json
Access-Control-Allow-Origin: https://dramago.pilotproxy.com
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie
Content-Length: 65

POST
H/1.1 200
OK hit
pupspu.com/ Frame 6359 2 B
391 B 33ms
33ms Ping
text/plain 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://pupspu.com/hit
Requested by: Host: origunix.com
URL: https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryjfEqmPBTlD8iR8kR

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 6359 43 B
0 67ms
67ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.com/metrika/advert.gif
Requested by: Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
last-modified: Thu, 11 Apr 2024 11:01:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6617c30c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 15 Apr 2024 12:56:58 GMT

GET
H2 200 90922181 Show response
mc.yandex.com/watch/ 447 B
481 B 68ms
67ms Fetch
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90922181?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A2%3Adp%3A0%3Als%3A1256352543431%3Ahid%3A885161540%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A665452971%3Arqn%3A2%3Au%3A171318221815536274%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A413%3Awv%3A2%3Ads%3A15%2C24%2C196%2C25%2C0%2C0%2C%2C467%2C0%2C%2C%2C%2C728%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217549%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713182219%3At%3AKorean%20Drama%20%7C%20Korean%20Movies%20%7C%20Popular%20Drama%20%7C%20Watch%20Drama%20Online%20-%20DramaGo.com&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21037568)aw(1)rcm(1)cdl(na)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0352accdb42485dbd9f305d1bd439a698ae8b9975e5adbba2e5828872f2f7131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 15-Apr-2024 11:56:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dramago.pilotproxy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Mon, 15-Apr-2024 11:56:58 GMT

GET
H2 200 71463988 Show response
mc.yandex.com/watch/ 440 B
925 B 66ms
66ms Fetch
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71463988?wmode=7&page-url=https%3A%2F%2Fdramago.pilotproxy.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.122%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.122%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rwrs78bgaj3hvtz5y3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A519641415344%3Ahid%3A885161540%3Az%3A120%3Ai%3A20240415135658%3Aet%3A1713182218%3Ac%3A1%3Arn%3A911988560%3Arqn%3A2%3Au%3A171318221815536274%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A413%3Awv%3A2%3Ads%3A15%2C24%2C196%2C25%2C0%2C0%2C%2C467%2C0%2C%2C%2C%2C728%3Aco%3A0%3Acpf%3A1%3Ans%3A1713182217549%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713182219%3At%3AKorean%20Drama%20%7C%20Korean%20Movies%20%7C%20Popular%20Drama%20%7C%20Watch%20Drama%20Online%20-%20DramaGo.com&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21037568)aw(1)rcm(1)cdl(na)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e8f8c4ee62ac870508085f254855fdb6113a92a3b67119d49ceef3c4745599d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 11:56:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 15-Apr-2024 11:56:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dramago.pilotproxy.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 440
x-xss-protection: 1; mode=block
expires: Mon, 15-Apr-2024 11:56:58 GMT

POST
H/1.1 200
OK send Show response
vmuid.com/uid/ Frame BA4F 65 B
702 B 29ms
29ms Fetch
application/json 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://vmuid.com/uid/send
Requested by: Host: vmuid.com
URL: https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8b1796bb293df2b7e2305ddd95e6fc0ad7413ce877276f61833ab0432ac405d1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryjYg2Lp5Bu8ibAG2C
Accept: application/json
Referer: https://dramago.pilotproxy.com/
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
Content-Type: application/json
Access-Control-Allow-Origin: https://dramago.pilotproxy.com
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie
Content-Length: 65

POST
H/1.1 200
OK hit
pupspu.com/ Frame BA4F 2 B
391 B 35ms
35ms Ping
text/plain 178.162.215.162
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://pupspu.com/hit
Requested by: Host: origunix.com
URL: https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 178.162.215.162 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryQlFmy4BjkSx8JLkT

Response headers

Date: Mon, 15 Apr 2024 11:56:58 GMT
Server: nginx
Accept-Ch: Sec-CH-UA-Platform-Version
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame BA4F 43 B
0 67ms
67ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.com/metrika/advert.gif
Requested by: Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:56:58 GMT
last-modified: Thu, 11 Apr 2024 11:01:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6617c30c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 15 Apr 2024 12:56:58 GMT

POST
H3 204 matomo.php
matomo.hellohi.me/ 0
0 120ms
119ms Ping
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.hellohi.me/matomo.php?action_name=Korean%20Drama%20%7C%20Korean%20Movies%20%7C%20Popular%20Drama%20%7C%20Watch%20Drama%20Online%20-%20DramaGo.com&idsite=1&rec=1&r=801261&h=13&m=56&s=58&url=https%3A%2F%2Fdramago.pilotproxy.com%2F&_id=b0aedee520526b2b&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=omrKuf&pf_net=40&pf_srv=196&pf_tfr=24&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123.0.6312.122%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123.0.6312.122%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by: Host: matomo.hellohi.me
URL: https://matomo.hellohi.me/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

POST
H3 204 matomo.php
matomo.hellohi.me/ Frame 80C6 0
0 117ms
117ms Ping
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.hellohi.me/matomo.php?action_name=&idsite=1&rec=1&r=897809&h=13&m=56&s=58&url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Feps_block_1.html&urlref=https%3A%2F%2Fdramago.pilotproxy.com%2F&_id=b0aedee520526b2b&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=Q5LR98&pf_net=0&pf_srv=181&pf_tfr=1&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123.0.6312.122%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123.0.6312.122%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by: Host: matomo.hellohi.me
URL: https://matomo.hellohi.me/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

POST
H3 204 matomo.php
matomo.hellohi.me/ Frame 2B8D 0
0 128ms
127ms Ping
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.hellohi.me/matomo.php?action_name=&idsite=1&rec=1&r=393014&h=13&m=56&s=58&url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fheader_1.html&urlref=https%3A%2F%2Fdramago.pilotproxy.com%2F&_id=b0aedee520526b2b&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=83hqFS&pf_net=0&pf_srv=310&pf_tfr=1&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123.0.6312.122%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123.0.6312.122%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by: Host: matomo.hellohi.me
URL: https://matomo.hellohi.me/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

POST
H3 204 matomo.php
matomo.hellohi.me/ Frame 6359 0
0 112ms
111ms Ping
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.hellohi.me/matomo.php?action_name=&idsite=1&rec=1&r=659313&h=13&m=56&s=58&url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1-2.html&urlref=https%3A%2F%2Fdramago.pilotproxy.com%2F&_id=b0aedee520526b2b&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=SMk5iq&pf_net=0&pf_srv=374&pf_tfr=2&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123.0.6312.122%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123.0.6312.122%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by: Host: matomo.hellohi.me
URL: https://matomo.hellohi.me/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

POST
H3 204 matomo.php
matomo.hellohi.me/ Frame BA4F 0
0 115ms
114ms Ping
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.hellohi.me/matomo.php?action_name=&idsite=1&rec=1&r=394092&h=13&m=56&s=58&url=https%3A%2F%2Fdramago.pilotproxy.com%2Fads%2Fhome_sidebar_1.html&urlref=https%3A%2F%2Fdramago.pilotproxy.com%2F&_id=b0aedee520526b2b&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=SfeV2J&pf_net=0&pf_srv=513&pf_tfr=1&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123.0.6312.122%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123.0.6312.122%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by: Host: matomo.hellohi.me
URL: https://matomo.hellohi.me/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://dramago.pilotproxy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

GET favicon.gif
dramago.pilotproxy.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ecma.sidebyz.com
URL: https://ecma.sidebyz.com/j/m/w2.js.php

Domain: ecma.sidebyz.com
URL: https://ecma.sidebyz.com/j/m/w2.js.php

Domain: ecma.sidebyz.com
URL: https://ecma.sidebyz.com/j/m/w2.js.php

Domain: ecma.sidebyz.com
URL: https://ecma.sidebyz.com/j/m/w2.js.php

Domain: ecma.sidebyz.com
URL: https://ecma.sidebyz.com/j/m/w2.js.php

Domain: dramago.pilotproxy.com
URL: https://dramago.pilotproxy.com/favicon.gif

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dramago.pilotproxy.com/images/series/small	1970-01-20 19:54:28	Name: view Value: 1
dramago.pilotproxy.com/images/site/front	1970-01-20 19:54:28	Name: view Value: 1
dramago.pilotproxy.com/styles/front	1970-01-20 19:54:28	Name: view Value: 1
dramago.pilotproxy.com/styles	1970-01-20 19:54:28	Name: view Value: 1
dramago.pilotproxy.com/ads	1970-01-20 19:54:28	Name: view Value: 1
dramago.pilotproxy.com/	1970-01-20 19:54:28	Name: view Value: 1
dramago.pilotproxy.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5dfqvgkkq6geiihgdhno1gd7bc
dramago.pilotproxy.com/	1970-01-21 05:18:57	Name: _pk_id.1.aede Value: b0aedee520526b2b.1713182218.
dramago.pilotproxy.com/	1970-01-20 19:53:04	Name: _pk_ses.1.aede Value: 1
dramago.pilotproxy.com/	1970-01-20 19:54:28	Name: prefix_views_counter Value: 1
.yandex.ru/	1970-01-21 04:38:38	Name: yashr Value: 9635166801713182218
mc.yandex.ru/	1970-01-21 04:38:38	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTIzIiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjMiKgI/MDoHIldpbjMyIg==
.vmuid.com/	1970-01-21 05:29:02	Name: guid Value: 67dfda72-59ba-4c3f-9d21-9cd31d30557a
pupspu.com/	1970-01-20 19:54:28	Name: av_sw_hit Value: 1
.pilotproxy.com/	1970-01-21 04:38:38	Name: _ym_uid Value: 171318221815536274
.pilotproxy.com/	1970-01-21 04:38:38	Name: _ym_d Value: 1713182218
.mc.yandex.com/	1970-01-20 19:53:02	Name: sync_cookie_csrf Value: 2316932541fake
mc.yandex.com/	1970-01-21 04:38:38	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTIzIiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjMiKgI/MDoHIldpbjMyIg==
.yandex.com/	1970-01-21 04:38:38	Name: ymex Value: 1744718218.yrts.1713182218#1744718218.yrtsi.1713182218
.yandex.com/	1970-01-21 04:38:38	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 04:38:38	Name: bh Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTIzIiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTIzIhoFIng4NiIiECIxMjMuMC42MzEyLjEyMiIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJbIkdvb2dsZSBDaHJvbWUiO3Y9IjEyMy4wLjYzMTIuMTIyIiwiTm90OkEtQnJhbmQiO3Y9IjguMC4wLjAiLCJDaHJvbWl1bSI7dj0iMTIzLjAuNjMxMi4xMjIiIg==
.yandex.com/	1970-01-21 04:38:38	Name: yashr Value: 2293592641713182218
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 539223031713182218
.yandex.com/	1970-01-21 05:29:02	Name: i Value: qqOfiSP3QuGEbPhz0SabgvKNSZv+z0KUhoIld2S4XPKnKDu3mGMa1jbQvbDDA8rS2HZH6r6t/uVQf9NQdWC+WeXL8XM=
.yandex.com/	1970-01-21 05:29:02	Name: yandexuid Value: 5798398391713182218
.yandex.com/	1970-01-21 04:38:38	Name: yuidss Value: 5798398391713182218
.pilotproxy.com/	1970-01-20 19:54:14	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 19:53:02	Name: sync_cookie_csrf Value: 2939152910fake
.mc.yandex.com/	1970-01-20 19:54:28	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 05:29:02	Name: yandexuid Value: 5798398391713182218
.yandex.ru/	1970-01-21 05:29:02	Name: yuidss Value: 5798398391713182218
.yandex.ru/	1970-01-21 05:29:02	Name: i Value: qqOfiSP3QuGEbPhz0SabgvKNSZv+z0KUhoIld2S4XPKnKDu3mGMa1jbQvbDDA8rS2HZH6r6t/uVQf9NQdWC+WeXL8XM=
.yandex.ru/	1970-01-21 05:29:02	Name: yp Value: 1713268618.yu.6233894301713182218
.yandex.ru/	1970-01-21 04:38:38	Name: ymex Value: 1715774218.oyu.6233894301713182218

209 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://demiseskill.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://demiseskill.com/22/00/54/2200540f09f939738419313a1a090c32.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://demiseskill.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://demiseskill.com/22/00/54/2200540f09f939738419313a1a090c32.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://demiseskill.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://demiseskill.com/22/00/54/2200540f09f939738419313a1a090c32.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://demiseskill.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://demiseskill.com/22/00/54/2200540f09f939738419313a1a090c32.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://demiseskill.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://demiseskill.com/22/00/54/2200540f09f939738419313a1a090c32.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dramago.pilotproxy.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

demiseskill.com
dramago.pilotproxy.com
ecma.sidebyz.com
fonts.googleapis.com
fonts.gstatic.com
heartilyscales.com
i.ibb.co
i.imgur.com
matomo.hellohi.me
mc.yandex.com
mc.yandex.ru
metrica-yandex.com
origunix.com
pupspu.com
theusualsuspectz.biz
vmuid.com
dramago.pilotproxy.com
ecma.sidebyz.com
146.75.120.193
162.19.58.159
172.240.108.68
178.162.215.162
192.243.59.20
2606:4700:3037::6815:4697
2a00:1450:4001:806::200a
2a00:1450:4001:82f::2003
2a02:6b8::1:119
2a06:98c1:3120::3
2a06:98c1:3121::3
001096083bc96396831a031b3cbd4859df5aea200bd1a07769fa1423e9dd6f3d
0352accdb42485dbd9f305d1bd439a698ae8b9975e5adbba2e5828872f2f7131
0b1316729f4cff625c54f01fb8fbadcd92f025e9d6a44fdf0151d38737748e36
0ce7564024fbff9e074515583e3bbc946982d42b3e9f7420347f2f75aa32ed0b
132e3cea5faccdbb5e6bb8a3550e587dc98e355b1485cb9b792cc1778446dc76
189c3219f73d0b18f5f3ccf27eae3118142618596ef0987acd290837c6e83472
1a5287507000969e7faf619fe980370feaa72c4095a96d95b92a45c2e77e64fb
1b37363969f2018529313207e21f4202f349a62a6d474a22d83d770b88bef2d3
226f8eb683f887e8399cf714272101347c4ee6687580bac233ee47c3138c13ce
22f95fc2a155317de43dc378b3a215b8b0275a00ca181d0b3b14f5335138974e
2cba98d6ccdb9a6762990630a8473861b2c46c7e49f1b89e5e9e18a3bceffff3
374abd65d5b3f5b923a83b547dba6e82dcf8b23ebdc3c5d27b0c1e515ec4d528
3a18b1964d1d209c46d754459b9ef98d4a9a85065e245f8311be727ffee3f960
3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a
3c718f4e0a1bfa42263e50c127cb4854449a6e3c27b1839085e4e5ffa146be70
4511e3140fed0adcd2b3f6c33431b2ef2f4830d112dc95e0d1e6c9eaac0da7fb
465d3291c162a9c40a15b420eaf81c103b27176103791e280fd2d2796bb844a0
4ba6a19065a2ccc630967186867119e22216595d5fa5e99ddd916053ea51fd41
53a9118d2d944ade9a8ddcdf359508f9ab4dd8112ec3e19f87685eae48ca6338
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d1044a8258c14fd67d80b24fb8c98970aa37663a24c23426b012f121119fa1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5823c5ea88cd75e604d96948c31d38b1e227bdde70576cb1831301069e71fea4
58c753f7ffcb584d2ed43470ec9bdd30a4cd4723f368d83de6163413d5555102
5cfbceb2165ffd52efd1d80d9a6e7edfcc0053d827fcfae0fb18a5f6e785b8fe
5e31460a6eacabdc5895ad2ad898a4a570ac88f2794c61ddce6b0beee304eb11
6e2372c618a75bbeb38749ca44f1c123b46a53207825626276a2fe65b5196f48
737d477b4da559bb6d0f1ad3677592ad9681b04d3c093643a5ce8448d6fc24e6
74a4aba23c4c141b26489e8d9c95acd2e8d4523b91448cacb072dd8d0701db19
7bdc428cab691a7161217635bdbc1e4afa222c2cdca806bd62d79aadea6c2341
838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa
860c0d4e1babd3450e92c5819ccf15e23a679e671cdf213a9042ec0bdd4b8204
87acadcfb1e24f6c7907e0537654259c54033e9d5e577e382f5961576a0611d7
89c0230864a948d80b61c0123a93767351178639a417dabb72e688bb1c024b3f
8b1796bb293df2b7e2305ddd95e6fc0ad7413ce877276f61833ab0432ac405d1
974ac71cf9dd93b7dc1eedfc3b83b6eb4cbe666e472e8c1a668e80bd99f763d2
9aa0d9201b513578164a2155c3f60f325f72aa52e647fa56fa4f94d96b3b30f0
a1423d1ffc6c23f65d0d37fbb4b3bf365c9f0b77919895342f3b2bc04b31c12c
b31261d20d04c64b9bd5a51834124105e4c52fb1327db4f349858d98e2103755
b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48
b78035f2b14cfd6874f12c9ea2de0d9d7b2887cc2987e7e0baedcbbeddde7b3f
b79104384bf691418e5d6a020e11e32c8014f3f53f4f9ad9b262fe8d10178230
b79a67ca98f24be20d74738bf31f2d1132840637f7f510e966d05b75a99ebece
baac89456a2d4dfdcdc14244fbe50a04ade7a401c82de605938a92e16f35c1af
baaf3e4fb1945720bc1d18997850dd0560dc925753bc7d1705dcdff400b0078c
c5ace53155e9e3393b23a06b0f109fe00b0a0e7a7da4241346d20738df326eac
caca7fd4f75d35a1ad0aa48123255ff6bad837d18d248222eab972c2c49cd1dc
d27d4e5bb71037fe5d3ea3db4997eb1a94f8f4228ce667b9c7018e5ca4bacd27
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
dc03bc8b63938916a73dd976e186d05559ddc61da2725e1063b7936fa9f0fc33
dd0c0fcb49f34754511e1779a55e7b6d7a9b54d438140b36968f72008c597503
deef969a908734bae992276dbc56de9b9b8d91d175f441e479134528de02ef01
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78c64b27c4a622eec55ff412b66b92f664f234e486ff42d400219a074a5b277
e8f8c4ee62ac870508085f254855fdb6113a92a3b67119d49ceef3c4745599d8
ec3a5f9cc57ff0c9fa0b45e2bfea8b85d92b41543def7dc96084d3661d6f0033
ee94a69cc088936558fb23efd85a3a729518568319dc2c788a405a4744c6fca3
f161c3671a7321469787b2bd63b869c5b51cbfd3a5ab15c1cfe298b774f81016
f240ce7fa62cd81d92f29081815f2cd2376ea6867887d17d5625009ebdf355b1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75959684dcee6ba752435f7bb6499618130e6dc586289587ea0f248a31013ce
f8c270a222d4ea5060f459455fa1ed841f5d2914088ab70376dca4818fb077c3
ff391f38fc73325f58d0626b9415ac121f1461407d74e86ebddefd8180050d76

dramago.pilotproxy.com Open in urlscan Pro 2606:4700:3037::6815:4697 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

164 Requests

89 %HTTPS

55 %IPv6

16 Domains

16 Subdomains

12 IPs

4 Countries

1021 kBTransfer

3516 kBSize

34 Cookies

0 Outgoing links

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dramago.pilotproxy.com Open in urlscan Pro
2606:4700:3037::6815:4697 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

89 %
HTTPS

55 %
IPv6

16
Domains

16
Subdomains

12
IPs

4
Countries

1021 kB
Transfer

3516 kB
Size

34
Cookies

164 HTTP transactions
0 data transactions